-
Notifications
You must be signed in to change notification settings - Fork 0
135 lines (122 loc) · 5.89 KB
/
yarn-upgrade.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
name: Yarn Upgrade
on:
schedule:
# Every wednesday at 13:37 UTC
- cron: 37 13 * * 3
workflow_dispatch: {}
jobs:
upgrade:
name: Yarn Upgrade
permissions:
contents: read
runs-on: ubuntu-latest
steps:
- name: Check Out
uses: actions/checkout@v4
- name: Set up Node
uses: actions/setup-node@v4
with:
node-version: "*"
env:
NODE_OPTIONS: "--max-old-space-size=8196 --experimental-worker ${NODE_OPTIONS:-}"
- name: Locate Yarn cache
id: yarn-cache
run: echo "dir=$(yarn cache dir)" >> $GITHUB_OUTPUT
- name: Restore Yarn cache
uses: actions/cache@v4
with:
path: ${{ steps.yarn-cache.outputs.dir }}
key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
restore-keys: |-
${{ runner.os }}-yarn-
- name: Yarn Install
run: yarn install --frozen-lockfile
- name: Install Tools
run: |-
npm -g install lerna npm-check-updates
- name: Build Integ Runner
run: |
export NODE_OPTIONS="--max-old-space-size=8196 --experimental-worker ${NODE_OPTIONS:-}"
npx lerna run build --scope @aws-cdk/integ-runner
- name: List Mono-Repo Packages
id: list-packages
# These need to be ignored from the `ncu` runs!
run: |-
echo "list=$(lerna ls --all --json 2>/dev/null | jq -r 'map(.name) | join(",")')" >> $GITHUB_OUTPUT
- name: Run "ncu -u"
# Upgrade special cases:
# - Various `@types/*` packages need to be pinned to specific versions due to breaking changes in minor upgrades https://github.com/DefinitelyTyped/DefinitelyTyped/issues/64266
# - `typescript` is not semantically versioned, so we only upgrade the patch version
# - `jsii`, `jsii-rosetta` is not semantically versioned and needs to be upgrades alongside typescript
# - `constructs` because we need to stay in control of the minimum compatible version
# - `aws-sdk-mock` because of breaking changes in type exports https://github.com/dwyl/aws-sdk-mock/pull/260. We are not respecting `@ts-ignore`.
# - `@aws-cdk/aws-service-spec` and `@aws-cdk/service-spec-types` have their own update workflow
run: |-
# Upgrade dependencies at repository root
ncu --upgrade --filter=jsii,jsii-rosetta,typescript --target=patch
ncu --upgrade --reject=@types/node,@types/prettier,constructs,jsii,jsii-rosetta,typescript --target=minor
# Upgrade all the packages
lerna exec --parallel ncu -- --upgrade --filter=jsii,jsii-rosetta,typescript --target=patch
lerna exec --parallel ncu -- --upgrade --reject='@types/conventional-commits-parser,@types/node,@types/prettier,constructs,jsii,jsii-rosetta,typescript,aws-sdk-mock,@aws-sdk/*,@aws-cdk/aws-service-spec,@aws-cdk/service-spec-types,${{ steps.list-packages.outputs.list }}' --target=minor
# Upgrade package.json files in init templates
for pj in $(find packages/aws-cdk/lib/init-templates -name package.json); do
(cd $(dirname $pj) && ncu --upgrade --reject='constructs,${{ steps.list-packages.outputs.list }}')
done
# Upgrade dependencies at an aws-eks integ test docker image
cd packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/sdk-call-integ-test-docker-app/app/ && ncu --upgrade --reject='@aws-sdk/*,${{ steps.list-packages.outputs.list }}'
# This will ensure the current lockfile is up-to-date with the dependency specifications (necessary for "yarn upgrade" to run)
- name: Run "yarn install"
run: yarn install
- name: Run "yarn upgrade"
run: yarn upgrade
- name: Regenerate CLI attributions
run: cd packages/aws-cdk && yarn pkglint
- name: Regenerate Integ Runner attributions
run: cd packages/@aws-cdk/integ-runner && yarn pkglint
# Next, create and upload the changes as a patch file. This will later be downloaded to create a pull request
# Creating a pull request requires write permissions and it's best to keep write privileges isolated.
- name: Create Patch
run: |-
git add .
git diff --patch --staged > ${{ runner.temp }}/upgrade.patch
- name: Upload Patch
uses: actions/upload-artifact@v4
with:
name: upgrade.patch
path: ${{ runner.temp }}/upgrade.patch
pr:
name: Create Pull Request
needs: upgrade
permissions:
contents: write
pull-requests: write
runs-on: ubuntu-latest
steps:
- name: Check Out
uses: actions/checkout@v4
- name: Download patch
uses: actions/download-artifact@v4
with:
name: upgrade.patch
path: ${{ runner.temp }}
- name: Apply patch
run: '[ -s ${{ runner.temp }}/upgrade.patch ] && git apply ${{ runner.temp
}}/upgrade.patch || echo "Empty patch. Skipping."'
- name: Make Pull Request
uses: peter-evans/create-pull-request@v7
with:
# Git commit details
branch: automation/yarn-upgrade
author: aws-cdk-automation <aws-cdk-automation@users.noreply.github.com>
commit-message: |-
chore: npm-check-updates && yarn upgrade
Ran npm-check-updates and yarn upgrade to keep the `yarn.lock` file up-to-date.
# Pull Request details
title: 'chore: npm-check-updates && yarn upgrade'
body: |-
Ran npm-check-updates and yarn upgrade to keep the `yarn.lock` file up-to-date.
labels: contribution/core,dependencies,auto-approve
team-reviewers: aws-cdk-team
# Github prevents further Github actions to be run if the default Github token is used.
# Instead use a privileged token here, so further GH actions can be triggered on this PR.
token: ${{ secrets.PROJEN_GITHUB_TOKEN }}