Issue 1096: bump module dependencies #1684
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
buidav
requested changes
May 15, 2025
Collaborator
buidav
left a comment
buidav
left a comment
There was a problem hiding this comment.
Looks good.
A couple of PS Linter errors to address.
Will approve after the liner errors are addressed. As a follow up to this PR:
- Bump the PowerShell versions that need bumping. This workflow should take care of that just attach it to a PR.
- Add in the code to create a Pull Request automatically
https://github.com/cisagov/ScubaGear/blob/62202709b63d425fcb8ac7c79dcd5ff0f0e5d8a7/utils/workflow/Set-ScubaGearModuleVersion.psm1#L62
Collaborator
Author
|
@buidav and @mitchelbaker-cisa This PR should be good to go now. I resolved the PS issues and updated the workflow to create a PR when it is successfully run. |
mitchelbaker-cisa
requested changes
May 15, 2025
20 tasks
buidav
approved these changes
Jun 4, 2025
mitchelbaker-cisa
added
the
enhancement
mitchelbaker-cisa
pushed a commit
that referenced
this pull request
Jun 16, 2025
* Create BumpPsDependencies.ps1 * Create ps_dependencies_requiredversionsfile.yaml * Update RequiredVersions.ps1 * Update RequiredVersions.ps1 * Update RequiredVersions.ps1 * Update RequiredVersions.ps1 * Update ps_dependencies_requiredversionsfile.yaml Add smoke test * Update ps_dependencies_requiredversionsfile.yaml * Update ps_dependencies_requiredversionsfile.yaml to add smoke test * Update RequiredVersions.ps1 due to missing module info * Update RequiredVersions.ps1 * Update BumpPsDependencies.ps1 * Update BumpPsDependencies.ps1 Updated Null * Update BumpPsDependencies.ps1 * Update ps_dependencies_requiredversionsfile.yaml to add PR * Update RequiredVersions.ps1 * Update ps_dependencies_requiredversionsfile.yaml
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
🗣 Description
Currently we are having to manually check for version updates for our PowerShell dependencies.
This issue is to create a GitHub action to automatically bump our PowerShell dependency versions.
Since there is no dependabot for PowerShell this workflow has to be custom made.
This change implements a workflow for updating the MaximumVersion of all the modules in the PowerShell/ScubaGear/RequiredVersions.ps1 file. A new branch is created if an update is made to the ps1 file. Smoke Test passed, except for pnp module due to it not loading properly.
💭 Motivation and context
Closes 1096 https://github.com//issues/1096🧪 Testing
My tests were successfull, yes anyone can test it. Forked main from CISA and updated files in the fork. Also created a branch and tested it there. Tested the workflows manually and then had them run automatically at midnight. Updates to the dependency files were made successfully in both cases. Ran ScubaGear after the changes were made, no issues seen. N/A✅ Pre-approval checklist
✅ Pre-merge checklist
PR passed smoke test check.
Feature branch has been rebased against changes from parent branch, as needed
Use
Rebase branchbutton below or use this reference to rebase from the command line.Resolved all merge conflicts on branch
Notified merge coordinator that PR is ready for merge via comment mention
Demonstrate changes to the team for questions and comments.
(Note: Only required for issues of size
Mediumor larger)✅ Post-merge checklist