Skip to content

Commit 62e4146

Browse files
zkoppertzkoppert
committed
feat: require org, repos, or search query
Signed-off-by: Zack Koppert <[email protected]>
1 parent 7a53a25 commit 62e4146

File tree

3 files changed

+59
-10
lines changed

3 files changed

+59
-10
lines changed

README.md

Lines changed: 47 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -103,9 +103,9 @@ The needed GitHub app permissions are the following under `Repository permission
103103
| field | required | default | description |
104104
| -------------------------- | ----------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
105105
| `GH_ENTERPRISE_URL` | False | "" | The `GH_ENTERPRISE_URL` is used to connect to an enterprise server instance of GitHub, ex: `https://yourgheserver.com`.<br>github.com users should not enter anything here. |
106-
| `ORGANIZATION` | Required to have `ORGANIZATION` or `REPOSITORY` | | The name of the GitHub organization which you want this action to work from. ie. github.com/github would be `github` |
107-
| `REPOSITORY` | Required to have `ORGANIZATION` or `REPOSITORY` | | The name of the repository and organization which you want this action to work from. ie. `github/evergreen` or a comma separated list of multiple repositories `github/evergreen,super-linter/super-linter` |
108-
| `REPOSITORY_SEARCH_QUERY` | False | "" | When set, directs the action to use the GitHub Search API to search repositories matching this query instead of enumerating all organization repositories. Example: `org:my-org is:repository archived:false created:>2025-07-01`. |
106+
| `ORGANIZATION` | Required to have `ORGANIZATION` or `REPOSITORY` or `REPOSITORY_SEARCH_QUERY` | | The name of the GitHub organization which you want this action to work from. ie. github.com/github would be `github` |
107+
| `REPOSITORY` | Required to have `ORGANIZATION` or `REPOSITORY` or `REPOSITORY_SEARCH_QUERY` | | The name of the repository and organization which you want this action to work from. ie. `github/evergreen` or a comma separated list of multiple repositories `github/evergreen,super-linter/super-linter` |
108+
| `REPOSITORY_SEARCH_QUERY` | Required to have `ORGANIZATION` or `REPOSITORY` or `REPOSITORY_SEARCH_QUERY` | "" | When set, directs the action to use the GitHub Search API to search repositories matching this query instead of enumerating all organization repositories. This overrides anything set in the `REPOSITORY` and `ORGANIZATION` variables. Example: `org:my-org is:repository archived:false created:>2025-07-01`. |
109109
| `EXEMPT_REPOS` | False | "" | These repositories will be exempt from this action considering them for dependabot enablement. ex: If my org is set to `github` then I might want to exempt a few of the repos but get the rest by setting `EXEMPT_REPOS` to `github/evergreen,github/contributors` |
110110
| `TYPE` | False | pull | Type refers to the type of action you want taken if this workflow determines that dependabot could be enabled. Valid values are `pull` or `issue`. |
111111
| `TITLE` | False | "Enable Dependabot" | The title of the issue or pull request that will be created if dependabot could be enabled. |
@@ -256,6 +256,50 @@ jobs:
256256
run: cat summary.md >> $GITHUB_STEP_SUMMARY
257257
```
258258

259+
#### Using REPOSITORY_SEARCH_QUERY
260+
261+
```yaml
262+
---
263+
name: Weekly dependabot checks
264+
on:
265+
workflow_dispatch:
266+
schedule:
267+
- cron: "3 2 * * 6"
268+
269+
permissions:
270+
contents: read
271+
272+
jobs:
273+
evergreen:
274+
name: evergreen
275+
runs-on: ubuntu-latest
276+
permissions:
277+
issues: write
278+
279+
steps:
280+
- shell: bash
281+
run: |
282+
# Get the current date
283+
current_date=$(date +'%Y-%m-%d')
284+
285+
# Calculate the previous month
286+
previous_date=$(date -d "$current_date -7 day" +'%Y-%m-%d')
287+
288+
echo "$previous_date..$current_date"
289+
echo "one_week_ago=$previous_date" >> "$GITHUB_ENV"
290+
291+
- name: Run evergreen action
292+
uses: github/evergreen@v1
293+
env:
294+
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
295+
REPOSITORY_SEARCH_QUERY: "org:your_organization is:repository is:public archived:false created:>${{ env.one_week_ago }}"
296+
TITLE: "Add dependabot configuration"
297+
BODY: "Please add this dependabot configuration so that we can keep the dependencies in this repo up to date and secure. for help, contact XXX"
298+
299+
- name: Post evergreen job summary
300+
run: cat summary.md >> $GITHUB_STEP_SUMMARY
301+
```
302+
259303
#### Using GitHub app
260304

261305
```yaml

env.py

Lines changed: 7 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -99,6 +99,7 @@ def get_env_vars(
9999
) -> tuple[
100100
str | None,
101101
list[str],
102+
str | None,
102103
int | None,
103104
int | None,
104105
bytes,
@@ -135,6 +136,7 @@ def get_env_vars(
135136
Returns:
136137
organization (str): The organization to search for repositories in
137138
repository_list (list[str]): A list of repositories to search for
139+
search_query (str): A search query string to filter repositories by
138140
gh_app_id (int | None): The GitHub App ID to use for authentication
139141
gh_app_installation_id (int | None): The GitHub App Installation ID to use for authentication
140142
gh_app_private_key_bytes (bytes): The GitHub App Private Key as bytes to use for authentication
@@ -169,11 +171,12 @@ def get_env_vars(
169171

170172
organization = os.getenv("ORGANIZATION")
171173
repositories_str = os.getenv("REPOSITORY")
174+
search_query = os.getenv("REPOSITORY_SEARCH_QUERY", "").strip()
172175
team_name = os.getenv("TEAM_NAME")
173-
# Either organization or repository must be set
174-
if not organization and not repositories_str:
176+
# Either organization, repository, or search_query must be set
177+
if not organization and not repositories_str and not search_query:
175178
raise ValueError(
176-
"ORGANIZATION and REPOSITORY environment variables were not set. Please set one"
179+
"ORGANIZATION, REPOSITORY, and REPOSITORY_SEARCH_QUERY environment variables were not set. Please set one"
177180
)
178181
# Team name and repository are mutually exclusive
179182
if repositories_str and team_name:
@@ -352,6 +355,7 @@ def get_env_vars(
352355
return (
353356
organization,
354357
repositories_list,
358+
search_query,
355359
gh_app_id,
356360
gh_app_installation_id,
357361
gh_app_private_key_bytes,

0 commit comments

Comments
 (0)