Regenerate Test #9
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Regenerates a single test file and creates a PR for review. | |
| # Optionally accepts a dependabot-core branch name to use a custom updater image | |
| # built from that branch, enabling smoke test updates before merging core PRs. | |
| name: Regenerate Test | |
| on: # yamllint disable-line rule:truthy | |
| workflow_dispatch: | |
| inputs: | |
| test: | |
| description: 'Test name to regenerate (e.g. npm, bundler, go, etc.)' | |
| required: true | |
| type: string | |
| core-branch: | |
| description: 'dependabot-core branch to use (leave empty for latest release)' | |
| required: false | |
| type: string | |
| permissions: | |
| contents: write | |
| pull-requests: write | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| jobs: | |
| regenerate: | |
| runs-on: ubuntu-latest | |
| name: Regenerate ${{ inputs.test }} | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - name: Validate test exists | |
| run: | | |
| TEST_FILE="tests/smoke-${{ inputs.test }}.yaml" | |
| if [ ! -f "$TEST_FILE" ]; then | |
| echo "Error: Test file $TEST_FILE does not exist" | |
| echo "Available tests:" | |
| ls tests/ | sed 's/^smoke-//' | sed 's/\.yaml$//' | |
| exit 1 | |
| fi | |
| echo "Test file $TEST_FILE exists" | |
| - name: Download CLI | |
| run: | | |
| gh release download --repo dependabot/cli -p "*linux-amd64.tar.gz" | |
| tar xzvf *.tar.gz >/dev/null 2>&1 | |
| chmod +x dependabot | |
| echo "$GITHUB_WORKSPACE" >> $GITHUB_PATH | |
| ./dependabot --version | |
| - name: Resolve updater image | |
| id: resolve_image | |
| if: inputs.core-branch != '' | |
| run: | | |
| # Map test names to ecosystem image suffixes | |
| declare -A ECOSYSTEM_MAP=( | |
| ["actions"]="github-actions" | |
| ["bundler"]="bundler" | |
| ["cargo"]="cargo" | |
| ["composer"]="composer" | |
| ["devcontainers"]="devcontainers" | |
| ["docker"]="docker" | |
| ["dotnet-sdk"]="dotnet-sdk" | |
| ["elm"]="elm" | |
| ["go"]="gomod" | |
| ["gradle"]="gradle" | |
| ["hex"]="mix" | |
| ["maven"]="maven" | |
| ["npm"]="npm" | |
| ["nuget"]="nuget" | |
| ["pub"]="pub" | |
| ["python"]="pip" | |
| ["rust-toolchain"]="rust-toolchain" | |
| ["submodules"]="gitsubmodule" | |
| ["swift"]="swift" | |
| ["terraform"]="terraform" | |
| ["vcpkg"]="vcpkg" | |
| ) | |
| # Extract base test name (e.g. npm-group-rules -> npm, dotnet-sdk-security -> dotnet-sdk) | |
| TEST="${{ inputs.test }}" | |
| ECOSYSTEM="" | |
| for key in "${!ECOSYSTEM_MAP[@]}"; do | |
| if [[ "$TEST" == "$key" || "$TEST" == "$key"-* ]]; then | |
| # Pick the longest matching key | |
| if [ ${#key} -gt ${#ECOSYSTEM} ]; then | |
| ECOSYSTEM="${ECOSYSTEM_MAP[$key]}" | |
| MATCH="$key" | |
| fi | |
| fi | |
| done | |
| if [ -z "$ECOSYSTEM" ]; then | |
| echo "Error: Could not determine ecosystem for test '$TEST'" | |
| echo "Supported base test names: ${!ECOSYSTEM_MAP[*]}" | |
| exit 1 | |
| fi | |
| echo "Matched test '$TEST' to ecosystem '$ECOSYSTEM' (via key '$MATCH')" | |
| # Get the latest commit SHA from the dependabot-core branch | |
| BRANCH="${{ inputs.core-branch }}" | |
| SHA=$(gh api repos/dependabot/dependabot-core/commits/"$BRANCH" --jq .sha) | |
| if [ -z "$SHA" ]; then | |
| echo "Error: Could not resolve branch '$BRANCH' in dependabot/dependabot-core" | |
| exit 1 | |
| fi | |
| echo "Resolved branch '$BRANCH' to SHA: $SHA" | |
| IMAGE="ghcr.io/dependabot/dependabot-updater-${ECOSYSTEM}:${SHA}" | |
| echo "image=$IMAGE" >> "$GITHUB_OUTPUT" | |
| echo "Using updater image: $IMAGE" | |
| - name: Regenerate test | |
| env: | |
| LOCAL_GITHUB_ACCESS_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| TEST_FILE="tests/smoke-${{ inputs.test }}.yaml" | |
| EXTRA_ARGS="" | |
| if [ -n "${{ steps.resolve_image.outputs.image }}" ]; then | |
| EXTRA_ARGS="--updater-image=${{ steps.resolve_image.outputs.image }}" | |
| fi | |
| dependabot test -f "$TEST_FILE" -o "$TEST_FILE" $EXTRA_ARGS || true | |
| - name: Check for changes | |
| id: check_changes | |
| run: | | |
| TEST_FILE="tests/smoke-${{ inputs.test }}.yaml" | |
| if git diff --quiet "$TEST_FILE"; then | |
| echo "Error: No changes were made to $TEST_FILE" | |
| echo "The test regeneration produced identical results" | |
| exit 1 | |
| fi | |
| echo "Changes detected in $TEST_FILE" | |
| echo "has_changes=true" >> $GITHUB_OUTPUT | |
| - name: Create Pull Request | |
| if: steps.check_changes.outputs.has_changes == 'true' | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| TEST_FILE="tests/smoke-${{ inputs.test }}.yaml" | |
| BRANCH_NAME="regenerate-test-${{ inputs.test }}-$(date +%s)" | |
| git config user.name "github-actions[bot]" | |
| git config user.email "github-actions[bot]@users.noreply.github.com" | |
| git checkout -b "$BRANCH_NAME" | |
| git add "$TEST_FILE" | |
| git commit -m "Regenerate ${{ inputs.test }} test" | |
| git push origin "$BRANCH_NAME" | |
| CORE_BRANCH_NOTE="" | |
| if [ -n "${{ inputs.core-branch }}" ]; then | |
| CORE_BRANCH_NOTE=$'\n**dependabot-core branch:** `${{ inputs.core-branch }}`' | |
| CORE_BRANCH_NOTE+=$'\n**Updater image:** `${{ steps.resolve_image.outputs.image }}`\n' | |
| fi | |
| PR_BODY=$(cat <<EOF | |
| This PR regenerates the \`${{ inputs.test }}\` test file. | |
| **Test regenerated:** \`$TEST_FILE\` | |
| ${CORE_BRANCH_NOTE} | |
| The test was regenerated using \`dependabot test\` to update it with the latest dependency information. | |
| Please review the changes to ensure they are expected. | |
| EOF | |
| ) | |
| gh pr create \ | |
| --title "Regenerate ${{ inputs.test }} test" \ | |
| --body "$PR_BODY" \ | |
| --base main \ | |
| --head "$BRANCH_NAME" |