diff --git a/.github/workflows/changelog.yml b/.github/workflows/changelog.yml index 7dca9e556..5a5eafc6d 100644 --- a/.github/workflows/changelog.yml +++ b/.github/workflows/changelog.yml @@ -22,8 +22,6 @@ jobs: # Depending on your needs, you can use a token that will re-trigger workflows # See https://github.com/stefanzweifel/git-auto-commit-action#commits-made-by-this-action-do-not-trigger-new-workflow-runs token: ${{ secrets.BOT_CPR_PAT }} - # Need full history to diff against. - fetch-depth: 0 # All commits must be signed, import key and sign commit of updated change log. - name: Import GPG key @@ -42,7 +40,14 @@ jobs: # Using an env var for it (like this) prevents that vulnerability. PR_TITLE: ${{ github.event.pull_request.title }} PR_NUM: ${{ github.event.number }} - run: ./scripts/dependabot-changelog.sh --pr "$PR_NUM" --title "$PR_TITLE" --branch "$GITHUB_HEAD_REF" --verbose + run: \ + git fetch origin "$GITHUB_BASE_REF" --depth 1 + ./scripts/dependabot-changelog.sh \ + --verbose \ + --pr "$PR_NUM" \ + --title "$PR_TITLE" \ + --head-branch "$GITHUB_HEAD_REF" \ + --target-branch "$GITHUB_BASE_REF" # This step is required for committing the changes to your branch. # See https://github.com/stefanzweifel/git-auto-commit-action#commits-made-by-this-action-do-not-trigger-new-workflow-runs diff --git a/scripts/dependabot-changelog.sh b/scripts/dependabot-changelog.sh index 0ffa19cde..80c5dea84 100755 --- a/scripts/dependabot-changelog.sh +++ b/scripts/dependabot-changelog.sh @@ -2,10 +2,32 @@ # This script will create the changelog entry for a dependabot PR. # It's designed to be called by a github action kicked off because of a dependabot PR. +show_usage () { + cat << EOF +dependabot-changelog.sh will create the changelog entries for a dependabot PR. + +Usage: ./dependabot-changelog.sh --pr --title --head-branch <branch> --target-branch <branch> + +--pr <num> + Identifies the PR number for use in the links as well as the changelog filename. +--title <title> + Identifies the title of the PR. It is used when there are no changes to go.mod. + Expected format: "Bump <library> to <new version> from <old version>" +--head-branch <branch> + Identifies the name of the branch with the change that we want merged into the target branch. + For dependabot changes, it will have the format "dependabot/<type>/<library>-<new version>". + The filename containing the new entries is derived from this. +--target-branch <branch> + Identifies the branch that this PR is going into. It will almost always be "main". + +EOF + +} + while [[ "$#" -gt '0' ]]; do case "$1" in --help) - printf 'Usage: ./dependabot-changelog.sh --pr <num> --title <title> --branch <branch>\n' + printf 'Usage: ./dependabot-changelog.sh --pr <num> --title <title> --head-branch <branch> --target-branch <branch>\n' exit 0 ;; -p|--pull-request|--pr) @@ -28,12 +50,20 @@ while [[ "$#" -gt '0' ]]; do title="$2" shift ;; - -b|--branch) + --head-branch) if [[ -z "$2" ]]; then printf 'No argument provided after %s\n' "$1" exit 1 fi - branch="$2" + head_branch="$2" + shift + ;; + --target-branch) + if [[ -z "$2" ]]; then + printf 'No argument provided after %s\n' "$1" + exit 1 + fi + target_branch="$2" shift ;; -v|--verbose) @@ -47,32 +77,39 @@ while [[ "$#" -gt '0' ]]; do shift done -if [[ -z "$branch" ]]; then - branch="$( git branch --show-current )" +if [[ -z "$head_branch" ]]; then + head_branch="$( git branch --show-current )" fi -if [[ -z "$branch" || "$branch" == 'HEAD' ]]; then - printf 'Could not determine the branch and no --branch <branch> provided.\n' +if [[ -z "$head_branch" || "$head_branch" == 'HEAD' ]]; then + printf 'Could not determine the head branch and no --head-branch <branch> provided.\n' exit 1 fi -[[ -n "$verbose" ]] && printf 'Branch: "%s"\n' "$branch" +[[ -n "$verbose" ]] && printf ' Head Branch: "%s"\n' "$head_branch" + +if [[ -z "$target_branch" ]]; then + printf 'No --target-branch <branch> provided.\n' + exit 1 +fi +[[ -n "$verbose" ]] && printf 'Target Branch: "%s"\n' "$head_branch" + if [[ -z "$pr" ]]; then printf 'No --pr <num> provided.\n' exit 1 fi -[[ -n "$verbose" ]] && printf ' PR: "%s"\n' "$pr" +[[ -n "$verbose" ]] && printf ' PR: "%s"\n' "$pr" if [[ -z "$title" ]]; then printf 'No --title <title> provided.\n' exit 1 fi -[[ -n "$verbose" ]] && printf 'Title: "%s"\n' "$title" +[[ -n "$verbose" ]] && printf ' Title: "%s"\n' "$title" # Dependabot branch names look like this: "dependabot/github_actions/bufbuild/buf-setup-action-1.34.0" # The "github_actions" can also be "go_modules" (anb probably other things too). # For the filename, we'll omit the "dependabot/<lib type>/" part and use just what's left. -branch_fn="$( sed -E 's|^[^/]+/[^/]+/||; s|/|-|g;' <<< "$branch" )" +branch_fn="$( sed -E 's|^[^/]+/[^/]+/||; s|/|-|g;' <<< "$head_branch" )" [[ -n "$verbose" ]] && printf 'Branch Filename: "%s"\n' "$branch_fn" # This script requires another script that must be in the same directory. @@ -82,7 +119,7 @@ where_i_am="$( cd "$( dirname "${BASH_SOURCE:-$0}" )"; pwd -P )" # Run the script to create the entry from the changes in go.mod. # The $verbose variable is purposely not quoted so that it doesn't count as an arg if it's empty. -"$where_i_am/get-dep-changes.sh" --pr "$pr" --name "$branch_fn" $verbose --force +"$where_i_am/get-dep-changes.sh" --pr "$pr" --name "$branch_fn" $verbose --force --target-branch "$target_branch" ec=$? # That script exits with 0 when there are go.mod changes and the new file was created. # If there were go.mod changes, we're all done here. diff --git a/scripts/get-dep-changes.sh b/scripts/get-dep-changes.sh index 1a5537545..aa12b7900 100755 --- a/scripts/get-dep-changes.sh +++ b/scripts/get-dep-changes.sh @@ -7,7 +7,7 @@ show_usage () { get-dep-changes.sh: Analyze changes made to go.mod and generate changelog entries. Usage: ./get-dep-changes.sh {-p|--pull-request|--pr <num> | -n|--issue-no|--issue <num>} - [--name <name> [--dir <dir>]] [--branch <branch>] + [--name <name> [--dir <dir>]] [--target-branch <branch>] [-v|--verbose] [--no-clean] [--force] [-h|--help] You must provide either a PR number or issue number, but you cannot provide both. @@ -31,7 +31,7 @@ If a name is provided, the entries are written to a file, otherwise stdout. This arg only has meaning if --name is also provided. The default is '<repo root>.changelog/unreleased/dependencies'. ---branch <branch> +--target-branch <branch> Providing this option allows you to compare current changes against a branch other than main. By default, <branch> is "main". @@ -65,7 +65,7 @@ while [[ "$#" -gt '0' ]]; do -v|--verbose) verbose='YES' ;; - -b|--branch) + --target-branch) if [[ -z "$2" ]]; then printf 'No argument provided after %s\n' "$1" exit 1