Automatically run npm audit fix #1
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: autorun-npm-audit-fix | |
| run-name: Automatically run npm audit fix | |
| on: | |
| schedule: | |
| - cron: '45 08 1 * *' # Run at 1:45 AM PDT on the 1st of every month | |
| jobs: | |
| autorun-npm-audit-fix: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: write | |
| defaults: | |
| run: | |
| shell: bash | |
| working-directory: ./ | |
| steps: | |
| - name: Check out repository | |
| uses: actions/checkout@v4 | |
| - name: Set up node | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: '18' | |
| - name: Get whether autorun-npm-audit-fix branch exists | |
| run: | | |
| echo "Getting whether autorun-npm-audit-fix branch exists" | |
| git config user.name github-actions | |
| git config user.email [email protected] | |
| { | |
| echo 'git_ls_remote_origin_autorun_npm_audit_fix<<EOF' | |
| git ls-remote origin autorun-npm-audit-fix | |
| echo EOF | |
| } >> "$GITHUB_OUTPUT" | |
| id: run_git_ls_remote_origin_autorun_npm_audit_fix | |
| - name: Delete autorun-npm-audit-fix if it exists | |
| if: ${{ contains(steps.run_git_ls_remote_origin_autorun_npm_audit_fix.outputs.git_ls_remote_origin_autorun_npm_audit_fix, '/autorun-npm-audit-fix') }} | |
| run: | | |
| echo "Deleting remote autorun-npm-audit-fix branch" | |
| git push origin --delete autorun-npm-audit-fix | |
| - name: Run npm audit fix | |
| run: | | |
| echo "Running npm audit fix (breaking changes will need to be addressed manually)" | |
| npm audit fix || true | |
| - name: Add any changes | |
| run: | | |
| echo "Determining if there are any changes" | |
| git config user.name github-actions | |
| git config user.email [email protected] | |
| git checkout -b autorun-npm-audit-fix | |
| git add . | |
| - name: Run git status | |
| run: | | |
| { | |
| echo 'git_status<<EOF' | |
| git status | |
| echo EOF | |
| } >> "$GITHUB_OUTPUT" | |
| id: run_git_status | |
| - name: Commit and push changes if any | |
| if: ${{ !contains(steps.run_git_status.outputs.git_status, 'nothing to commit, working tree clean') }} | |
| run: | | |
| echo "Committing and pushing changes to autorun-npm-audit-fix branch" | |
| git commit -m "Automatically run npm audit fix" | |
| git push --set-upstream origin autorun-npm-audit-fix |