-
-
Notifications
You must be signed in to change notification settings - Fork 3k
116 lines (97 loc) · 4.11 KB
/
update-plugins.yml
File metadata and controls
116 lines (97 loc) · 4.11 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
name: Update Plugins
on:
schedule:
- cron: '0 6 * * *' # Daily at 06:00 UTC
workflow_dispatch: # Allow manual trigger
# The cross-repo work (cloning ether/ep_* repos, pushing updates, merging
# Dependabot PRs) is authenticated via secrets.PLUGINS_PAT. The default
# GITHUB_TOKEN only needs read access to this repo for actions/checkout.
permissions:
contents: read
jobs:
update-plugins:
runs-on: ubuntu-latest
steps:
- name: Check out etherpad-lite
uses: actions/checkout@v6
- uses: pnpm/action-setup@v6
name: Install pnpm
with:
version: 10.33.2
run_install: false
- name: Use Node.js
uses: actions/setup-node@v6
with:
node-version: 22
- name: Install bin dependencies
working-directory: ./bin
run: pnpm install
- name: Configure git
run: |
git config --global user.name 'github-actions[bot]'
git config --global user.email '41898282+github-actions[bot]@users.noreply.github.com'
- name: Clone and update all plugins
env:
GH_TOKEN: ${{ secrets.PLUGINS_PAT }}
run: |
# Configure git to use the PAT for all ether/ repos
git config --global url."https://x-access-token:${GH_TOKEN}@github.com/ether/".insteadOf "https://github.com/ether/"
cd ..
# List all ep_* repos from ether org
plugins=$(gh repo list ether --limit 200 --json name --jq '.[] | select(.name | startswith("ep_")) | .name')
failed=""
succeeded=""
skipped=""
for plugin in $plugins; do
echo "============================================================"
echo "Processing $plugin"
echo "============================================================"
# Clone if not present
if [ ! -d "$plugin" ]; then
git clone "https://github.com/ether/${plugin}.git" "$plugin" || { echo "SKIP: clone failed"; skipped="$skipped $plugin"; continue; }
fi
# Pull latest
(cd "$plugin" && git pull --ff-only) || { echo "SKIP: pull failed"; skipped="$skipped $plugin"; continue; }
# Run checkPlugin with autopush — continue on failure
if cd etherpad-lite/bin && pnpm run checkPlugin "$plugin" autopush 2>&1; then
succeeded="$succeeded $plugin"
else
echo "WARN: checkPlugin failed for $plugin"
failed="$failed $plugin"
fi
cd ../..
done
echo ""
echo "============================================================"
echo "SUMMARY"
echo "============================================================"
echo "Succeeded:$(echo $succeeded | wc -w) -$succeeded"
echo "Failed:$(echo $failed | wc -w) -$failed"
echo "Skipped:$(echo $skipped | wc -w) -$skipped"
- name: Merge clean Dependabot PRs on plugin repos
env:
GH_TOKEN: ${{ secrets.PLUGINS_PAT }}
run: |
# For every ep_* repo under ether, merge any Dependabot PR whose
# mergeStateStatus is CLEAN (no conflicts, branch up to date, all
# required checks green). Anything else is left alone for a human.
plugins=$(gh repo list ether --limit 200 --json name --jq '.[] | select(.name | startswith("ep_")) | .name')
merged=""
for plugin in $plugins; do
repo="ether/${plugin}"
prs=$(gh pr list --repo "$repo" \
--author "app/dependabot" \
--state open \
--json number,mergeStateStatus,title \
--jq '.[] | select(.mergeStateStatus=="CLEAN") | .number') || continue
for pr in $prs; do
echo "Merging ${repo}#${pr}"
if gh pr merge --repo "$repo" --squash --delete-branch "$pr"; then
merged="$merged ${repo}#${pr}"
else
echo "WARN: failed to merge ${repo}#${pr}"
fi
done
done
echo ""
echo "Merged Dependabot PRs:$merged"