When using yarn, it will create a yarn.lock lockfile which holds data on your used dependencies. This file also includes hard-typed versions, so should you update your dependencies, the yarn.lock file is basically outdated and needs to be regenerated. While yarn does this automatically, Greenkeeper pull requests that update dependencies as of right now do not do this regeneration, which means you would have to do it manually.
This gist shows you a way how to automatise this step using a Travis CI script.
- You use Travis CI and have it build Pull Requests (default behaviour)
- You have a
yarn.lockfile in your repository for Travis CI to automatically install yarn (yarn will be added to their default images soon)
This part is key (lol). In order to enable Travis CI to push to our repository, it needs an access token. You can create one here (select repo and write down the token, GitHub won't show you again!). Now we need to tell Travis about it, there's two ways to do this:
This access token can be added as an environment variable to Travis CI using the web interface, which means we don't have to put it into some file and encrypt it manually. Go to the Travis CI website, to your project, click options, and create a new environment variable called PUSH_TOKEN which will contain our newly generated token.
Alternatively, you can encrypt the token and put it right into the .travis.yml. In order to do this, install the Travis command line tool (gem install travis, requires Ruby and Gem being installed), and then run this command inside the directory of your repository:
travis encrypt PUSH_TOKEN=PUTYOURTOKENHERE
This will generate a string. Copy it and place it inside the .travis.yml:
secure: YOURFANCYSTRINGHERE
More info on encrypted keys in Travis here.
Please do the same thing with the email address that should be used to push changes to Github. The environment variable should be something like PUSH_EMAIL=no@no.com.
Firstly, you add this part to your .travis.yml:
after_success:
- bash yarn.shIt tells Travis that once the build has succeeded, which in our case would mean testing the new dependencies with our application for most, it's supposed to execute a yarn.sh file, which will do the main work.
Basically, the yarn.sh file runs yarn in order to create an updated lockfile and then pushes those changes to the branch of the Pull Request. Put the file into the main directory of your project, commit the file and the .travis.yml, and you're good to go. You can of course change the name or path of the file, but remember to update the reference in .travis.yml as well.
Note: This lockfile update will only occur if:
- the branch name includes "greenkeeper"
- the most recent commit at runtime has "update" in its name