Merge pull request #945 from dev-hato/develop

v2.4.1 リリース

Author: nakkaa

.dockerignore

@@ -0,0 +1,7 @@
+.env
+.DS_Store
+__pycache__/
+.vscode/
+.mypy_cache/
+node_modules/
+docker-compose.yml

.dockerignore

@@ -0,0 +1,3 @@
+[flake8]
+max-line-length = 120
+extend-ignore = E203

.flake8

@@ -8,6 +8,15 @@ updates:
     open-pull-requests-limit: 1
   - package-ecosystem: docker
     directory: "/"
+    schedule:
+      interval: "daily"
+    ignore:
+      - dependency-name: python
+        versions:
+          - 3.11.0b1-slim-bullseye
+    open-pull-requests-limit: 1
+  - package-ecosystem: docker
+    directory: "/postgres"
     schedule:
       interval: "daily"
     open-pull-requests-limit: 1

.github/dependabot.yml

@@ -25,7 +25,7 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v3.0.2
         with:
           # We must fetch at least the immediate parents so that if this is
           # a pull request then we can checkout the head.
@@ -38,7 +38,7 @@ jobs:
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@v1
+        uses: github/codeql-action/init@v2
         with:
           languages: ${{ matrix.language }}
 
@@ -47,7 +47,7 @@ jobs:
       # If this step fails,
       # then you should remove it and run the build manually (see below)
       - name: Autobuild
-        uses: github/codeql-action/autobuild@v1
+        uses: github/codeql-action/autobuild@v2
 
       # ℹ️ Command-line programs to run using the OS shell.
       # 📚 https://git.io/JvXDl
@@ -62,4 +62,4 @@ jobs:
       #   make release
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v1
+        uses: github/codeql-action/analyze@v2

.github/workflows/codeql-analysis.yml

@@ -0,0 +1,83 @@
+---
+name: pr-check-npm
+
+on:
+  pull_request:
+
+permissions:
+  contents: write
+  pull-requests: write
+
+jobs:
+  pr-update-version:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      pull-requests: write
+    steps:
+      - uses: actions/checkout@v3.0.2
+        with:
+          fetch-depth: 0
+          ref: ${{ github.event.pull_request.head.sha }}
+      - name: Get Dependabot npm version
+        id: get_dependabot_npm_version
+        run: |
+          DOCKER_CMD="npm --version"
+          npm_version="$(docker run ghcr.io/dependabot/dependabot-core sh -c "${DOCKER_CMD}")"
+          echo "npm version:" "${npm_version}"
+          echo "::set-output name=npm_version::${npm_version}"
+      - name: Update version
+        run: |
+          DEPENDABOT_NPM_VERSION="${{steps.get_dependabot_npm_version.outputs.npm_version}}"
+          NPM_PATTERN_PACKAGE="s/\"npm\": \".*\"/\"npm\": \"^${DEPENDABOT_NPM_VERSION}\"/g"
+          sed -i -e "${NPM_PATTERN_PACKAGE}" package.json
+      - uses: actions/setup-node@v3.4.1
+        with:
+          cache: npm
+      - run: |
+          npm_version=$(jq -r '.engines.npm | ltrimstr("^")' package.json)
+          npm install --prefer-offline --location=global "npm@${npm_version}"
+          npm install
+      - uses: dev-hato/actions-diff-pr-management@v0.0.8
+        with:
+          github-token: ${{secrets.GITHUB_TOKEN}}
+          branch-name-prefix: fix-version
+          pr-title-prefix: nodeをアップデートしてあげたよ！
+          repo-name: ${{ github.event.pull_request.head.repo.full_name }}
+
+  # package.jsonに差分があれば、package.jsonからpackage-lock.jsonを作り出す
+  pr-check-npm:
+    runs-on: ubuntu-latest
+    needs: pr-update-version
+
+    steps:
+      - uses: actions/checkout@v3.0.2
+        with:
+          # ここでsubmodule持ってくるとdetached headにcommitして死ぬ
+          # submodule: 'recursive'
+          fetch-depth: 0
+          ref: ${{ github.event.pull_request.head.sha }}
+      - name: Set up Node.js ${{ env.NODE_VERSION }}
+        uses: actions/setup-node@v3.4.1
+        with:
+          cache: npm
+      - name: Install dependencies
+        run: |
+          npm_version=$(jq -r '.engines.npm | ltrimstr("^")' package.json)
+          npm install --prefer-offline --location=global "npm@${npm_version}"
+          npm install
+      # 差分があったときは差分を出力する
+      - name: Show diff
+        id: diff
+        run: |
+          result=$(git diff)
+          echo "::set-output name=result::$result"
+      - run: |
+          REPO_NAME="${{ github.event.pull_request.head.repo.full_name }}"
+          echo "REPO_NAME=${REPO_NAME}" >> "${GITHUB_ENV}"
+      - uses: dev-hato/actions-diff-pr-management@v0.0.8
+        with:
+          github-token: ${{secrets.GITHUB_TOKEN}}
+          branch-name-prefix: npm
+          pr-title-prefix: package.jsonやpackage-lock.jsonが更新されたので直してあげたよ！
+          repo-name: ${{ github.event.pull_request.head.repo.full_name }}

.github/workflows/pr-check-npm.yml

@@ -0,0 +1,65 @@
+---
+name: pr-close-hato-bot
+
+on:
+  pull_request:
+    types:
+      - closed
+
+jobs:
+  # PR close時にCIが出したPRをcloseする
+  pr-close-hato-bot:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      pull-requests: write
+    steps:
+      - run: |
+          REPO_NAME="${{ github.event.pull_request.head.repo.full_name }}"
+          echo "REPO_NAME=${REPO_NAME}" >> "${GITHUB_ENV}"
+      - name: Close PullRequest
+        uses: actions/github-script@v6.1.0
+        env:
+          HEAD_REF: ${{github.event.pull_request.head.ref}}
+        if: env.REPO_NAME == github.repository
+        with:
+          github-token: ${{secrets.GITHUB_TOKEN}}
+          script: |
+            const HEAD_REF = process.env["HEAD_REF"]
+            const common_params = {
+              owner: context.repo.owner,
+              repo: context.repo.repo
+            }
+
+            for (const head_name of ["npm-" + HEAD_REF,
+                                     "fix-format-" + HEAD_REF,
+                                     "fix-version-pre-commit-config-" + HEAD_REF,
+                                     "fix-version-python-version-" + HEAD_REF]) {
+              let head = "${{github.event.pull_request.head.repo.owner.login}}:"
+              head += head_name
+              const pulls_list_params = {
+                head,
+                base: HEAD_REF,
+                state: "open",
+                ...common_params
+              }
+              console.log("call pulls.list:", pulls_list_params)
+              const pulls = await github.paginate(github.rest.pulls.list,
+                                                  pulls_list_params)
+
+              for (const pull of pulls) {
+                const pulls_update_params = {
+                  pull_number: pull.number,
+                  state: "closed",
+                  ...common_params
+                }
+                console.log("call pulls.update:", pulls_update_params)
+                await github.rest.pulls.update(pulls_update_params)
+                const git_deleteRef_params = {
+                  ref: "heads/" + head_name,
+                  ...common_params
+                }
+                console.log("call git.deleteRef:", git_deleteRef_params)
+                await github.rest.git.deleteRef(git_deleteRef_params)
+              }
+            }