feat: Implementation

dailydevops · Dec 21, 2023 · aa31615 · aa31615
1 parent 7ae62b5
commit aa31615
Show file tree

Hide file tree

Showing 5 changed files with 98 additions and 41 deletions.
diff --git a/action.yml b/action.yml
@@ -1,19 +1,75 @@
-name: 'The name of your action here'
-description: 'Provide a description here'
-author: 'Your name or organization here'
+name: 'DependaMerge'
+description: 'Automatic validation, approval and merging of pull requests, created and processed by dependabot[bot]'
+author: 'Daily DevOps & .NET'
+branding:
+  icon: 'package'
+  color: 'purple'
 
 # Define your inputs here.
 inputs:
-  milliseconds:
-    description: 'Your input description here'
+  github-token:
+    description: 'The GitHub token used to merge the pull-request'
     required: true
-    default: '1000'
+
+  approve:
+    description: 'Approve the pull-request before merging. Valid values: true or false - Default: true'
+    required: false
+    default: true
+
+  approve-only:
+    description: 'Only approve the pull-request. Valid values: true or false - Default: false'
+    required: false
+    default: false
+
+  command:
+    description: 'The command to pass to Dependabot. Valid values: merge or squash - Default: squash'
+    required: false
+    default: squash
+
+  submodule:
+    description: 'If true, the action will merge pull-requests with submodule updates. Valid values: true or false - Default: false'
+    required: false
+    default: false
+
+  target:
+    description: 'The version comparision target. Valid values: major, minor or patch - Default: minor'
+    required: false
+    default: minor
+
+  skip-commit-verification:
+    description: 'If true, then the action will not expect the commits to have a verification signature. It is required to set this to true in GitHub Enterprise Server'
+    required: false
+    default: false
+
+  skip-verification:
+    type: boolean
+    description: 'If true, the action will not validate the user or the commit verification status'
+    default: false
 
 # Define your outputs here.
-outputs:
-  time:
-    description: 'Your output description here'
+# outputs:
+#   time:
+#     description: 'Your output description here'
 
 runs:
-  using: node20
-  main: dist/index.js
+  using: composite
+  steps:
+    - name: Fetch metadata
+      id: metadata
+      uses: dependabot/fetch-metadata@v1.6.0
+      if: github.event_name == 'pull_request' && (github.actor == 'dependabot[bot]')
+      with:
+        skip-commit-verification: ${{ inputs.skip-commit-verification }}
+        skip-verification :  ${{ inputs.skip-verification }}
+
+    - name: DependaMerge
+      id: dependamerge
+      uses: actions/github-script@v7.0.1
+      with:
+        github-token: ${{ inputs.github-token }}
+        script: |
+          const script = require('${{ github.action_path }}/dist/index.js')
+          await script({
+            inputs: ${{ toJSON(inputs) }},
+            metadata: ${{ toJSON(steps.dependabot-metadata.outputs) }},
+          })
diff --git a/src/index.js b/src/index.js
@@ -1,6 +1,8 @@
+'use strict'
+
 /**
  * The entrypoint for the action.
  */
-const { run } = require('./main')
+const run = require('./main')
 
-run()
+module.exports = run
diff --git a/src/log.js b/src/log.js
@@ -0,0 +1,12 @@
+'use strict'
+
+import { debug, info, warning } from '@actions/core'
+
+const stringify = msg =>
+  typeof msg === 'string' ? msg : msg.stack || msg.toString()
+
+const log = logger => message => logger(stringify(message))
+
+export const logDebug = log(debug)
+export const logInfo = log(info)
+export const logWarning = log(warning)
diff --git a/src/main.js b/src/main.js
@@ -1,24 +1,28 @@
 const core = require('@actions/core')
-const { wait } = require('./wait')
+const github = require('@actions/github')
+
+const { logInfo, logDebug, logWarning } = require('./log')
 
 /**
  * The main function for the action.
  * @returns {Promise<void>} Resolves when the action is complete.
  */
-async function run() {
+async function run({ inputs, metadata }) {
   try {
-    const ms = core.getInput('milliseconds', { required: true })
+    // extract the title
+    const {
+      repo,
+      payload: { pull_request }
+    } = github.context // eslint-disable-line camelcase
 
-    // Debug logs are only output if the `ACTIONS_STEP_DEBUG` secret is true
-    core.debug(`Waiting ${ms} milliseconds ...`)
+    // init octokit
+    const octokit = github.getOctokit(inputs.token)
 
-    // Log the current timestamp, wait, then log the new timestamp
-    core.debug(new Date().toTimeString())
-    await wait(parseInt(ms, 10))
-    core.debug(new Date().toTimeString())
+    logInfo(repo)
+    logInfo(pull_request)
+    logInfo(inputs)
+    logInfo(metadata)
 
-    // Set outputs for other workflow steps to use
-    core.setOutput('time', new Date().toTimeString())
   } catch (error) {
     // Fail the workflow run if an error occurs
     core.setFailed(error.message)

diff --git a/src/wait.js b/src/wait.js