podman
1#! /usr/bin/env bash
2#
3# dependabot-dance - invoked to perform manual steps on podman dependabot PRs
4#
5# As best I can tell (please correct me if mistaken), dependabot's job is
6# to submit PRs with a change only in 'go.mod' but without actually
7# running 'make vendor' to update the source files under vendor. This
8# requires a human to run those steps.
9#
10# This script automates that, with a few safety checks.
11#
12ME=$(basename $0)13missing=" argument is missing; see $ME --help for details"14usage="Usage: $ME [--help] [-v|--verbose]15
16$ME performs a series of magical steps to get dependabot PRs17ready for merge. The important one is 'make vendor-in-container',
18everything else is scaffolding to check out the PR and push it back.
19
20Flags:
21--help display usage message
22-v, --verbose verbose output
23"
24
25verbose=26for i27do
28value=$(expr "$i" : '[^=]*=\(.*\)')29case "$i" in30-h*|--help) echo "$usage"; exit 0;;31-v|--verbose) verbose=$i; shift;;32-*) echo "$ME: unrecognized option $i" >&233echo "$usage" >&234exit 1;;35*) break;;36esac37done
38
39die () {40echo "$ME: $*" >&241exit 142}
43
44function branch_dance() {45local branch="$1"46
47# User will appreciate seeing 'git' and 'make' commands, but nothing else48set -x49git checkout -t $branch50set +x51
52# Commit must be from dependabot53author=$(git show --no-patch --format='format:%an' HEAD)54if ! [[ $author =~ dependabot ]]; then55echo56echo "Commit author is '$author' (expected 'dependabot')"57echo -n "Continue? [y/N] "58read answer59case "$answer" in60[yY]*) ;;61*) exit 1;;62esac63fi64
65# This is what does all the work66set -x67make vendor-in-container68set +x69
70# Now make sure at least *something* changed under vendor71modified=$(git ls-files -m vendor)72if [[ -z "$modified" ]]; then73echo "No files changed under 'vendor' -- nothing to do!"74return75fi76
77# Okay, here we go78set -x79git add vendor80git commit -a --amend -s --no-edit81git push --force82set +x83
84# Try to leave things in relatively clean state; remove local branch copy85local tracking_branch=$(git branch --show-current)86git checkout main87git branch -d $tracking_branch88}
89
90
91
92
93# Make sure we're cd'ed to the top level of a podman repo
94test -d .git || die "No .git subdirectory (please cd to top level)"95
96# Clear all dependabot remote branches
97git branch -r | grep /dependabot/go_modules/ \98| xargs --no-run-if-empty git branch -r -d99
100# ...and pull new ones
101git pull --all102
103# Abort on any error from here on
104set -e105
106# We cannot have any git-modified files
107modified=$(git ls-files -m)108test -z "$modified" || die "Modified files exist: $modified"109
110for branch in $(git branch -r | grep /dependabot/go_modules/); do111echo112echo ">>>>> $branch"113branch_dance $branch114done
115