This repository has been created to have a open source version of tools created to update your code dependencies in a reproducible way. Since the mainstream methods only work against the cloud versions of the repositories hosting parties and not against a private server, I needed an easy way to do this for multiple projects.
- NuGet
- Yarn
- NPM
- GitLab On-premises: read more
docker run -it `
-e gitUserName="Rob Bos" `
-e gitUserEmail="rbos@maildomain.com" `
-e remoteUrl="https://my.gitlab.host/project/repository.git" `
-e PAT=$env:GITLAB_PAT `
-e gitLabProjectId="$env:gitLabProjectId" `
ghcr.io/rajbos/local-dependency-updates:latest `
pwsh start.ps1 -updateType "nuget" -targetType "gitlab"
My main usage for this image is to use it in a GitLab, as simple as possible. Below are the examples for NuGet and Yarn against a GitLab private server that we run on a schedule:
To update NuGet packages we use NuKeeper to check for updates.
nuget_update:on-schedule:
only:
- schedules
image:
name: ghcr.io/rajbos/local-dependency-updates:test
script:
# we are in /builds/project/repository
- export PAT=$GitLabToken # load the GitLab access token storied in GitLab as environment variable
- export branchPrefix="nuget-updates" # prefix to use for the new branch
# run call to update dependencies with settings what to do
- pwsh .$CI_BUILDS_DIR/../dependency-updates/start.ps1 nuget gitlabTo update NPM packages with Yarn we use the default yarn upgrade command and check with git diff-index HEAD if there are any changed files.
Full set of yarn commands we trigger:
yarn
yarn eslint
yarn build
yarn upgradeJob example:
yarn_update:on-schedule:
stage: update-yarn
only:
- schedules
image:
name: ghcr.io/rajbos/local-dependency-updates:latest
script:
- export PAT=$GitLabToken # load the GitLab access token from GitLab in the env vars
- export branchPrefix="yarn-updates" # prefix to use for the new branch
# we need npm authentication for this project
- echo "" >> .npmrc # add a new line first
- curl -u${CREDENTIALS} $NPM_REGISTRY_AUTH >> .npmrc # add the credentials to login to e.g. a private Artefactory
- echo "registry=$NPM_REGISTRY" >> .npmrc # add the private registry url
# make sure the npmrc file is in the right location so yarn can use it
- cp .npmrc $CI_BUILDS_DIR/../dependency-updates/
- cd $CI_BUILDS_DIR/../dependency-updates
- pwsh start.ps1 yarn gitlabThe following startup parameters can be used:
| Name | Description | Example |
|---|---|---|
| updateType | Method to use for getting updates | yarn, nuget, npm |
| targetType | Target repository type | gitlab |
| mergeRequestTitle | Title to use for the merge request | Defaults to 'Bumping NuGet/NPM packages' |
| mergeWhenPipelineSucceeds | Bool in indicating if we set the flag 'merge when the pipeline succeeds' in GitLab | 0 or 1 |
| specificPackages | Yarn only: only update the packages in the parameter | 'package A', 'package B' |
docker build -t local-dependency-updates:latest .
After building the container you can run the local container against an example GitHub repository:
docker run -it -e gitUserName="rajbos" -e gitUserEmail="your-email@acme.com" `
-e remoteUrl="https://github.com/rajbos/dependency-updates" `
local-dependency-updates:latest `
pwsh start.ps1 -updateType "nuget"