Skip to content

Instantly share code, notes, and snippets.

@maxrimue

maxrimue/readme.md

Last active March 13, 2021 12:21
Show Gist options
  • Star 22 You must be signed in to star a gist
  • Fork 3 You must be signed in to fork a gist
  • Save maxrimue/16e272c4e0b8a8ac9dd5570e180e08c0 to your computer and use it in GitHub Desktop.
Save maxrimue/16e272c4e0b8a8ac9dd5570e180e08c0 to your computer and use it in GitHub Desktop.
Download ZIP
Use yarn with Greenkeeper
Raw
readme.md

Use yarn with Greenkeeper

When using yarn, it will create a yarn.lock lockfile which holds data on your used dependencies. This file also includes hard-typed versions, so should you update your dependencies, the yarn.lock file is basically outdated and needs to be regenerated. While yarn does this automatically, Greenkeeper pull requests that update dependencies as of right now do not do this regeneration, which means you would have to do it manually.

This gist shows you a way how to automatise this step using a Travis CI script.

Prerequisites

  • You use Travis CI and have it build Pull Requests (default behaviour)
  • You have a yarn.lock file in your repository for Travis CI to automatically install yarn (yarn will be added to their default images soon)

Getting started

Key

This part is key (lol). In order to enable Travis CI to push to our repository, it needs an access token. You can create one here (select repo and write down the token, GitHub won't show you again!). Now we need to tell Travis about it, there's two ways to do this:

Via Web Interface

This access token can be added as an environment variable to Travis CI using the web interface, which means we don't have to put it into some file and encrypt it manually. Go to the Travis CI website, to your project, click options, and create a new environment variable called PUSH_TOKEN which will contain our newly generated token.

Via .travis.yml

Alternatively, you can encrypt the token and put it right into the .travis.yml. In order to do this, install the Travis command line tool (gem install travis, requires Ruby and Gem being installed), and then run this command inside the directory of your repository:

travis encrypt PUSH_TOKEN=PUTYOURTOKENHERE

This will generate a string. Copy it and place it inside the .travis.yml:

secure: YOURFANCYSTRINGHERE

More info on encrypted keys in Travis here.

Github email

Please do the same thing with the email address that should be used to push changes to Github. The environment variable should be something like PUSH_EMAIL=no@no.com.

Code

Firstly, you add this part to your .travis.yml:

after_success:
  - bash yarn.sh

It tells Travis that once the build has succeeded, which in our case would mean testing the new dependencies with our application for most, it's supposed to execute a yarn.sh file, which will do the main work.

Basically, the yarn.sh file runs yarn in order to create an updated lockfile and then pushes those changes to the branch of the Pull Request. Put the file into the main directory of your project, commit the file and the .travis.yml, and you're good to go. You can of course change the name or path of the file, but remember to update the reference in .travis.yml as well.

Note: This lockfile update will only occur if:

  • the branch name includes "greenkeeper"
  • the most recent commit at runtime has "update" in its name
Raw
yarn.sh
#!/bin/bash
echo "Should yarn.lock be regenerated?"
if [[ $TRAVIS_PULL_REQUEST_BRANCH != *"greenkeeper"* ]]; then
# Not a GreenKeeper Pull Request, aborting
exit 0
fi
echo "Cloning repo"
git clone "https://"$PUSH_TOKEN"@github.com/"$TRAVIS_REPO_SLUG".git" repo
cd repo
echo "Switching to branch $TRAVIS_PULL_REQUEST_BRANCH"
git checkout $TRAVIS_PULL_REQUEST_BRANCH
# See if commit message includes "update"
git log --name-status HEAD^..HEAD | grep "update" || exit 0
echo "(Creat/updat)ing lockfile"
yarn
echo "Commit and push yarn.lock"
git config --global user.email "$PUSH_EMAIL"
git config --global user.name "Travis CI"
git config --global push.default simple
git add yarn.lock
git commit -m "chore: update yarn.lock"
git push
@IOAyman
Copy link

IOAyman commented Jan 6, 2017

I pushed a couple of changes to my fork, you may like to merge them here as well.

  1. Add some logging to the script. It's nice to know what Travis is exactly doing at each step.
  2. Secure the user.email git configuration, like the token.

Thanks for the hack! Very useful 😄

@acburdine
Copy link

One could also combine the two clone and checkout steps by using the git clone -b <branchName> option

@maxrimue
Copy link
Author

maxrimue commented Feb 5, 2017

@IOAyman thanks, merged!

@acburdine True, just thought this would be a little easier to understand 😄

@Daniel15
Copy link

Isn't this insecure as someone could fork the repo, add echo $PUSH_TOKEN to the script, and send a pull request?

@boennemann
Copy link

Isn't this insecure as someone could fork the repo, add echo $PUSH_TOKEN to the script, and send a pull request?

@Daniel15 @maxrimue The secure env vars on travis are only available on branches of the original repo, never on forks. You can't use a fork+PR to steal secret env vars.

@boennemann
Copy link

Hey @maxrimue and all others using this script,

we've added yarn support to our official greenkeeper-lockfile package.

Best,
Stephan

@HollyPony
Copy link

I've made an improved version of the bash script to avoid a new clone : https://gist.github.com/HollyPony/8211af6ee81cf6ad7ffc21088b77e0e6

Feel free to make comments or merge some updates or do nothing :p

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment