-
Notifications
You must be signed in to change notification settings - Fork 6
Expand file tree
/
Copy pathupdate-wordpress-js-dependencies.yml
More file actions
135 lines (119 loc) · 5.02 KB
/
update-wordpress-js-dependencies.yml
File metadata and controls
135 lines (119 loc) · 5.02 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
name: Update WordPress JS Dependencies
on:
workflow_call:
inputs:
WP_DIST_TAG:
description: The dist-tag to update the dependencies to, e.g., `wp-6.7`
required: true
type: string
NPM_REGISTRY_DOMAIN:
description: Domain of the private npm registry.
default: https://npm.pkg.github.com/
required: false
type: string
secrets:
GITHUB_USER_EMAIL:
description: Email address for the GitHub user configuration.
required: false
GITHUB_USER_NAME:
description: Username for the GitHub user configuration.
required: false
GITHUB_USER_SSH_KEY:
description: Private SSH key associated with the GitHub user for the token passed as `GITHUB_USER_TOKEN`.
required: false
GITHUB_USER_SSH_PUBLIC_KEY:
description: Public SSH key associated with the GitHub user for the token passed as `GITHUB_USER_TOKEN`.
required: false
NPM_REGISTRY_TOKEN:
description: Authentication for the private npm registry.
required: false
jobs:
update-dependencies:
runs-on: ubuntu-latest
timeout-minutes: 10
env:
PACKAGE_MANAGER: npm
GITHUB_USER_EMAIL: ${{ secrets.GITHUB_USER_EMAIL }}
GITHUB_USER_NAME: ${{ secrets.GITHUB_USER_NAME }}
GITHUB_USER_SSH_KEY: ${{ secrets.GITHUB_USER_SSH_KEY }}
GITHUB_USER_SSH_PUBLIC_KEY: ${{ secrets.GITHUB_USER_SSH_PUBLIC_KEY }}
WP_DIST_TAG: ${{ inputs.WP_DIST_TAG }}
NODE_AUTH_TOKEN: ${{ secrets.NPM_REGISTRY_TOKEN }}
NPM_REGISTRY_DOMAIN: ${{ inputs.NPM_REGISTRY_DOMAIN }}
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
ssh-key: ${{ env.GITHUB_USER_SSH_KEY }}
- name: Set global variables
run: |
echo "TEMP_BRANCH_NAME=update/${{ env.WP_DIST_TAG }}" >> $GITHUB_ENV
echo "CURRENT_DATE=$(date +'%Y-%m-%d')" >> $GITHUB_ENV
- name: Set up SSH
if: ${{ env.GITHUB_USER_SSH_KEY != '' }}
uses: webfactory/ssh-agent@v0.9.0
with:
ssh-private-key: ${{ env.GITHUB_USER_SSH_KEY }}
- name: Set up Git
run: |
git config --global user.email "${{ env.GITHUB_USER_EMAIL }}"
git config --global user.name "${{ env.GITHUB_USER_NAME }}"
git config --global advice.addIgnoredFile false
git config --global push.autoSetupRemote true
- name: Set up signing commits
if: ${{ env.GITHUB_USER_SSH_PUBLIC_KEY != '' }}
run: |
: # Create empty SSH private key file so Git does not complain.
touch "${{ runner.temp }}/signingkey"
echo "${{ env.GITHUB_USER_SSH_PUBLIC_KEY }}" > "${{ runner.temp }}/signingkey.pub"
git config --global commit.gpgsign true
git config --global gpg.format ssh
git config --global user.signingkey "${{ runner.temp }}/signingkey.pub"
- name: Checkout to temporary branch
run: |
git show-ref -q refs/remotes/origin/${{ env.TEMP_BRANCH_NAME }} && git checkout ${{ env.TEMP_BRANCH_NAME }} || git checkout -b ${{ env.TEMP_BRANCH_NAME }}
- name: Set up node cache mode
run: |
if [ "${{ env.PACKAGE_MANAGER }}" == 'npm' ] && { [ -f "${GITHUB_WORKSPACE}/package-lock.json" ] || [ -f "${GITHUB_WORKSPACE}/npm-shrinkwrap.json" ]; }; then
echo "NODE_CACHE_MODE=npm" >> $GITHUB_ENV
else
echo "No lock files found or unknown package manager"
fi
- name: Set up node
uses: actions/setup-node@v4
with:
node-version: ${{ env.NODE_VERSION }}
registry-url: ${{ env.NPM_REGISTRY_DOMAIN }}
cache: ${{ env.NODE_CACHE_MODE }}
- name: Install dependencies
env:
ARGS: ${{ env.NODE_CACHE_MODE == 'npm' && 'ci' || 'install' }}
run: ${{ format('{0} {1} --ignore-scripts', env.PACKAGE_MANAGER, env.ARGS) }}
- name: Running the update
env:
SCRIPT_START: ${{ env.PACKAGE_MANAGER == 'npm' && 'npm run' }}
run: |
./node_modules/.bin/wp-scripts packages-update --dist-tag=${{ env.WP_DIST_TAG }}
- name: Git add, commit
run: |
git add -A
git commit -m "[BOT] Add dependencies changes for #${{ github.ref }}" --no-verify || ((echo "NO_CHANGES=yes" >> $GITHUB_ENV) && (echo "No changes to commit"))
- name: Git push
if: ${{ env.NO_CHANGES != 'yes' }}
run: git push
- name: Create pull request
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
gh pr create \
--base ${{ github.event.repository.default_branch }} \
--head ${{ env.TEMP_BRANCH_NAME }} \
--title "Align WP Dependencies to meet dist tag ${{ env.WP_DIST_TAG }} - ${{ env.CURRENT_DATE }}" \
--body "This PR updates the WordPress dependencies to meet the version ${{ env.WP_DIST_TAG }}." \
--label "dependencies"
- name: Delete signing key files
if: ${{ always() && env.GITHUB_USER_SSH_PUBLIC_KEY != '' }}
run: |
rm -f "${{ runner.temp }}/signingkey"
rm -f "${{ runner.temp }}/signingkey.pub"