name: Dependency Check on: schedule: # Run every Monday at 9:00 AM UTC - cron: "0 9 * * 1" workflow_dispatch: # Allow manual triggering env: RUST_VERSION: "1.90" jobs: check-dependencies: runs-on: ubuntu-latest steps: - name: Checkout repository uses: actions/checkout@v6 with: fetch-depth: 0 - name: Install Rust toolchain uses: actions-rust-lang/setup-rust-toolchain@v1 with: toolchain: ${{ env.RUST_VERSION }} cache-workspaces: | dep-check-test dep-check-no-aide - name: Install cargo-generate and cargo-edit uses: taiki-e/install-action@v2 with: tool: cargo-generate,cargo-edit - name: Generate test project from template run: | mkdir -p dep-check-test && cd dep-check-test cargo generate --path .. --name dep-check-test --vcs none --init \ --define project_description="Dependency check test project" \ --define env_prefix="APP" \ --define default_port="3000" \ --define default_log_level="info" \ --define include_aide=true working-directory: ${{ github.workspace }} - name: Check current dependencies run: cargo check working-directory: dep-check-test # - name: Run tests with current dependencies # run: cargo test # working-directory: dep-check-test - name: Upgrade dependencies and capture changes id: upgrade run: | # Run cargo upgrade and capture output UPGRADE_OUTPUT=$(cargo upgrade --incompatible 2>&1) echo "$UPGRADE_OUTPUT" echo "$UPGRADE_OUTPUT" > ../upgrade-output.txt # Check if any dependencies were actually upgraded if echo "$UPGRADE_OUTPUT" | grep -E "name\s+old req\s+compatible\s+latest\s+new req" > /dev/null; then echo "has_updates=true" >> $GITHUB_OUTPUT echo "✅ Updates detected" else echo "has_updates=false" >> $GITHUB_OUTPUT echo "ℹī¸ No updates available" fi cat Cargo.toml working-directory: dep-check-test - name: Check with upgraded dependencies run: cargo check working-directory: dep-check-test - name: Build with upgraded dependencies run: cargo build working-directory: dep-check-test # - name: Run tests with upgraded dependencies # run: cargo test # working-directory: dep-check-test - name: Update template Cargo.toml if upgrades succeeded if: steps.upgrade.outputs.has_updates == 'true' run: | echo "📝 Updating template with new dependency versions..." # Run the merge script from .ci directory python3 .ci/merge_versions.py dep-check-test/Cargo.toml Cargo.toml.liquid # Show what changed echo "" echo "Changes to template:" git diff Cargo.toml.liquid working-directory: ${{ github.workspace }} - name: Create issue on failure if: failure() run: | ISSUE_TITLE="⚠ī¸ Weekly Dependency Check Failed" ISSUE_BODY="The weekly dependency check has failed. Please review the workflow run for details. **Action Required:** - Review the failing dependencies - Update the template if needed - Test locally with \`cargo generate\` and \`cargo upgrade\` **Workflow Run:** ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}" # Create issue via Gitea API curl -X POST \ -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \ -H "Content-Type: application/json" \ "${{ github.api_url }}/repos/${{ github.repository }}/issues" \ -d "{ \"title\": \"$ISSUE_TITLE\", \"body\": \"$ISSUE_BODY\", \"labels\": [1], \"ref\": \"${{ github.ref_name }}\" }" - name: Generate test project without aide run: | mkdir -p dep-check-no-aide && cd dep-check-no-aide cargo generate --path .. --name dep-check-no-aide --vcs none --init \ --define project_description="Dependency check test project without aide" \ --define env_prefix="APP" \ --define default_port="3000" \ --define default_log_level="info" \ --define include_aide=false working-directory: ${{ github.workspace }} - name: Check without aide (current dependencies) run: cargo check working-directory: dep-check-no-aide - name: Upgrade dependencies (no aide) run: cargo upgrade --incompatible working-directory: dep-check-no-aide - name: Check without aide (upgraded dependencies) run: cargo check working-directory: dep-check-no-aide - name: Build without aide (upgraded dependencies) run: cargo build working-directory: dep-check-no-aide # - name: Run tests without aide (upgraded dependencies) # run: cargo test # working-directory: dep-check-no-aide - name: Prepare PR body with upgrade summary if: steps.upgrade.outputs.has_updates == 'true' run: | UPGRADE_SUMMARY=$(cat upgrade-output.txt | grep -A 100 "name.*old req.*compatible.*latest.*new req" | head -n 20) cat > pr-body.txt << 'EOF' This PR contains automated dependency upgrades that have been tested with `cargo check` and `cargo build` ## Changes ``` EOF echo "$UPGRADE_SUMMARY" >> pr-body.txt cat >> pr-body.txt << 'EOF' ``` ## Testing ✅ Generated test project with aide ✅ Generated test project without aide ✅ All builds passed ✅ All checks passed ## Workflow Run ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} --- *This PR was automatically created by the dependency check workflow.* EOF cat pr-body.txt working-directory: ${{ github.workspace }} - name: Create Pull Request with dependency updates if: steps.upgrade.outputs.has_updates == 'true' uses: infinilabs/gitea-pr@v0 permissions: contents: write with: url: ${{ github.server_url }} token: ${{ secrets.GITHUB_TOKEN }} path: ${{ github.workspace }}/axum-template commit-message: "chore: upgrade dependencies" committer: "Dependency Bot " author: "Dependency Bot " base: ${{ github.ref_name }} branch: deps/auto-upgrade-${{ github.run_number }} title: "âŦ†ī¸ Automated Dependency Upgrade" body-path: ${{ github.workspace }}/pr-body.txt pr-label: "deps/bot" - name: Summary if: success() run: | echo "✅ All dependency checks passed!" echo "" echo "Tested configurations:" echo " - With aide: dep-check-test" echo " - Without aide: dep-check-no-aide" echo "" if [ "${{ steps.upgrade.outputs.has_updates }}" = "true" ]; then echo "đŸ“Ļ Updates found - PR created automatically" else echo "ℹī¸ No dependency updates available" fi