Skip to content

Commit 3d33fdb

Browse files
zkoppertzkoppert
authored
Merge pull request #373 from github/copilot/fix-372
2 parents b6c849e + 6f2a744 commit 3d33fdb

File tree

6 files changed

+124
-15
lines changed

6 files changed

+124
-15
lines changed

.github/workflows/super-linter.yaml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -35,3 +35,4 @@ jobs:
3535
DEFAULT_BRANCH: main
3636
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
3737
GITHUB_ACTIONS_COMMAND_ARGS: -shellcheck=
38+
FIX_MARKDOWN_PRETTIER: true

README.md

Lines changed: 48 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -29,7 +29,6 @@ All feedback regarding our GitHub Actions, as a whole, should be communicated th
2929
1. Select a best fit workflow file from the [examples below](#example-workflows).
3030
1. Copy that example into your repository (from step 1) and into the proper directory for GitHub Actions: `.github/workflows/` directory with the file extension `.yml` (ie. `.github/workflows/evergreen.yml`)
3131
1. Edit the values below from the sample workflow with your information:
32-
3332
- `ORGANIZATION`
3433
- `TEAM_NAME`
3534
- `REPOSITORY`
@@ -51,7 +50,6 @@ All feedback regarding our GitHub Actions, as a whole, should be communicated th
5150
1. Also edit the value for `GH_ENTERPRISE_URL` if you are using a GitHub Server and not using github.com.
5251
For github.com users, leave it empty.
5352
1. Update the value of `GH_TOKEN`. Do this by creating a [GitHub API token](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens#creating-a-personal-access-token-classic) with the following permissions:
54-
5553
- If using **classic tokens**:
5654
- `workflow`, this will set also all permissions for `repo`
5755
- under `admin`, `read:org` and `write:org`
@@ -65,7 +63,7 @@ All feedback regarding our GitHub Actions, as a whole, should be communicated th
6563
Then finally update the workflow file to use that repository secret by changing `GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}` to `GH_TOKEN: ${{ secrets.GH_TOKEN }}`.
6664
The name of the secret can really be anything, it just needs to match between when you create the secret name and when you refer to it in the workflow file.
6765

68-
1. If you want the resulting issue with the output to appear in a different repository other than the one the workflow file runs in, update the line `token: ${{ secrets.GITHUB_TOKEN }}` with your own GitHub API token stored as a repository secret. This process is the same as described in the step above. More info on creating secrets can be found [here](https://docs.github.com/en/actions/security-guides/encrypted-secrets).
66+
1. If you want the resulting issue with the output to appear in a different repository other than the one the workflow file runs in, update the line `token: ${{ secrets.GITHUB_TOKEN }}` with your own GitHub API token stored as a repository secret. This process is the same as described in the step above. More info on creating secrets can be found in the [GitHub documentation on encrypted secrets](https://docs.github.com/en/actions/security-guides/encrypted-secrets).
6967
1. Commit the workflow file to the default branch (often `master` or `main`)
7068
1. Wait for the action to trigger based on the `schedule` entry or manually trigger the workflow as shown in the [documentation](https://docs.github.com/en/actions/using-workflows/manually-running-a-workflow).
7169

@@ -105,8 +103,9 @@ The needed GitHub app permissions are the following under `Repository permission
105103
| field | required | default | description |
106104
| -------------------------- | ----------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
107105
| `GH_ENTERPRISE_URL` | False | "" | The `GH_ENTERPRISE_URL` is used to connect to an enterprise server instance of GitHub, ex: `https://yourgheserver.com`.<br>github.com users should not enter anything here. |
108-
| `ORGANIZATION` | Required to have `ORGANIZATION` or `REPOSITORY` | | The name of the GitHub organization which you want this action to work from. ie. github.com/github would be `github` |
109-
| `REPOSITORY` | Required to have `ORGANIZATION` or `REPOSITORY` | | The name of the repository and organization which you want this action to work from. ie. `github/evergreen` or a comma separated list of multiple repositories `github/evergreen,super-linter/super-linter` |
106+
| `ORGANIZATION` | Required to have `ORGANIZATION` or `REPOSITORY` or `REPOSITORY_SEARCH_QUERY` | | The name of the GitHub organization which you want this action to work from. ie. github.com/github would be `github` |
107+
| `REPOSITORY` | Required to have `ORGANIZATION` or `REPOSITORY` or `REPOSITORY_SEARCH_QUERY` | | The name of the repository and organization which you want this action to work from. ie. `github/evergreen` or a comma separated list of multiple repositories `github/evergreen,super-linter/super-linter` |
108+
| `REPOSITORY_SEARCH_QUERY` | Required to have `ORGANIZATION` or `REPOSITORY` or `REPOSITORY_SEARCH_QUERY` | "" | When set, directs the action to use the GitHub Search API to search repositories matching this query instead of enumerating all organization repositories. This overrides anything set in the `REPOSITORY` and `ORGANIZATION` variables. Example: `org:my-org is:repository archived:false created:>2025-07-01`. |
110109
| `EXEMPT_REPOS` | False | "" | These repositories will be exempt from this action considering them for dependabot enablement. ex: If my org is set to `github` then I might want to exempt a few of the repos but get the rest by setting `EXEMPT_REPOS` to `github/evergreen,github/contributors` |
111110
| `TYPE` | False | pull | Type refers to the type of action you want taken if this workflow determines that dependabot could be enabled. Valid values are `pull` or `issue`. |
112111
| `TITLE` | False | "Enable Dependabot" | The title of the issue or pull request that will be created if dependabot could be enabled. |
@@ -257,6 +256,50 @@ jobs:
257256
run: cat summary.md >> $GITHUB_STEP_SUMMARY
258257
```
259258

259+
#### Using REPOSITORY_SEARCH_QUERY
260+
261+
```yaml
262+
---
263+
name: Weekly dependabot checks
264+
on:
265+
workflow_dispatch:
266+
schedule:
267+
- cron: "3 2 * * 6"
268+
269+
permissions:
270+
contents: read
271+
272+
jobs:
273+
evergreen:
274+
name: evergreen
275+
runs-on: ubuntu-latest
276+
permissions:
277+
issues: write
278+
279+
steps:
280+
- shell: bash
281+
run: |
282+
# Get the current date
283+
current_date=$(date +'%Y-%m-%d')
284+
285+
# Calculate the previous month
286+
previous_date=$(date -d "$current_date -7 day" +'%Y-%m-%d')
287+
288+
echo "$previous_date..$current_date"
289+
echo "one_week_ago=$previous_date" >> "$GITHUB_ENV"
290+
291+
- name: Run evergreen action
292+
uses: github/evergreen@v1
293+
env:
294+
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
295+
REPOSITORY_SEARCH_QUERY: "org:your_organization is:repository is:public archived:false created:>${{ env.one_week_ago }}"
296+
TITLE: "Add dependabot configuration"
297+
BODY: "Please add this dependabot configuration so that we can keep the dependencies in this repo up to date and secure. for help, contact XXX"
298+
299+
- name: Post evergreen job summary
300+
run: cat summary.md >> $GITHUB_STEP_SUMMARY
301+
```
302+
260303
#### Using GitHub app
261304

262305
```yaml

0 commit comments

Comments
 (0)