blob: 3cf7407532c4ee2b6c65ce7b73e39638ed288a97 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
|
#! /usr/bin/env bash
#
# dependabot-dance - invoked to perform manual steps on podman dependabot PRs
#
# As best I can tell (please correct me if mistaken), dependabot's job is
# to submit PRs with a change only in 'go.mod' but without actually
# running 'make vendor' to update the source files under vendor. This
# requires a human to run those steps.
#
# This script automates that, with a few safety checks.
#
ME=$(basename $0)
missing=" argument is missing; see $ME --help for details"
usage="Usage: $ME [--help] [-v|--verbose]
$ME performs a series of magical steps to get dependabot PRs
ready for merge. The important one is 'make vendor-in-container',
everything else is scaffolding to check out the PR and push it back.
Flags:
--help display usage message
-v, --verbose verbose output
"
verbose=
for i
do
value=$(expr "$i" : '[^=]*=\(.*\)')
case "$i" in
-h*|--help) echo "$usage"; exit 0;;
-v|--verbose) verbose=$i; shift;;
-*) echo "$ME: unrecognized option $i" >&2
echo "$usage" >&2
exit 1;;
*) break;;
esac
done
die () {
echo "$ME: $*" >&2
exit 1
}
function branch_dance() {
local branch="$1"
# User will appreciate seeing 'git' and 'make' commands, but nothing else
set -x
git checkout -t $branch
set +x
# Commit must be from dependabot
author=$(git show --no-patch --format='format:%an' HEAD)
if ! [[ $author =~ dependabot ]]; then
echo
echo "Commit author is '$author' (expected 'dependabot')"
echo -n "Continue? [y/N] "
read ans
case "$ans" in
[yY]*) ;;
*) exit 1;;
esac
fi
# This is what does all the work
set -x
make vendor-in-container
set +x
# Now make sure at least *something* changed under vendor
modified=$(git ls-files -m vendor)
if [[ -z "$modified" ]]; then
echo "No files changed under 'vendor' -- nothing to do!"
return
fi
# Okay, here we go
set -x
git add vendor
git commit -a --amend -s --no-edit
git push --force
set +x
# Try to leave things in relatively clean state; remove local branch copy
local tracking_branch=$(git branch --show-current)
git checkout master
git branch -d $tracking_branch
}
# Make sure we're cd'ed to the top level of a podman repo
test -d .git || die "No .git subdirectory (please cd to top level)"
# Clear all dependabot remote branches
git branch -r | grep /dependabot/go_modules/ \
| xargs --no-run-if-empty git branch -r -d
# ...and pull new ones
git pull --all
# Abort on any error from here on
set -e
# We cannot have any git-modified files
modified=$(git ls-files -m)
test -z "$modified" || die "Modified files exist: $modified"
for branch in $(git branch -r | grep /dependabot/go_modules/); do
echo
echo ">>>>> $branch"
branch_dance $branch
done
|
