Skip to content

Commit

Permalink
Merge pull request #31 from martincostello/issue-28
Browse files Browse the repository at this point in the history
Configurable commit message
  • Loading branch information
zkoppert authored Jan 29, 2024
2 parents 92d440d + dd77876 commit ed3c329
Show file tree
Hide file tree
Showing 5 changed files with 28 additions and 6 deletions.
1 change: 1 addition & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,7 @@ Below are the allowed configuration options:
| `TYPE` | False | pull | Type refers to the type of action you want taken if this workflow determines that dependabot could be enabled. Valid values are `pull` or `issue`.|
| `TITLE` | False | "Enable Dependabot" | The title of the issue or pull request that will be created if dependabot could be enabled. |
| `BODY` | False | "Dependabot could be enabled for this repository. Please enable it by merging this pull request so that we can keep our dependencies up to date and secure." | The body of the issue or pull request that will be created if dependabot could be enabled. |
| `COMMIT_MESSAGE` | False | "Create dependabot.yaml" | The commit message for the pull request that will be created if dependabot could be enabled. |
| `CREATED_AFTER_DATE` | False | none | If a value is set, this action will only consider repositories created on or after this date for dependabot enablement. This is useful if you want to only consider newly created repositories. If I set up this action to run weekly and I only want to scan for repos created in the last week that need dependabot enabled, then I would set `CREATED_AFTER_DATE` to 7 days ago. That way only repositories created after 7 days ago will be considered for dependabot enablement. If not set or set to nothing, all repositories will be scanned and a duplicate issue/pull request may occur. Ex: 2023-12-31 for Dec. 31st 2023 |
| `DRY_RUN` | False | false | If set to true, this action will not create any issues or pull requests. It will only log the repositories that could have dependabot enabled. This is useful for testing. |

Expand Down
13 changes: 12 additions & 1 deletion env.py
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,9 @@


def get_env_vars() -> (
tuple[str | None, list[str], str, str, list[str], str, str, str, str | None, bool]
tuple[
str | None, list[str], str, str, list[str], str, str, str, str | None, bool, str
]
):
"""
Get the environment variables for use in the action.
Expand All @@ -28,6 +30,7 @@ def get_env_vars() -> (
body (str): The body of the follow up
created_after_date (str): The date to filter repositories by
dry_run (bool): Whether or not to actually open issues/pull requests
commit_message (str): The commit message of the follow up
"""
# Load from .env file if it exists
Expand Down Expand Up @@ -94,6 +97,13 @@ def get_env_vars() -> (
Please enable it by merging this pull request \
so that we can keep our dependencies up to date and secure."

commit_message = os.getenv("COMMIT_MESSAGE")
if commit_message:
if len(commit_message) > 65536:
raise ValueError("COMMIT_MESSAGE environment variable is too long")
else:
commit_message = "Create dependabot.yaml"

created_after_date = os.getenv("CREATED_AFTER_DATE")
# make sure that created_after_date is a date in the format YYYY-MM-DD
if created_after_date and len(created_after_date) != 10:
Expand All @@ -119,4 +129,5 @@ def get_env_vars() -> (
body,
created_after_date,
dry_run_bool,
commit_message,
)
9 changes: 6 additions & 3 deletions evergreen.py
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@ def main(): # pragma: no cover
body,
created_after_date,
dry_run,
commit_message,
) = env.get_env_vars()

# Auth to GitHub.com or GHE
Expand Down Expand Up @@ -94,7 +95,9 @@ def main(): # pragma: no cover
# Create a dependabot.yaml file, a branch, and a PR
if not skip:
try:
pull = commit_changes(title, body, repo, dependabot_file)
pull = commit_changes(
title, body, repo, dependabot_file, commit_message
)
print("\tCreated pull request " + pull.html_url)
except github3.exceptions.NotFoundError:
print("\tFailed to create pull request. Check write permissions.")
Expand Down Expand Up @@ -171,7 +174,7 @@ def check_pending_issues_for_duplicates(title, repo) -> bool:
return skip


def commit_changes(title, body, repo, dependabot_file):
def commit_changes(title, body, repo, dependabot_file, message):
"""Commit the changes to the repo and open a pull reques and return the pull request object"""
default_branch = repo.default_branch
# Get latest commit sha from default branch
Expand All @@ -181,7 +184,7 @@ def commit_changes(title, body, repo, dependabot_file):
repo.create_ref(front_matter + branch_name, default_branch_commit)
repo.create_file(
path=".github/dependabot.yaml",
message="Create dependabot.yaml",
message=message,
content=dependabot_file.encode(), # Convert to bytes object
branch=branch_name,
)
Expand Down
6 changes: 6 additions & 0 deletions test_env.py
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@ class TestEnv(unittest.TestCase):
"TITLE": "Dependabot Alert custom title",
"BODY": "Dependabot custom body",
"CREATED_AFTER_DATE": "2023-01-01",
"COMMIT_MESSAGE": "Create dependabot configuration",
},
)
def test_get_env_vars_with_org(self):
Expand All @@ -34,6 +35,7 @@ def test_get_env_vars_with_org(self):
"Dependabot custom body",
"2023-01-01",
False,
"Create dependabot configuration",
)
result = get_env_vars()
self.assertEqual(result, expected_result)
Expand All @@ -49,6 +51,7 @@ def test_get_env_vars_with_org(self):
"BODY": "Dependabot custom body",
"CREATED_AFTER_DATE": "2023-01-01",
"DRY_RUN": "true",
"COMMIT_MESSAGE": "Create dependabot configuration",
},
clear=True,
)
Expand All @@ -65,6 +68,7 @@ def test_get_env_vars_with_repos(self):
"Dependabot custom body",
"2023-01-01",
True,
"Create dependabot configuration",
)
result = get_env_vars()
self.assertEqual(result, expected_result)
Expand All @@ -91,6 +95,7 @@ def test_get_env_vars_optional_values(self):
we can keep our dependencies up to date and secure.",
None,
False,
"Create dependabot.yaml",
)
result = get_env_vars()
self.assertEqual(result, expected_result)
Expand Down Expand Up @@ -137,6 +142,7 @@ def test_get_env_vars_with_repos_no_dry_run(self):
we can keep our dependencies up to date and secure.",
None,
False,
"Create dependabot.yaml",
)
result = get_env_vars()
self.assertEqual(result, expected_result)
Expand Down
5 changes: 3 additions & 2 deletions test_evergreen.py
Original file line number Diff line number Diff line change
Expand Up @@ -201,15 +201,16 @@ def test_commit_changes(self, mock_uuid):
body = "Test Body"
dependabot_file = 'dependencies:\n - package_manager: "python"\n directory: "/"\n update_schedule: "live"'
branch_name = "dependabot-12345678-1234-5678-1234-567812345678"
result = commit_changes(title, body, mock_repo, dependabot_file)
commit_message = "Create dependabot.yaml"
result = commit_changes(title, body, mock_repo, dependabot_file, commit_message)

# Assert that the methods were called with the correct arguments
mock_repo.create_ref.assert_called_once_with(
f"refs/heads/{branch_name}", "abc123"
)
mock_repo.create_file.assert_called_once_with(
path=".github/dependabot.yaml",
message="Create dependabot.yaml",
message=commit_message,
content=dependabot_file.encode(),
branch=branch_name,
)
Expand Down

0 comments on commit ed3c329

Please sign in to comment.