Skip to content

NPM Dependency Reports #199

NPM Dependency Reports

NPM Dependency Reports #199

name: App NPM Dependency Updates
on:
schedule:
- cron: '0 16 * * 2' # Every Tuesday at 8:00-9:00am Pacific Time.
workflow_dispatch:
# START HERE! v
# This workflow makes use of the env file found in .github/config
# Set the necessary env vars there:
env:
GITHUB_REPOSITORY: ${{ github.repository }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
jobs:
# Parse Vars from config.
parse-json5-config:
runs-on: ubuntu-22.04
outputs:
packageJsonPaths: ${{ steps.parse_config.outputs.packageJsonPaths }}
ignorePackages: ${{ steps.parse_config.outputs.ignorePackages }}
steps:
# Checkout branch.
- name: Checkout Repository
uses: actions/checkout@v4
# Install json5 npm package for parsing config.
- name: Install Dependencies
run: npm install json5
# Run script to convert json5 config to Output Vars.
- name: Run Script
id: parse_config
run: node .github/helpers/parse-json5-config .github/config/dep-report.json5
# Check package versions for updates.
parse-package-versions:
runs-on: ubuntu-22.04
needs: parse-json5-config
env:
packageJsonPaths: ${{ needs.parse-json5-config.outputs.packageJsonPaths }}
ignorePackages: ${{ needs.parse-json5-config.outputs.ignorePackages }}
container:
# Lightweight NodeJS Image
image: node:21.5-bullseye-slim
steps:
# Checkout branch.
- name: Checkout repository
uses: actions/checkout@v4
# Run NodeJS script to check for latest npm dependency versions and capture output.
- name: Run NPM DEP Check Node.js script
id: check_versions
run: |
node .github/helpers/parse-npm-deps.js > outdatedDeps.json
# Upload the output as an artifact.
- name: Upload output
uses: actions/upload-artifact@v3
with:
name: outdatedDeps
path: outdatedDeps.json
# Write the output text for the GitHub Issue.
write-output:
needs:
- parse-json5-config
- parse-package-versions
runs-on: ubuntu-22.04
env:
packageJsonPaths: ${{ needs.parse-json5-config.outputs.packageJsonPaths }}
container:
# Lightweight NodeJS Image
image: node:21.5-bullseye-slim
steps:
# Checkout branch.
- name: Checkout repository
uses: actions/checkout@v4
# Download the output artifact from parse-package-versions.
- name: Download output
uses: actions/download-artifact@v3
with:
name: outdatedDeps
path: .
# Run NodeJS script to create GitHub Issue body.
- name: Run NPM DEP Check Node.js script
id: check_versions
run: |
node .github/helpers/create-npm-dep-report.js > outputText.json
# Upload the output as an artifact.
- name: Upload output
uses: actions/upload-artifact@v3
with:
name: outputText
path: outputText.json
# Create the GitHub Issues.
create-issues:
needs:
- parse-json5-config
- write-output
runs-on: ubuntu-22.04
env:
packageJsonPaths: ${{ needs.parse-json5-config.outputs.packageJsonPaths }}
container:
# Lightweight NodeJS Image
image: node:21.5-bullseye-slim
steps:
# Checkout branch.
- name: Checkout repository
uses: actions/checkout@v4
# Download the output artifact.
- name: Download output
uses: actions/download-artifact@v3
with:
name: outputText
path: .
# Install @octokit/rest npm package for making GitHub rest API requests.
- name: Install @octokit/rest npm
run: npm i @octokit/rest
# Run Node Script to Create GitHub Issue.
- name: Create GitHub Issues
run: |
node .github/helpers/create-npm-dep-report-issues
create-tickets:
needs:
- parse-json5-config
- parse-package-versions
runs-on: ubuntu-latest
steps:
# Download the output artifact from parse-package-versions.
- name: Download output
uses: actions/download-artifact@v3
with:
name: outdatedDeps
path: .
# create env variable for issue body
- name: Create Issue Body
shell: bash
run: |
OUTPUT=$(cat outdatedDeps.json)
OUTPUT="${OUTPUT//'%'/'%25'}"
OUTPUT="${OUTPUT//$'\n'/'%0A'}"
OUTPUT="${OUTPUT//$'\r'/'%0D'}"
echo "ISSUE_BODY=${OUTPUT}" >> $GITHUB_ENV
# Checkout branch
- name: Checkout repository
uses: actions/checkout@v3
# Setup Python
- name: setup python
uses: actions/setup-python@v4
with:
python-version: '3.11' # current Python version
- name: execute py script
env:
LEVEL_FLAGS: "MINOR MAJOR" # used to determine what updates to post
JIRA_BOARD: "PIMS" # sets what JIRA board to post and pull from
JIRA_SUBTASK: "10003" # each Jira board has a different issue type for subtasks
JIRA_EPIC: "10014, PIMS-450" # epic links are technically a custom field with this specific id and ticket number (for PIMS)
JIRA_API_KEY: ${{ secrets.JIRA_API_KEY }} # key used to access JIRA API
ISSUE_BODY: ${{ env.ISSUE_BODY }} # dependency update list
run: |
python3 .github/helpers/jira-api/create_tickets.py