From e70167990eb6b684af7885fe4145f00238e2b8a7 Mon Sep 17 00:00:00 2001 From: Mathieu Cloutier Date: Wed, 18 Mar 2026 15:24:22 -0600 Subject: [PATCH 1/6] fix broken ci --- .github/dependabot.yml | 9 +++++++++ .github/workflows/test-appsync-utils.yml | 8 ++++---- 2 files changed, 13 insertions(+), 4 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 0b2a83a..5e09158 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -10,3 +10,12 @@ updates: schedule: interval: "weekly" + - package-ecosystem: "npm" + directory: "/cdk" + schedule: + interval: "weekly" + + - package-ecosystem: "github-actions" + directory: "/cdk" + schedule: + interval: "weekly" diff --git a/.github/workflows/test-appsync-utils.yml b/.github/workflows/test-appsync-utils.yml index 1b7d48a..c5980c4 100644 --- a/.github/workflows/test-appsync-utils.yml +++ b/.github/workflows/test-appsync-utils.yml @@ -11,7 +11,7 @@ on: env: LOCALSTACK_AUTH_TOKEN: ${{ secrets.LOCALSTACK_API_KEY }} - TEST_IMAGE_NAME: public.ecr.aws/lambda/nodejs:18 + TEST_IMAGE_NAME: public.ecr.aws/lambda/nodejs:22 jobs: unit-test: @@ -20,7 +20,7 @@ jobs: - uses: actions/checkout@v6 - uses: actions/setup-node@v6 with: - node-version: 18 + node-version: 22 - run: npm ci - run: npm test @@ -30,7 +30,7 @@ jobs: - uses: actions/checkout@v6 - uses: actions/setup-node@v6 with: - node-version: 18 + node-version: 22 - name: Pull test docker image run: docker pull $TEST_IMAGE_NAME @@ -51,7 +51,7 @@ jobs: image-tag: "latest" use-pro: "true" env: - LOCALSTACK_AUTH_TOKEN: ${{ secrets.LOCALSTACK_API_KEY }} + LOCALSTACK_AUTH_TOKEN: ${{ secrets.LOCALSTACK_AUTH_TOKEN }} APPSYNC_JS_LIBS_VERSION: ${{ github.sha }} DEBUG: "1" DISABLE_EVENTS: "1" From a280b7b9784293557e5b4550e8e140c8eaa44a31 Mon Sep 17 00:00:00 2001 From: Mathieu Cloutier Date: Wed, 18 Mar 2026 15:44:45 -0600 Subject: [PATCH 2/6] only merge if tests pass --- .github/workflows/dependabot-automerge.yml | 56 +++++++++++++++++++++- 1 file changed, 54 insertions(+), 2 deletions(-) diff --git a/.github/workflows/dependabot-automerge.yml b/.github/workflows/dependabot-automerge.yml index 79bc2f6..2d87676 100644 --- a/.github/workflows/dependabot-automerge.yml +++ b/.github/workflows/dependabot-automerge.yml @@ -15,8 +15,60 @@ jobs: uses: dependabot/fetch-metadata@v1 with: github-token: "${{ secrets.GITHUB_TOKEN }}" + + - name: Wait for tests to pass + uses: fountainhead/action-wait-for-check@v1.2.0 + id: wait-for-tests + with: + token: ${{ secrets.GITHUB_TOKEN }} + checkName: unit-test + ref: ${{ github.event.pull_request.head.sha }} + timeoutSeconds: 600 + intervalSeconds: 30 + + - name: Wait for integration tests to pass + uses: fountainhead/action-wait-for-check@v1.2.0 + id: wait-for-integration + with: + token: ${{ secrets.GITHUB_TOKEN }} + checkName: integration-test + ref: ${{ github.event.pull_request.head.sha }} + timeoutSeconds: 600 + intervalSeconds: 30 + + - name: Wait for LocalStack tests to pass + uses: fountainhead/action-wait-for-check@v1.2.0 + id: wait-for-localstack + with: + token: ${{ secrets.GITHUB_TOKEN }} + checkName: localstack-test + ref: ${{ github.event.pull_request.head.sha }} + timeoutSeconds: 600 + intervalSeconds: 30 + - name: Enable auto-merge for Dependabot PRs + if: | + steps.wait-for-tests.outputs.conclusion == 'success' && + steps.wait-for-integration.outputs.conclusion == 'success' && + steps.wait-for-localstack.outputs.conclusion == 'success' run: gh pr merge --auto --squash "$PR_URL" env: - PR_URL: ${{github.event.pull_request.html_url}} - GH_TOKEN: ${{secrets.GITHUB_TOKEN}} + PR_URL: ${{ github.event.pull_request.html_url }} + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + - name: Comment on PR if tests failed + if: | + steps.wait-for-tests.outputs.conclusion != 'success' || + steps.wait-for-integration.outputs.conclusion != 'success' || + steps.wait-for-localstack.outputs.conclusion != 'success' + run: | + gh pr comment "$PR_URL" --body "🚫 Auto-merge skipped: one or more test jobs failed or timed out. + + - unit-test: ${{ steps.wait-for-tests.outputs.conclusion }} + - integration-test: ${{ steps.wait-for-integration.outputs.conclusion }} + - localstack-test: ${{ steps.wait-for-localstack.outputs.conclusion }} + + Please review the failing checks and resolve any issues." + env: + PR_URL: ${{ github.event.pull_request.html_url }} + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} From 3dc2d2b57e581a79ebcffc1a9de39e1e7d36da08 Mon Sep 17 00:00:00 2001 From: Mathieu Cloutier Date: Wed, 18 Mar 2026 15:56:30 -0600 Subject: [PATCH 3/6] use proper auth token --- .github/workflows/test-appsync-utils.yml | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/.github/workflows/test-appsync-utils.yml b/.github/workflows/test-appsync-utils.yml index c5980c4..34cb3cd 100644 --- a/.github/workflows/test-appsync-utils.yml +++ b/.github/workflows/test-appsync-utils.yml @@ -10,8 +10,9 @@ on: workflow_dispatch: env: - LOCALSTACK_AUTH_TOKEN: ${{ secrets.LOCALSTACK_API_KEY }} + LOCALSTACK_AUTH_TOKEN: ${{ secrets.LOCALSTACK_AUTH_TOKEN }} TEST_IMAGE_NAME: public.ecr.aws/lambda/nodejs:22 + NODE_VERSION: 22 jobs: unit-test: @@ -20,7 +21,7 @@ jobs: - uses: actions/checkout@v6 - uses: actions/setup-node@v6 with: - node-version: 22 + node-version: ${{ env.NODE_VERSION }} - run: npm ci - run: npm test @@ -30,7 +31,7 @@ jobs: - uses: actions/checkout@v6 - uses: actions/setup-node@v6 with: - node-version: 22 + node-version: ${{ env.NODE_VERSION }} - name: Pull test docker image run: docker pull $TEST_IMAGE_NAME @@ -51,13 +52,15 @@ jobs: image-tag: "latest" use-pro: "true" env: - LOCALSTACK_AUTH_TOKEN: ${{ secrets.LOCALSTACK_AUTH_TOKEN }} + LOCALSTACK_AUTH_TOKEN: ${{ env.LOCALSTACK_AUTH_TOKEN }} APPSYNC_JS_LIBS_VERSION: ${{ github.sha }} DEBUG: "1" DISABLE_EVENTS: "1" - name: Ensure pro image is used run: curl -s http://localhost:4566/_localstack/health | grep appsync - uses: actions/setup-node@v6 + with: + node-version: ${{ env.NODE_VERSION }} - name: Execute test script run: bash .github/execute-localstack-test.sh - name: Get the LocalStack logs From 36f0d33804b70d7369200415e148484de0715cbe Mon Sep 17 00:00:00 2001 From: Mathieu Cloutier Date: Wed, 1 Apr 2026 10:22:55 -0600 Subject: [PATCH 4/6] run automerge on tests complete --- .github/workflows/dependabot-automerge.yml | 55 ++++------------------ 1 file changed, 10 insertions(+), 45 deletions(-) diff --git a/.github/workflows/dependabot-automerge.yml b/.github/workflows/dependabot-automerge.yml index 2d87676..a15b34e 100644 --- a/.github/workflows/dependabot-automerge.yml +++ b/.github/workflows/dependabot-automerge.yml @@ -1,5 +1,9 @@ name: Dependabot auto-merge -on: pull_request +on: + workflow_run: + workflows: ["Test AppSync utils"] + types: + - completed permissions: contents: write @@ -16,59 +20,20 @@ jobs: with: github-token: "${{ secrets.GITHUB_TOKEN }}" - - name: Wait for tests to pass - uses: fountainhead/action-wait-for-check@v1.2.0 - id: wait-for-tests - with: - token: ${{ secrets.GITHUB_TOKEN }} - checkName: unit-test - ref: ${{ github.event.pull_request.head.sha }} - timeoutSeconds: 600 - intervalSeconds: 30 - - - name: Wait for integration tests to pass - uses: fountainhead/action-wait-for-check@v1.2.0 - id: wait-for-integration - with: - token: ${{ secrets.GITHUB_TOKEN }} - checkName: integration-test - ref: ${{ github.event.pull_request.head.sha }} - timeoutSeconds: 600 - intervalSeconds: 30 - - - name: Wait for LocalStack tests to pass - uses: fountainhead/action-wait-for-check@v1.2.0 - id: wait-for-localstack - with: - token: ${{ secrets.GITHUB_TOKEN }} - checkName: localstack-test - ref: ${{ github.event.pull_request.head.sha }} - timeoutSeconds: 600 - intervalSeconds: 30 - - name: Enable auto-merge for Dependabot PRs - if: | - steps.wait-for-tests.outputs.conclusion == 'success' && - steps.wait-for-integration.outputs.conclusion == 'success' && - steps.wait-for-localstack.outputs.conclusion == 'success' + if: ${{ github.event.workflow_run.conclusion == 'success' }} run: gh pr merge --auto --squash "$PR_URL" env: PR_URL: ${{ github.event.pull_request.html_url }} GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Comment on PR if tests failed - if: | - steps.wait-for-tests.outputs.conclusion != 'success' || - steps.wait-for-integration.outputs.conclusion != 'success' || - steps.wait-for-localstack.outputs.conclusion != 'success' + if: ${{ github.event.workflow_run.conclusion == 'failure' }} run: | - gh pr comment "$PR_URL" --body "🚫 Auto-merge skipped: one or more test jobs failed or timed out. - - - unit-test: ${{ steps.wait-for-tests.outputs.conclusion }} - - integration-test: ${{ steps.wait-for-integration.outputs.conclusion }} - - localstack-test: ${{ steps.wait-for-localstack.outputs.conclusion }} + gh pr comment "$PR_URL" --body "🚫 Auto-merge skipped: one or more test jobs failed. - Please review the failing checks and resolve any issues." + Please review the failing checks and resolve any issues. + " env: PR_URL: ${{ github.event.pull_request.html_url }} GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} From 6c6d3740f5d85a0b9d0dfa46f5704e701c9bdf54 Mon Sep 17 00:00:00 2001 From: Mathieu Cloutier Date: Wed, 1 Apr 2026 10:27:12 -0600 Subject: [PATCH 5/6] removed dedup version --- .github/workflows/test-appsync-utils.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/test-appsync-utils.yml b/.github/workflows/test-appsync-utils.yml index 34cb3cd..eb845cc 100644 --- a/.github/workflows/test-appsync-utils.yml +++ b/.github/workflows/test-appsync-utils.yml @@ -11,7 +11,7 @@ on: env: LOCALSTACK_AUTH_TOKEN: ${{ secrets.LOCALSTACK_AUTH_TOKEN }} - TEST_IMAGE_NAME: public.ecr.aws/lambda/nodejs:22 + NODEJS_IMAGE_NAME: public.ecr.aws/lambda/nodejs NODE_VERSION: 22 jobs: @@ -34,7 +34,7 @@ jobs: node-version: ${{ env.NODE_VERSION }} - name: Pull test docker image - run: docker pull $TEST_IMAGE_NAME + run: docker pull ${{ env.NODEJS_IMAGE_NAME }}:${{ env.NODE_VERSION }} - name: Install dependencies run: npm ci From 41fbc474b957be189297a87d817fd77f2b90a095 Mon Sep 17 00:00:00 2001 From: Mathieu Cloutier Date: Thu, 2 Apr 2026 09:02:01 -0600 Subject: [PATCH 6/6] revert automerge changes and improve with latest standards --- .github/dependabot.yml | 5 ---- .github/workflows/dependabot-automerge.yml | 27 ++++------------------ 2 files changed, 5 insertions(+), 27 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 5e09158..19f45c7 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -14,8 +14,3 @@ updates: directory: "/cdk" schedule: interval: "weekly" - - - package-ecosystem: "github-actions" - directory: "/cdk" - schedule: - interval: "weekly" diff --git a/.github/workflows/dependabot-automerge.yml b/.github/workflows/dependabot-automerge.yml index a15b34e..30e231a 100644 --- a/.github/workflows/dependabot-automerge.yml +++ b/.github/workflows/dependabot-automerge.yml @@ -1,9 +1,5 @@ name: Dependabot auto-merge -on: - workflow_run: - workflows: ["Test AppSync utils"] - types: - - completed +on: pull_request permissions: contents: write @@ -12,28 +8,15 @@ permissions: jobs: dependabot: runs-on: ubuntu-latest - if: github.actor == 'dependabot[bot]' + if: github.actor == 'dependabot[bot]' && github.repository == 'localstack/appsync-utils' steps: - name: Dependabot metadata id: metadata - uses: dependabot/fetch-metadata@v1 + uses: dependabot/fetch-metadata@v2 with: github-token: "${{ secrets.GITHUB_TOKEN }}" - - name: Enable auto-merge for Dependabot PRs - if: ${{ github.event.workflow_run.conclusion == 'success' }} run: gh pr merge --auto --squash "$PR_URL" env: - PR_URL: ${{ github.event.pull_request.html_url }} - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - - name: Comment on PR if tests failed - if: ${{ github.event.workflow_run.conclusion == 'failure' }} - run: | - gh pr comment "$PR_URL" --body "🚫 Auto-merge skipped: one or more test jobs failed. - - Please review the failing checks and resolve any issues. - " - env: - PR_URL: ${{ github.event.pull_request.html_url }} - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + PR_URL: ${{github.event.pull_request.html_url}} + GH_TOKEN: ${{secrets.GITHUB_TOKEN}}