我目前在 CI 构建的特定文件夹中有一个现有的 yml。每次签入 PR(更改)时,我们都会触发 CI 构建。
现在,考虑到在 dependentabot 中我们将触发器设置为无,而在 CI 中我们将触发器设置为特定分支,我如何添加或组合 dependentabot 的 yml?理想情况下,我们只想每周运行一次 dependentabot 扫描。使用 v2 dependentabot 可以实现吗?谢谢。
azure-pipelines.yml
# ASP.NET Core
# Build and test ASP.NET Core projects targeting .NET Core.
# Add steps that run tests, create a NuGet package, deploy, and more:
# https://docs.microsoft.com/azure/devops/pipelines/languages/dotnet-core
---
variables:
- name: buildConfiguration
value: Release
- name: agentPool
"${{ if or(eq(variables['Build.SourceBranchName'], 'dev'), eq(variables['Build.SourceBranchName'], 'main'), eq(variables['Build.SourceBranchName'], 'dev-ttcdbtst')) }}":
value: "TTC Servers"
"${{ else }}":
value: Azure Pipelines
- name: rootPath
value: "./../../../"
- name: projectPath
value: "./../"
- name: unitTestPath
value: "./../../Api.Test"
- name: workingDirectory
value: "src/Api/Build"
trigger:
- main
- dev
- feature/*
jobs:
- job: null
displayName: Build and Publish Artifacts
pool:
name: $(agentPool)
vmImage: ubuntu-latest
steps:
- checkout: self
fetchDepth: 0
- task: UseDotNet@2
displayName: 'Install .NET 8 SDK'
inputs:
packageType: 'sdk'
version: '8.x'
- task: Bash@3
displayName: 'Check what account is running'
inputs:
targetType: 'inline'
script: 'whoami'
workingDirectory: $(workingDirectory)
- task: Bash@3
displayName: 'Install Cake.Tool'
inputs:
targetType: 'inline'
script: 'dotnet tool install --global Cake.Tool | echo "Already installed"'
workingDirectory: $(workingDirectory)
- task: Bash@3
displayName: 'Execute dotnet cake command'
inputs:
targetType: 'inline'
script: 'dotnet cake --rootPath=$(rootPath) --projectPath=$(projectPath) --unitTestPath=$(unitTestPath)'
workingDirectory: $(workingDirectory)
- task: PublishBuildArtifacts@1
displayName: 'Publish Build Artifacts'
inputs:
PathtoPublish: 'artifacts'
ArtifactName: 'Artifact'
publishLocation: 'Container'
dependabot-pipelines.yml
#inputs options: https://github.com/tinglesoftware/dependabot-azure-devops/blob/main/extension/README.md
trigger: none
stages:
- stage: CheckDependencies
displayName: Check Dependencies
jobs:
- job: Dependabot
displayName: Run Dependabot
pool:
vmImage: ubuntu-latest
steps:
- task: dependabot@2
displayName: Run Dependabot
inputs:
setAutoComplete: true
dependabot.yml
version: 2
updates:
- package-ecosystem: 'nuget'
directory: '/'
target-branch: 'dev'
open-pull-requests-limit: 15
ignore:
- dependency-name: 'Microsoft.Extensions.Caching.SqlServer'
registries:
- azure_artifacts
schedule:
interval: weekly
# Check for npm updates on every Sundays
day: "sunday"
time: "09:00"
timezone: "America/Los_Angeles"
# Labels on pull requests for security and version updates
labels:
- "npm dependencies"
registries:
azure_artifacts:
type: "nuget-feed"
url: "https://xxx.pkgs.visualstudio.com/0497dd12-e7ca-49f7-999e-7f22d25e38c8/_packaging/TTCWebFeed/nuget/v3/index.json"
token: "PAT:<PAT>"
您可以创建一个引用使用
计划触发器的
dependabot-pipelines.yml
定义的新管道。确保 dependabot-pipelines.yml
定义文件已添加到预期分支中。
这是一个示例 YAML 管道,自
上次成功计划运行以来,每周都会在
dev
分支中发生新源代码更改时触发。
trigger: none
schedules:
- cron: 0 16 * * 0 # UTC
displayName: Weekly Sunday Scan # friendly name given to a specific schedule
branches:
include:
- dev # which branches the schedule applies to
always: false # whether to always run the pipeline or only if there have been source code changes since the last successful scheduled run. The default is false.
batch: false # Whether to run the pipeline if the previously scheduled run is in-progress; the default is false.
# batch is available in Azure DevOps Server 2022.1 and higher
stages:
- stage: CheckDependencies
displayName: Check Dependencies
jobs:
- job: Dependabot
displayName: Run Dependabot
pool:
vmImage: ubuntu-latest
steps:
- task: dependabot@2
displayName: Run Dependabot