-
Notifications
You must be signed in to change notification settings - Fork 27
Expand file tree
/
Copy pathexample.yaml
More file actions
175 lines (144 loc) · 5.88 KB
/
example.yaml
File metadata and controls
175 lines (144 loc) · 5.88 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
parameters:
# Note: The presence of the 3 parameters below provides a mechanism to centralize this pipeline such that it can be run for multiple repositories.
# Parallelization has not been tested using this approach - but it should be easy enough to do.
# See here for more information: https://learn.microsoft.com/en-us/azure/machine-learning/how-to-use-parallel-job-in-pipeline?view=azureml-api-2&tabs=cliv2
# By default, this pipeline is configured to run for a single repository.
# OPTIONAL: Name of the repository. Automatically set to ADO repository name if not provided.
- name: repositoryName
type: string
default: $(Build.Repository.Name)
# OPTIONAL: Name of the Azure DevOps project. Automatically set to ADO project name if not provided.
- name: azdoProjectName
type: string
default: $(System.TeamProject)
# OPTIONAL: Path to the repository, relative to Azure DevOps.
# e.g. invoicecloud/Src/_git/Repository.Name
- name: projectPath
type: string
default: ''
# OPTIONAL: Path to the Dependabot configuration file. Relative to the repository root.
- name: dependabotConfigFile
type: string
default: "$(Build.SourcesDirectory)/.azuredevops/dependabot-config.yaml"
# OPTIONAL: Version of GoLang to install.
# See here for other versions: https://go.dev/dl/
- name: goVersion
type: string
default: '1.24.5'
values:
- '1.24.5'
- '1.23.11'
- '1.25rc2'
# OPTIONAL: Version of Dependabot CLI to install - defaults to latest.
# See here for other versions: https://github.com/dependabot/cli/releases
- name: dependabotCliVersion
type: string
default: 'latest'
trigger: none
schedules:
- cron: "0 0 * * 0" # Weekly, Sunday Night, Midnight UTC
always: true # Run even if there have been no code changes.
branches:
include:
- main # The branch to run the schedule on.
batch: true
displayName: "Weekly Dependency Update"
variables:
- name: System.Secrets
value: true
# Azure DevOps Repository Path
- name: PROJECT_PATH
${{ if eq(parameters.projectPath, '') }}:
value: 'MY_AZDO_ORGANIZATION_NAME/${{ parameters.azdoProjectName }}/_git/${{ parameters.repositoryName }}'
${{ else }}:
value: ${{ parameters.projectPath }}
stages:
- stage: BuildDependabot
jobs:
- job: RunDependabot
pool:
vmImage: 'ubuntu-latest'
steps:
- checkout: self
persistCredentials: true
# Add .NET
# Parameterize version if desired.
- task: UseDotNet@2
inputs:
version: '8.0.x'
# Install GoLang
- script: |
# Install GoLang
wget https://go.dev/dl/go${{ parameters.goVersion }}.src.tar.gz
sudo tar -C /usr/local -xzf ${{ parameters.goVersion }}.src.tar.gz
# Add GoLang to PATH
echo "export PATH=/usr/local/go/bin:${PATH}" | sudo tee -a $HOME/.profile
source $HOME/.profile
go version
displayName: Install GoLang
# Install Dependabot CLI
- script: |
# Install Dependabot CLI
go install github.com/dependabot/cli/cmd/dependabot@${{ parameters.dependabotCliVersion }}
displayName: Install Dependabot CLI
# Run Dependabot
- script: |
set -euo pipefail
# Substitute PROJECT_PATH var in the config.
# This doesn't appear to be automatically interpolated in Azure DevOps.
sed -i 's/\$PROJECT_PATH/${PROJECT_PATH}/g' ${{ parameters.dependabotConfigFile }}
# Print the updated config file.
echo "Using Dependabot Configuration File:"
cat ${{ parameters.dependabotConfigFile }}
# Set the GO /bin path & cd into it.
GO_PATH=$(go env | grep GOPATH | awk -F'=' '{print $2}' | tr -d "'")
cd $GO_PATH/bin
echo "\n dependabot update \
-f ${{ parameters.dependabotConfigFile }} \
--timeout 20m >> $(Pipeline.Workspace)/dependabot_result.jsonl || true"
./dependabot update \
-f ${{ parameters.dependabotConfigFile }} \
--timeout 20m >> $(Pipeline.Workspace)/dependabot_result.jsonl || true
echo "Result:"
cat $(Pipeline.Workspace)/dependabot_result.jsonl
displayName: Run Dependabot
env:
LOCAL_AZURE_ACCESS_TOKEN: $(System.AccessToken)
LOCAL_GITHUB_ACCESS_TOKEN: $(System.AccessToken)
# Publish Dependabot Results
- task: PublishPipelineArtifact@1
displayName: Publish Dependabot Results
inputs:
targetPath: '$(Pipeline.Workspace)/dependabot_result.jsonl'
publishLocation: 'pipeline'
artifactName: 'dependabot_result'
- stage: CreatePullRequests
jobs:
- job: CreatePullRequests
pool:
vmImage: 'ubuntu-latest'
steps:
# Download Dependabot Results
- task: DownloadPipelineArtifact@2
inputs:
buildType: 'current'
artifactName: 'dependabot_result'
targetPath: $(Build.ArtifactStagingDirectory)
# Install jq - for parsing JSON.
- script: |
# Install jq
sudo apt-get update
sudo apt-get install -y jq
displayName: Install 'jq'
# Create Pull Requests
- task: Bash@3
displayName: Create Pull Requests
inputs:
targetType: 'filePath'
filePath: "./create-pull-requests.sh"
arguments: >
$(Build.ArtifactStagingDirectory)/dependabot_result.jsonl
workingDirectory: $(Build.SourcesDirectory)/$(Build.Repository.Name)
env:
AZURE_DEVOPS_EXT_PAT: $(System.AccessToken)
PROJECT_PATH: $(PROJECT_PATH)