From cbc11e844ed6c093ad0715d3d642026a624b4dd3 Mon Sep 17 00:00:00 2001 From: Evan Rusackas Date: Mon, 29 Jan 2024 15:57:12 -0700 Subject: [PATCH 1/3] chore(dependabot): auto-update lockfiles for monorepo package bumps --- .../workflows/update-monorepo-lockfiles.yml | 41 +++++++++++++++++++ 1 file changed, 41 insertions(+) create mode 100644 .github/workflows/update-monorepo-lockfiles.yml diff --git a/.github/workflows/update-monorepo-lockfiles.yml b/.github/workflows/update-monorepo-lockfiles.yml new file mode 100644 index 0000000000000..a5dc0e02f95a9 --- /dev/null +++ b/.github/workflows/update-monorepo-lockfiles.yml @@ -0,0 +1,41 @@ +name: Update Lockfiles for Dependabot Monorepo PRs + +on: + pull_request: + branches: + - main + paths: + - 'superset-frontend/packages/**/package.json' + - 'superset-frontend/plugins/**/package.json' + # Trigger this workflow when Dependabot creates a pull request + types: [opened, synchronize, reopened] + +jobs: + update-lock-file: + runs-on: ubuntu-latest + if: github.actor == 'dependabot[bot]' # Ensure it only runs for Dependabot PRs + defaults: + run: + working-directory: superset-frontend + steps: + - name: Checkout Code + uses: actions/checkout@v2 + with: + ref: ${{ github.head_ref }} # Checkout the branch that made the PR + + - name: Set up Node.js + uses: actions/setup-node@v2 + with: + node-version: '16' + + - name: Install Dependencies and Update Lock File + run: | + npm install + + - name: Commit and Push Changes + run: | + git config user.name "GitHub-Actions[bot]" + git config user.email "github-actions[bot]@users.noreply.github.com" + git add package-lock.json + git commit -m "Update lock file for Dependabot PR" -a # Commit the changes + git push # Push the changes back to the branch From 29e6f52a8030b523824fab4e9c97cf3eee4aee22 Mon Sep 17 00:00:00 2001 From: Evan Rusackas Date: Mon, 29 Jan 2024 16:47:32 -0700 Subject: [PATCH 2/3] updates made after testing on another PR. --- .github/workflows/update-monorepo-lockfiles.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/.github/workflows/update-monorepo-lockfiles.yml b/.github/workflows/update-monorepo-lockfiles.yml index a5dc0e02f95a9..47202024d925f 100644 --- a/.github/workflows/update-monorepo-lockfiles.yml +++ b/.github/workflows/update-monorepo-lockfiles.yml @@ -2,8 +2,6 @@ name: Update Lockfiles for Dependabot Monorepo PRs on: pull_request: - branches: - - main paths: - 'superset-frontend/packages/**/package.json' - 'superset-frontend/plugins/**/package.json' @@ -13,7 +11,7 @@ on: jobs: update-lock-file: runs-on: ubuntu-latest - if: github.actor == 'dependabot[bot]' # Ensure it only runs for Dependabot PRs + if: github.event.pull_request.user.login == 'dependabot[bot]' # Ensure it only runs for Dependabot PRs defaults: run: working-directory: superset-frontend From 81e4389f7e8063d5155d58a152034c9b8f845b5f Mon Sep 17 00:00:00 2001 From: Maxime Beauchemin Date: Mon, 29 Jan 2024 17:07:57 -0800 Subject: [PATCH 3/3] trigger only on opened --- .github/workflows/update-monorepo-lockfiles.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/update-monorepo-lockfiles.yml b/.github/workflows/update-monorepo-lockfiles.yml index 47202024d925f..3a4919a4a6e56 100644 --- a/.github/workflows/update-monorepo-lockfiles.yml +++ b/.github/workflows/update-monorepo-lockfiles.yml @@ -6,7 +6,7 @@ on: - 'superset-frontend/packages/**/package.json' - 'superset-frontend/plugins/**/package.json' # Trigger this workflow when Dependabot creates a pull request - types: [opened, synchronize, reopened] + types: [opened] jobs: update-lock-file: