From 0777bf8a9c40356e3bbcfc00548c00379a14d0d3 Mon Sep 17 00:00:00 2001
From: Daniel Schmidt <danielmschmidt92@gmail.com>
Date: Thu, 6 Jan 2022 10:48:06 +0100
Subject: [PATCH] chore: replace dependabot with a weekly running script

Closes #1373
---
 .github/dependabot.yml             |   9 ---
 .github/workflows/yarn-upgrade.yml | 113 +++++++++++++++++++++++++++++
 2 files changed, 113 insertions(+), 9 deletions(-)
 delete mode 100644 .github/dependabot.yml
 create mode 100644 .github/workflows/yarn-upgrade.yml

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
deleted file mode 100644
index 8925283d6a..0000000000
--- a/.github/dependabot.yml
+++ /dev/null
@@ -1,9 +0,0 @@
-version: 2
-updates:
-  - package-ecosystem: npm
-    versioning-strategy: lockfile-only
-    directory: /
-    schedule:
-      interval: daily
-    commit-message:
-      prefix: "chore(deps):"
diff --git a/.github/workflows/yarn-upgrade.yml b/.github/workflows/yarn-upgrade.yml
new file mode 100644
index 0000000000..a528abf934
--- /dev/null
+++ b/.github/workflows/yarn-upgrade.yml
@@ -0,0 +1,113 @@
+name: Yarn Upgrade
+
+on:
+  schedule:
+    # Every monday at 13:37 UTC
+    - cron: 37 13 * * 1
+  workflow_dispatch: {}
+
+jobs:
+  upgrade:
+    name: Yarn Upgrade
+    permissions:
+      contents: read
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check Out
+        uses: actions/checkout@v2
+
+      - name: Set up Node
+        uses: actions/setup-node@v2.5.0
+        with:
+          node-version: 12
+
+      - name: Locate Yarn cache
+        id: yarn-cache
+        run: echo "::set-output name=dir::$(yarn cache dir)"
+
+      - name: Restore Yarn cache
+        uses: actions/cache@v2.1.7
+        with:
+          path: ${{ steps.yarn-cache.outputs.dir }}
+          key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
+          restore-keys: |-
+            ${{ runner.os }}-yarn-
+      - name: Install Tools
+        run: |-
+          npm -g install lerna npm-check-updates@^9.0.0
+      - name: List Mono-Repo Packages
+        id: list-packages
+        # These need to be ignored from the `ncu` runs!
+        run: |-
+          echo -n "::set-output name=list::"
+          node -p "$(lerna ls --all --json 2>/dev/null).map(item => item.name).join(',')"
+      - name: Run "ncu -u"
+        # We special-case @types/node because we want to stay on the current major (minimum supported node release)
+        # We special-case @types/fs-extra because the current major (9.x) is broken with @types/node >= 10
+        # We special-case typescript because it's not semantically versioned
+        # We special-case constructs because we want to stay in control of the minimum compatible version
+        # We special-case lerna because we have a patch on it that stops applying if Lerna upgrades. Remove this once https://github.com/lerna/lerna/pull/2874 releases.
+        run: |-
+          # Upgrade dependencies at repository root
+          ncu --upgrade --filter=@types/node,@types/fs-extra --target=minor
+          ncu --upgrade --filter=typescript --target=patch
+          ncu --upgrade --reject=@types/node,@types/fs-extra,constructs,typescript,lerna --target=minor
+          # Upgrade all the packages
+          lerna exec --parallel ncu -- --upgrade --filter=@types/node,@types/fs-extra --target=minor
+          lerna exec --parallel ncu -- --upgrade --filter=typescript --target=patch
+          lerna exec --parallel ncu -- --upgrade --reject='@types/node,@types/fs-extra,constructs,typescript,${{ steps.list-packages.outputs.list }}'  --target=minor
+      # This will ensure the current lockfile is up-to-date with the dependency specifications (necessary for "yarn update" to run)
+      - name: Run "yarn install"
+        run: yarn install
+
+      - name: Run "yarn upgrade"
+        run: yarn upgrade
+
+      # Next, create and upload the changes as a patch file. This will later be downloaded to create a pull request
+      # Creating a pull request requires write permissions and it's best to keep write privileges isolated.
+      - name: Create Patch
+        run: |-
+          git add .
+          git diff --patch --staged > ${{ runner.temp }}/upgrade.patch
+      - name: Upload Patch
+        uses: actions/upload-artifact@v2
+        with:
+          name: upgrade.patch
+          path: ${{ runner.temp }}/upgrade.patch
+
+  pr:
+    name: Create Pull Request
+    needs: upgrade
+    permissions:
+      contents: write
+      pull-requests: write
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check Out
+        uses: actions/checkout@v2
+
+      - name: Download patch
+        uses: actions/download-artifact@v2
+        with:
+          name: upgrade.patch
+          path: ${{ runner.temp }}
+
+      - name: Apply patch
+        run:
+          '[ -s ${{ runner.temp }}/upgrade.patch ] && git apply ${{ runner.temp
+          }}/upgrade.patch || echo "Empty patch. Skipping."'
+
+      - name: Make Pull Request
+        uses: peter-evans/create-pull-request@v3
+        with:
+          # Git commit details
+          branch: automation/yarn-upgrade
+          commit-message: |-
+            chore: npm-check-updates && yarn upgrade
+            Ran npm-check-updates and yarn upgrade to keep the `yarn.lock` file up-to-date.
+          # Pull Request details
+          title: "chore: npm-check-updates && yarn upgrade"
+          body: |-
+            Ran npm-check-updates and yarn upgrade to keep the `yarn.lock` file up-to-date.
+          labels: contribution/core,dependencies,auto-approve
+          team-reviewers: cdktf