From 4e6ae9434914d6df79f61b046c87f859aa31d1a4 Mon Sep 17 00:00:00 2001 From: Frazer Smith Date: Tue, 24 May 2022 08:30:21 +0100 Subject: [PATCH 1/7] ci(ci): run automerge only in pull-requests by dependabot --- .github/workflows/ci.yml | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 4790232..6e01df9 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -33,13 +33,20 @@ jobs: - name: Run Tests run: | npm test + automerge: + name: Automerge Dependabot PRs + if: > + github.event_name == 'pull_request' && + github.event.pull_request.user.login == 'dependabot[bot]' needs: test - runs-on: ubuntu-latest permissions: pull-requests: write contents: write + runs-on: ubuntu-latest steps: - uses: fastify/github-action-merge-dependabot@v3 with: + exclude: ${{ inputs.auto-merge-exclude }} github-token: ${{ secrets.GITHUB_TOKEN }} + target: major From b6261b3d58202fccd462f3f7af2c1ccf9956a4b0 Mon Sep 17 00:00:00 2001 From: Frazer Smith Date: Tue, 24 May 2022 08:31:23 +0100 Subject: [PATCH 2/7] ci(ci): add dependency review job --- .github/workflows/ci.yml | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 6e01df9..346d13a 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -9,6 +9,21 @@ name: CI - docs/** - '*.md' jobs: + dependency-review: + name: Dependency Review + if: github.event_name == 'pull_request' + runs-on: ubuntu-latest + permissions: + contents: read + steps: + - name: Check out repo + uses: actions/checkout@v3 + with: + persist-credentials: false + + - name: Dependency review + uses: actions/dependency-review-action@v1 + test: runs-on: ubuntu-latest strategy: From 5751c0537fd3bf6b3888410e157921295ae7c9f0 Mon Sep 17 00:00:00 2001 From: Frazer Smith Date: Tue, 24 May 2022 08:32:22 +0100 Subject: [PATCH 3/7] ci(ci): remove git credentials after checkout --- .github/workflows/ci.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 346d13a..707ce1e 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -38,6 +38,8 @@ jobs: discovery.type: single-node steps: - uses: actions/checkout@v3 + with: + persist-credentials: false - name: Use Node.js uses: actions/setup-node@v3 with: From d8e9e1a45d9e8eebbf4777dc44788132776114a6 Mon Sep 17 00:00:00 2001 From: Frazer Smith Date: Tue, 24 May 2022 08:33:59 +0100 Subject: [PATCH 4/7] style(ci): add names and whitespace to improve readability --- .github/workflows/ci.yml | 26 +++++++++++++++----------- 1 file changed, 15 insertions(+), 11 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 707ce1e..41d66e5 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -1,13 +1,15 @@ name: CI -'on': + +on: push: paths-ignore: - - docs/** + - 'docs/**' - '*.md' pull_request: paths-ignore: - - docs/** + - 'docs/**' - '*.md' + jobs: dependency-review: name: Dependency Review @@ -37,19 +39,21 @@ jobs: env: discovery.type: single-node steps: - - uses: actions/checkout@v3 + - name: Check out repo + uses: actions/checkout@v3 with: persist-credentials: false - - name: Use Node.js + + - name: Setup Node ${{ matrix.node-version }} uses: actions/setup-node@v3 with: node-version: ${{ matrix.node-version }} - - name: Install Dependencies - run: | - npm install --ignore-scripts - - name: Run Tests - run: | - npm test + + - name: Install dependencies + run: npm i --ignore-scripts + + - name: Run tests + run: npm test automerge: name: Automerge Dependabot PRs From b00934f46cabc2823e88e8ac9dfb388630389315 Mon Sep 17 00:00:00 2001 From: Frazer Smith Date: Tue, 24 May 2022 08:34:50 +0100 Subject: [PATCH 5/7] docs(readme): remove snyk badge --- README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/README.md b/README.md index e0a7978..7dec6ef 100644 --- a/README.md +++ b/README.md @@ -2,7 +2,6 @@ ![CI](https://github.com/fastify/fastify-elasticsearch/workflows/CI/badge.svg) [![NPM version](https://img.shields.io/npm/v/@fastify/elasticsearch.svg?style=flat)](https://www.npmjs.com/package/@fastify/elasticsearch) -[![Known Vulnerabilities](https://snyk.io/test/github/fastify/fastify-elasticsearch/badge.svg)](https://snyk.io/test/github/fastify/fastify-elasticsearch) [![js-standard-style](https://img.shields.io/badge/code%20style-standard-brightgreen.svg?style=flat)](https://standardjs.com/) Fastify plugin for [Elasticsearch](https://www.elastic.co/elasticsearch/) for sharing the same ES client in every part of your server. From 01eb7b385520c14c56afb702010cf8df3ce6334a Mon Sep 17 00:00:00 2001 From: Frazer Smith Date: Tue, 24 May 2022 08:45:41 +0100 Subject: [PATCH 6/7] ci(ci): remove invalid input --- .github/workflows/ci.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 41d66e5..f7f79a3 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -68,6 +68,5 @@ jobs: steps: - uses: fastify/github-action-merge-dependabot@v3 with: - exclude: ${{ inputs.auto-merge-exclude }} github-token: ${{ secrets.GITHUB_TOKEN }} target: major From d61db2702a1159b8ef50bb63ddf24153e8a882c6 Mon Sep 17 00:00:00 2001 From: Frazer Smith Date: Tue, 24 May 2022 09:05:28 +0100 Subject: [PATCH 7/7] ci(ci): set permissions for `test` job --- .github/workflows/ci.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index f7f79a3..e4d1cd4 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -28,6 +28,8 @@ jobs: test: runs-on: ubuntu-latest + permissions: + contents: read strategy: matrix: node-version: [14, 16, 18]