From 8e16b06df2463cf4fe01aa931a680bf9bf2d18c2 Mon Sep 17 00:00:00 2001
From: Martin Pitt <martinpitt@users.noreply.github.com>
Date: Tue, 20 Oct 2020 09:08:08 +0200
Subject: [PATCH] Run npm-update in a GitHub workflow

This avoids a lot of moving parts in our infrastructure (webhook,
npm-trigger roundtrip, tasks container), works in exactly the same way
for independent third-party projects, and does not need *any* secret
other than the automatically provided GitHub token.

Let this run early every morning, roughly similar frequency as
cockpituous used to do. Also add a manual trigger, so that we get a
button to run it on demand.

Closes #384
---
 .github/workflows/npm-update.yml | 25 +++++++++++++++++++++++++
 .tasks                           | 13 -------------
 README.md                        |  8 ++++++++
 3 files changed, 33 insertions(+), 13 deletions(-)
 create mode 100644 .github/workflows/npm-update.yml
 delete mode 100755 .tasks

diff --git a/.github/workflows/npm-update.yml b/.github/workflows/npm-update.yml
new file mode 100644
index 0000000..446e4df
--- /dev/null
+++ b/.github/workflows/npm-update.yml
@@ -0,0 +1,25 @@
+name: npm-update
+on:
+  schedule:
+    - cron: '0 2 * * *'
+  # can be run manually on https://github.com/cockpit-project/starter-kit/actions
+  workflow_dispatch:
+jobs:
+  npm-update:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Set up dependencies
+        run: sudo apt-get install -y npm make
+
+      - name: Set up configuration and secrets
+        run: |
+          printf '[user]\n\tname = Cockpit Project\n\temail=cockpituous@gmail.com\n' > ~/.gitconfig
+          echo '${{ secrets.GITHUB_TOKEN }}' > ~/.config/github-token
+
+      - name: Clone repository
+        uses: actions/checkout@v2
+
+      - name: Run npm-update bot
+        run: |
+          make bots
+          bots/npm-update
diff --git a/.tasks b/.tasks
deleted file mode 100755
index 2026460..0000000
--- a/.tasks
+++ /dev/null
@@ -1,13 +0,0 @@
-#!/bin/sh
-
-# When run automated, randomize to minimize stampeding herd
-if [ -t 0 ]; then
-    chance=10
-else
-    chance=$(shuf -i 0-10 -n 1)
-fi
-
-if [ $chance -gt 9 ]; then
-    # Open issues for things that need doing on a regular basis
-    bots/npm-trigger
-fi
diff --git a/README.md b/README.md
index aa94315..1a4e6a2 100644
--- a/README.md
+++ b/README.md
@@ -103,6 +103,14 @@ with detailed comments how to use it. There is also an
 [example GitHub release action](.github/workflows/release.yml.disabled) to set
 up secrets and run cockpituous.
 
+# Automated maintenance
+
+It is important to keep your [NPM modules](./package.json) up to date, to keep
+up with security updates and bug fixes. This is done with the
+[npm-update bot script](https://github.com/cockpit-project/bots/blob/master/npm-update)
+which is run weekly or upon [manual request](https://github.com/cockpit-project/starter-kit/actions) through the
+[npm-update.yml](.github/workflows/npm-update.yml) [GitHub action](https://github.com/features/actions).
+
 # Further reading
 
  * The [Starter Kit announcement](http://cockpit-project.org/blog/cockpit-starter-kit.html)