Skip to content

Yarn Upgrade

Yarn Upgrade #16

Workflow file for this run

name: Yarn Upgrade
on:
schedule:
# Every wednesday at 13:37 UTC
- cron: 37 13 * * 3
workflow_dispatch: {}
jobs:
upgrade:
name: Yarn Upgrade
permissions:
contents: read
runs-on: ubuntu-latest
steps:
- name: Check Out
uses: actions/checkout@v4
- name: Set up Node
uses: actions/setup-node@v4
with:
node-version: "*"
env:
NODE_OPTIONS: "--max-old-space-size=8196 --experimental-worker ${NODE_OPTIONS:-}"
- name: Locate Yarn cache
id: yarn-cache
run: echo "dir=$(yarn cache dir)" >> $GITHUB_OUTPUT
- name: Restore Yarn cache
uses: actions/cache@v4
with:
path: ${{ steps.yarn-cache.outputs.dir }}
key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
restore-keys: |-
${{ runner.os }}-yarn-
- name: Yarn Install
run: yarn install --frozen-lockfile
- name: Install Tools
run: |-
npm -g install lerna npm-check-updates
- name: Build Integ Runner
run: |
export NODE_OPTIONS="--max-old-space-size=8196 --experimental-worker ${NODE_OPTIONS:-}"
npx lerna run build --scope @aws-cdk/integ-runner
- name: List Mono-Repo Packages
id: list-packages
# These need to be ignored from the `ncu` runs!
run: |-
echo "list=$(lerna ls --all --json 2>/dev/null | jq -r 'map(.name) | join(",")')" >> $GITHUB_OUTPUT
- name: Run "ncu -u"
# Upgrade special cases:
# - Various `@types/*` packages need to be pinned to specific versions due to breaking changes in minor upgrades https://github.com/DefinitelyTyped/DefinitelyTyped/issues/64266
# - `typescript` is not semantically versioned, so we only upgrade the patch version
# - `constructs` because we need to stay in control of the minimum compatible version
# - `aws-sdk-mock` because of breaking changes in type exports https://github.com/dwyl/aws-sdk-mock/pull/260. We are not respecting `@ts-ignore`.
# - `@aws-cdk/aws-service-spec` and `@aws-cdk/service-spec-types` have their own update workflow
run: |-
# Upgrade dependencies at repository root
ncu --upgrade --filter=typescript --target=patch
ncu --upgrade --reject=@types/node,@types/prettier,constructs,typescript --target=minor
# Upgrade all the packages
lerna exec --parallel ncu -- --upgrade --filter=typescript --target=patch
lerna exec --parallel ncu -- --upgrade --reject='@types/conventional-commits-parser,@types/node,@types/prettier,constructs,typescript,aws-sdk-mock,@aws-sdk/*,@aws-cdk/aws-service-spec,@aws-cdk/service-spec-types,${{ steps.list-packages.outputs.list }}' --target=minor
# Upgrade package.json files in init templates
for pj in $(find packages/aws-cdk/lib/init-templates -name package.json); do
(cd $(dirname $pj) && ncu --upgrade --reject='constructs,${{ steps.list-packages.outputs.list }}')
done
# Upgrade dependencies at an aws-eks integ test docker image
cd packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/sdk-call-integ-test-docker-app/app/ && ncu --upgrade --reject='@aws-sdk/*,${{ steps.list-packages.outputs.list }}'
# This will ensure the current lockfile is up-to-date with the dependency specifications (necessary for "yarn upgrade" to run)
- name: Run "yarn install"
run: yarn install
- name: Run "yarn upgrade"
run: yarn upgrade
- name: Regenerate CLI attributions
run: cd packages/aws-cdk && yarn pkglint
- name: Regenerate Integ Runner attributions
run: cd packages/@aws-cdk/integ-runner && yarn pkglint
# Next, create and upload the changes as a patch file. This will later be downloaded to create a pull request
# Creating a pull request requires write permissions and it's best to keep write privileges isolated.
- name: Create Patch
run: |-
git add .
git diff --patch --staged > ${{ runner.temp }}/upgrade.patch
- name: Upload Patch
uses: actions/upload-artifact@v4
with:
name: upgrade.patch
path: ${{ runner.temp }}/upgrade.patch
pr:
name: Create Pull Request
needs: upgrade
permissions:
contents: write
pull-requests: write
runs-on: ubuntu-latest
steps:
- name: Check Out
uses: actions/checkout@v4
- name: Download patch
uses: actions/download-artifact@v4
with:
name: upgrade.patch
path: ${{ runner.temp }}
- name: Apply patch
run: '[ -s ${{ runner.temp }}/upgrade.patch ] && git apply ${{ runner.temp
}}/upgrade.patch || echo "Empty patch. Skipping."'
- name: Make Pull Request
uses: peter-evans/create-pull-request@v6
with:
# Git commit details
branch: automation/yarn-upgrade
author: aws-cdk-automation <aws-cdk-automation@users.noreply.github.com>
commit-message: |-
chore: npm-check-updates && yarn upgrade
Ran npm-check-updates and yarn upgrade to keep the `yarn.lock` file up-to-date.
# Pull Request details
title: 'chore: npm-check-updates && yarn upgrade'
body: |-
Ran npm-check-updates and yarn upgrade to keep the `yarn.lock` file up-to-date.
labels: contribution/core,dependencies,auto-approve
team-reviewers: aws-cdk-team
# Github prevents further Github actions to be run if the default Github token is used.
# Instead use a privileged token here, so further GH actions can be triggered on this PR.
token: ${{ secrets.PROJEN_GITHUB_TOKEN }}