From cf1855ae373d29880b1ec364f26103902aeaac70 Mon Sep 17 00:00:00 2001 From: Henry Mercer Date: Fri, 24 Feb 2023 20:04:38 +0000 Subject: [PATCH] Fix workflow to update dependencies Port over the fix from https://github.com/github/codeql-action/pull/1544 and share code so these scripts don't get out of sync again. --- .github/workflows/script/check-node-modules.sh | 10 +--------- .../workflows/script/update-node-modules.sh | 18 ++++++++++++++++++ .github/workflows/update-dependencies.yml | 7 +------ 3 files changed, 20 insertions(+), 15 deletions(-) create mode 100755 .github/workflows/script/update-node-modules.sh diff --git a/.github/workflows/script/check-node-modules.sh b/.github/workflows/script/check-node-modules.sh index 9178536304..d25995d879 100755 --- a/.github/workflows/script/check-node-modules.sh +++ b/.github/workflows/script/check-node-modules.sh @@ -7,17 +7,9 @@ if [ ! -z "$(git status --porcelain)" ]; then >&2 echo "Failed: Repo should be clean before testing!" exit 1 fi -# When updating this, make sure to update the npm version in -# `.github/workflows/update-dependencies.yml` too. -sudo npm install --force -g npm@9.2.0 -# clean the npm cache to ensure we don't have any files owned by root -sudo npm cache clean --force +"$(dirname "$0")/update-node-modules.sh" check-only -# Reinstall modules and then clean to remove absolute paths -# Use 'npm ci' instead of 'npm install' as this is intended to be reproducible -npm ci -npm run removeNPMAbsolutePaths # Check that repo is still clean if [ ! -z "$(git status --porcelain)" ]; then # If we get a fail here then the PR needs attention diff --git a/.github/workflows/script/update-node-modules.sh b/.github/workflows/script/update-node-modules.sh new file mode 100755 index 0000000000..ff72f8e825 --- /dev/null +++ b/.github/workflows/script/update-node-modules.sh @@ -0,0 +1,18 @@ +if [ "$1" != "update" && "$1" != "check-only" ]; then + >&2 echo "Failed: Invalid argument. Must be 'update' or 'check-only'" + exit 1 +fi + +sudo npm install --force -g npm@9.2.0 + +# clean the npm cache to ensure we don't have any files owned by root +sudo npm cache clean --force + +if [ "$1" = "update" ]; then + npm install +fi + +# Reinstall modules and then clean to remove absolute paths +# Use 'npm ci' instead of 'npm install' as this is intended to be reproducible +npm ci +npm run removeNPMAbsolutePaths diff --git a/.github/workflows/update-dependencies.yml b/.github/workflows/update-dependencies.yml index eef8687bcb..92e4a6b2bd 100644 --- a/.github/workflows/update-dependencies.yml +++ b/.github/workflows/update-dependencies.yml @@ -27,12 +27,7 @@ jobs: run: | git fetch origin "$BRANCH" --depth=1 git checkout "origin/$BRANCH" - # When updating this, make sure to update the npm version in - # `.github/workflows/script/check-node-modules.sh` too. - sudo npm install --force -g npm@9.2.0 - npm install - npm ci - npm run removeNPMAbsolutePaths + .github/workflows/script/update-node-modules.sh update if [ ! -z "$(git status --porcelain)" ]; then git config --global user.email "github-actions@github.com" git config --global user.name "github-actions[bot]"