From 06246ef55e2499d118178bef09818933dc158cce Mon Sep 17 00:00:00 2001 From: sudheer0071 Date: Sat, 5 Oct 2024 21:29:53 +0530 Subject: [PATCH 1/4] script to update the outdated packages --- .github/workflows/outdated-packages.yml | 30 +++++++++++++++++++++++++ .github/workflows/trivy.yml | 25 +++++++++++++++++++++ 2 files changed, 55 insertions(+) create mode 100644 .github/workflows/outdated-packages.yml diff --git a/.github/workflows/outdated-packages.yml b/.github/workflows/outdated-packages.yml new file mode 100644 index 0000000..65539ac --- /dev/null +++ b/.github/workflows/outdated-packages.yml @@ -0,0 +1,30 @@ +name: Check for outdated npm packages + +on: + pull_request: + types: [opened, reopened, synchronize] + +jobs: + outdated-packages: + runs-on: ubuntu-latest + + steps: + - name: Checkout code + uses: actions/checkout@v3 + + - name: Set up Node.js + uses: actions/setup-node@v3 + with: + node-version: '20.x' + + + - name: Install dependencies + run: npm install + + + - name: Check for outdated npm packages + run: npx npm-check-updates + + # Optionally fail the workflow if any outdated packages are found + - name: Fail if outdated packages are found + run: npx npm-check-updates --error-level 2 diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml index ff94a7d..cad5919 100644 --- a/.github/workflows/trivy.yml +++ b/.github/workflows/trivy.yml @@ -40,6 +40,31 @@ jobs: run: | npm outdated > npm-outdated-report.txt || echo "Some packages may be outdated." + - name: Updates the outdated dependencies + run: + npx npm-check-updates -u + npm update + + - name: Commit changes push them + run: | + git config --global user.name 'github-actions[bot]' + git config --global user.email 'github-actions[bot]@users.noreply.github.com' + git add package.json package-lock.json + git commit -m "chore: update outdated npm packages" + git push origin HEAD || echo "No changes to push" + + - name: Create Pull Request for updated Dependenncies + uses: peter-evans/create-pull-request@v5 + with: + branch: update-dependencies-branch + title: "chore: update outdated npm dependencies" + body: | + This PR updates the following outdated npm dependencies: + - Updated dependencies using npm-check-updates + - Automatically created by GitHub Actions + commit-message: "chore: update outdated npm dependencies" + labels: "dependencies, automated update" + assignees: "your-github-username" # Optional: assign the PR to someone - name: Handling empty files run: | is_empty(){ From be26b2e16ac941de97d9d07798ffb06b05f552d8 Mon Sep 17 00:00:00 2001 From: sudheer0071 Date: Sat, 5 Oct 2024 21:32:28 +0530 Subject: [PATCH 2/4] removing the separate file of outdated workflow file --- .github/workflows/outdated-packages.yml | 30 ------------------------- 1 file changed, 30 deletions(-) delete mode 100644 .github/workflows/outdated-packages.yml diff --git a/.github/workflows/outdated-packages.yml b/.github/workflows/outdated-packages.yml deleted file mode 100644 index 65539ac..0000000 --- a/.github/workflows/outdated-packages.yml +++ /dev/null @@ -1,30 +0,0 @@ -name: Check for outdated npm packages - -on: - pull_request: - types: [opened, reopened, synchronize] - -jobs: - outdated-packages: - runs-on: ubuntu-latest - - steps: - - name: Checkout code - uses: actions/checkout@v3 - - - name: Set up Node.js - uses: actions/setup-node@v3 - with: - node-version: '20.x' - - - - name: Install dependencies - run: npm install - - - - name: Check for outdated npm packages - run: npx npm-check-updates - - # Optionally fail the workflow if any outdated packages are found - - name: Fail if outdated packages are found - run: npx npm-check-updates --error-level 2 From 312f5beeb1ad14257d08fc147f4653ba1d793b0c Mon Sep 17 00:00:00 2001 From: sudheer0071 Date: Mon, 7 Oct 2024 01:38:07 +0530 Subject: [PATCH 3/4] fixed the base repo issue --- .github/workflows/trivy.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml index cad5919..331eebb 100644 --- a/.github/workflows/trivy.yml +++ b/.github/workflows/trivy.yml @@ -56,7 +56,8 @@ jobs: - name: Create Pull Request for updated Dependenncies uses: peter-evans/create-pull-request@v5 with: - branch: update-dependencies-branch + branch: update-dependencies-branch + base: ${{ github.base_ref }} title: "chore: update outdated npm dependencies" body: | This PR updates the following outdated npm dependencies: @@ -65,6 +66,7 @@ jobs: commit-message: "chore: update outdated npm dependencies" labels: "dependencies, automated update" assignees: "your-github-username" # Optional: assign the PR to someone + - name: Handling empty files run: | is_empty(){ From 580191b5403acb31ac5b6d228d866cc177a21a97 Mon Sep 17 00:00:00 2001 From: sudheer0071 Date: Mon, 7 Oct 2024 16:28:44 +0530 Subject: [PATCH 4/4] fixed the travy checks failed issue --- .github/workflows/trivy.yml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml index 331eebb..c260b14 100644 --- a/.github/workflows/trivy.yml +++ b/.github/workflows/trivy.yml @@ -4,6 +4,9 @@ on: pull_request: types: [opened, reopened, synchronize] +permissions: + contents: write + jobs: trivy_scan: runs-on: ubuntu-latest @@ -56,7 +59,8 @@ jobs: - name: Create Pull Request for updated Dependenncies uses: peter-evans/create-pull-request@v5 with: - branch: update-dependencies-branch + token: ${{ secrets.GITHUB_TOKEN }} + branch: update-dependencies-branch base: ${{ github.base_ref }} title: "chore: update outdated npm dependencies" body: |