From 9212f1a9ea7e53775b44bb1f83863b770d7806ea Mon Sep 17 00:00:00 2001 From: Wes Rich Date: Wed, 25 Feb 2026 17:00:55 -0500 Subject: [PATCH 1/3] Add Dependabot Config Refactor GH Generator a bit --- Gemfile.lock | 2 +- example_rails7/Gemfile.lock | 2 +- example_rails8/Gemfile.lock | 4 +- .../rolemodel/github/github_generator.rb | 31 +++---- .../rolemodel/github/templates/CODEOWNERS | 8 ++ .../rolemodel/github/templates/dependabot.yml | 87 +++++++++++++++++++ .../rolemodel/github/templates/instructions | 1 + .../github/templates/pull_request_template.md | 18 ++++ .../github/templates/workflows}/ci.yml | 0 lib/rolemodel_rails/version.rb | 2 +- .../rolemodel/github_generator_spec.rb | 19 ++++ 11 files changed, 150 insertions(+), 24 deletions(-) create mode 100644 lib/generators/rolemodel/github/templates/CODEOWNERS create mode 100644 lib/generators/rolemodel/github/templates/dependabot.yml create mode 120000 lib/generators/rolemodel/github/templates/instructions create mode 100644 lib/generators/rolemodel/github/templates/pull_request_template.md rename {.github/templates => lib/generators/rolemodel/github/templates/workflows}/ci.yml (100%) diff --git a/Gemfile.lock b/Gemfile.lock index 54ad989b..80d7eb8a 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,7 +1,7 @@ PATH remote: . specs: - rolemodel_rails (0.26.0) + rolemodel_rails (0.27.0) rails (> 7.1) GEM diff --git a/example_rails7/Gemfile.lock b/example_rails7/Gemfile.lock index 33368a1d..dfab676d 100644 --- a/example_rails7/Gemfile.lock +++ b/example_rails7/Gemfile.lock @@ -1,7 +1,7 @@ PATH remote: .. specs: - rolemodel_rails (0.26.0) + rolemodel_rails (0.27.0) rails (> 7.1) GEM diff --git a/example_rails8/Gemfile.lock b/example_rails8/Gemfile.lock index a3f1a18c..8efb1e70 100644 --- a/example_rails8/Gemfile.lock +++ b/example_rails8/Gemfile.lock @@ -1,7 +1,7 @@ PATH remote: .. specs: - rolemodel_rails (0.26.0) + rolemodel_rails (0.27.0) rails (> 7.1) GEM @@ -522,7 +522,7 @@ CHECKSUMS regexp_parser (2.11.3) sha256=ca13f381a173b7a93450e53459075c9b76a10433caadcb2f1180f2c741fc55a4 reline (0.6.3) sha256=1198b04973565b36ec0f11542ab3f5cfeeec34823f4e54cebde90968092b1835 rexml (3.4.4) sha256=19e0a2c3425dfbf2d4fc1189747bdb2f849b6c5e74180401b15734bc97b5d142 - rolemodel_rails (0.26.0) + rolemodel_rails (0.27.0) rubocop (1.84.1) sha256=14cc626f355141f5a2ef53c10a68d66b13bb30639b26370a76559096cc6bcc1a rubocop-ast (1.49.0) sha256=49c3676d3123a0923d333e20c6c2dbaaae2d2287b475273fddee0c61da9f71fd rubocop-performance (1.26.1) sha256=cd19b936ff196df85829d264b522fd4f98b6c89ad271fa52744a8c11b8f71834 diff --git a/lib/generators/rolemodel/github/github_generator.rb b/lib/generators/rolemodel/github/github_generator.rb index 04184343..2261ecd0 100644 --- a/lib/generators/rolemodel/github/github_generator.rb +++ b/lib/generators/rolemodel/github/github_generator.rb @@ -2,30 +2,23 @@ module Rolemodel class GithubGenerator < BaseGenerator - # Source root is the project-level .github directory - # This allows us to use the same templates for both the generated app and this gem - source_root File.expand_path('.github') + # Files which are both used by the gem source and copied to the target app without modification + # are placed in the `.github` folder at the top level of this repository. This folder is then + # symlinked to the `templates` folder relative to this generator so they can still be copied over. + # Any files which are significantly different or not used by the gem source are just in `templates`. + source_root File.expand_path('templates', __dir__) - def install_pull_request_template + def install_github_config + directory 'instructions', '.github/instructions' + directory 'workflows', '.github/workflows' template 'pull_request_template.md', '.github/pull_request_template.md' end - def remove_rolemodel_rails_version_check - gsub_file '.github/pull_request_template.md', - "* [ ] Run `bin/bump_version` or `bin/bump_version --patch`\n", - '' - end - - def install_copilot_instructions - copy_file 'instructions/css.instructions.md', '.github/instructions/css.instructions.md' - copy_file 'instructions/js.instructions.md', '.github/instructions/js.instructions.md' - copy_file 'instructions/project.instructions.md', '.github/instructions/project.instructions.md' - copy_file 'instructions/ruby.instructions.md', '.github/instructions/ruby.instructions.md' - copy_file 'instructions/slim.instructions.md', '.github/instructions/slim.instructions.md' - end + def install_dependabot_and_codeowners + copy_file 'dependabot.yml', '.github/dependabot.yml' + copy_file 'CODEOWNERS', '.github/CODEOWNERS' - def install_ci_yml - copy_file 'templates/ci.yml', '.github/workflows/ci.yml' + say 'Dependabot config added. Please edit CODEOWNERS to assign appropriate reviewers for your project.' end def update_database_yml_for_ci diff --git a/lib/generators/rolemodel/github/templates/CODEOWNERS b/lib/generators/rolemodel/github/templates/CODEOWNERS new file mode 100644 index 00000000..7ef63c7e --- /dev/null +++ b/lib/generators/rolemodel/github/templates/CODEOWNERS @@ -0,0 +1,8 @@ +# This file is used by Dependabot (and more broadly GitHub) to determine who needs to review +# pull requests which contain changes to specific files. Specifically, the setup below allows +# for the dependabot PRs to automatically assign (and notify) the Craftsman and Support Dev. +# Please change the usernames below to the appropriate reviewers for your project! + +# Dependabot / Dependency reviewers: +# yarn.lock @craftsman @supportdev +# Gemfile.lock @craftsman @supportdev diff --git a/lib/generators/rolemodel/github/templates/dependabot.yml b/lib/generators/rolemodel/github/templates/dependabot.yml new file mode 100644 index 00000000..5422a09c --- /dev/null +++ b/lib/generators/rolemodel/github/templates/dependabot.yml @@ -0,0 +1,87 @@ +version: 2 +registries: + ruby-github: + type: rubygems-server + url: https://rubygems.pkg.github.com/RoleModel + token: ${{ secrets.ROLEMODEL_PACKAGE_REPO_READ_TOKEN }} + +updates: + - package-ecosystem: bundler + insecure-external-code-execution: allow + registries: + - ruby-github + directory: / + schedule: + interval: weekly + day: monday + # Ignore specific dependencies or update types which may cause issues. For example: + # ignore: + # - dependency-name: 'some-gem' + # - update-types: ['version-update:semver-major'] + groups: + production-security: + dependency-type: production + applies-to: security-updates + production-major-updates: + dependency-type: production + applies-to: version-updates + update-types: + - major + production-minor-updates: + dependency-type: production + applies-to: version-updates + update-types: + - minor + - patch + development-security: + dependency-type: development + applies-to: security-updates + development-major-updates: + dependency-type: development + applies-to: version-updates + update-types: + - major + development-minor-updates: + dependency-type: development + applies-to: version-updates + update-types: + - minor + - patch + - package-ecosystem: npm + directory: / + schedule: + interval: weekly + day: monday + # Ignore specific dependencies or update types which may cause issues. For example: + # ignore: + # - dependency-name: 'some-package' + # - update-types: ['version-update:semver-major'] + groups: + production-security: + dependency-type: production + applies-to: security-updates + production-major-updates: + dependency-type: production + applies-to: version-updates + update-types: + - major + production-minor-updates: + dependency-type: production + applies-to: version-updates + update-types: + - minor + - patch + development-security: + dependency-type: development + applies-to: security-updates + development-major-updates: + dependency-type: development + applies-to: version-updates + update-types: + - major + development-minor-updates: + dependency-type: development + applies-to: version-updates + update-types: + - minor + - patch diff --git a/lib/generators/rolemodel/github/templates/instructions b/lib/generators/rolemodel/github/templates/instructions new file mode 120000 index 00000000..bb68ea4c --- /dev/null +++ b/lib/generators/rolemodel/github/templates/instructions @@ -0,0 +1 @@ +../../../../../.github/instructions \ No newline at end of file diff --git a/lib/generators/rolemodel/github/templates/pull_request_template.md b/lib/generators/rolemodel/github/templates/pull_request_template.md new file mode 100644 index 00000000..539247ab --- /dev/null +++ b/lib/generators/rolemodel/github/templates/pull_request_template.md @@ -0,0 +1,18 @@ +## Why? + +Why were the changes needed? What issues were the changes addressing? +(Note: some changes may seem unrelated to the ticket, this is a great place to explain further.) + +## What Changed + +What changed in this PR? + +* [ ] Change 1 + +## Pre-merge checklist + +* [ ] Update relevant READMEs + +## Screenshots + +If any UI changes need to be shown off, please add screenshots here. diff --git a/.github/templates/ci.yml b/lib/generators/rolemodel/github/templates/workflows/ci.yml similarity index 100% rename from .github/templates/ci.yml rename to lib/generators/rolemodel/github/templates/workflows/ci.yml diff --git a/lib/rolemodel_rails/version.rb b/lib/rolemodel_rails/version.rb index 3914e82f..d8acc7b0 100644 --- a/lib/rolemodel_rails/version.rb +++ b/lib/rolemodel_rails/version.rb @@ -1,5 +1,5 @@ # frozen_string_literal: true module RolemodelRails - VERSION = '0.26.0' + VERSION = '0.27.0' end diff --git a/spec/generators/rolemodel/github_generator_spec.rb b/spec/generators/rolemodel/github_generator_spec.rb index 5663b5ff..002b8123 100644 --- a/spec/generators/rolemodel/github_generator_spec.rb +++ b/spec/generators/rolemodel/github_generator_spec.rb @@ -27,4 +27,23 @@ expect(content).to include(' host: localhost') end end + + it 'creates dependabot.yml' do + assert_file '.github/dependabot.yml' do |content| + expect(content).to include('version: 2') + expect(content).to include('package-ecosystem: bundler') + expect(content).to include('directory: /') + expect(content).to include('schedule:') + expect(content).to include('interval: weekly') + expect(content).to include('day: monday') + end + end + + it 'creates CODEOWNERS' do + assert_file '.github/CODEOWNERS' do |content| + expect(content).to include('# Dependabot / Dependency reviewers:') + expect(content).to include('# yarn.lock') + expect(content).to include('# Gemfile.lock') + end + end end From 54fcb68a2845161c2f160f08993baeeed05bccae Mon Sep 17 00:00:00 2001 From: Wes Date: Thu, 26 Feb 2026 08:36:34 -0500 Subject: [PATCH 2/3] Update lib/generators/rolemodel/github/templates/CODEOWNERS Co-authored-by: Andy Cohen --- lib/generators/rolemodel/github/templates/CODEOWNERS | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/generators/rolemodel/github/templates/CODEOWNERS b/lib/generators/rolemodel/github/templates/CODEOWNERS index 7ef63c7e..79ba6a11 100644 --- a/lib/generators/rolemodel/github/templates/CODEOWNERS +++ b/lib/generators/rolemodel/github/templates/CODEOWNERS @@ -1,8 +1,8 @@ # This file is used by Dependabot (and more broadly GitHub) to determine who needs to review # pull requests which contain changes to specific files. Specifically, the setup below allows # for the dependabot PRs to automatically assign (and notify) the Craftsman and Support Dev. -# Please change the usernames below to the appropriate reviewers for your project! # Dependabot / Dependency reviewers: +# TODO: Update and uncomment the following lines. # yarn.lock @craftsman @supportdev # Gemfile.lock @craftsman @supportdev From 4903b79d63c6f27e2e29d0d4844922ceabc9a702 Mon Sep 17 00:00:00 2001 From: Wes Date: Thu, 26 Feb 2026 08:38:10 -0500 Subject: [PATCH 3/3] Update lib/generators/rolemodel/github/github_generator.rb Co-authored-by: Andy Cohen --- lib/generators/rolemodel/github/github_generator.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/generators/rolemodel/github/github_generator.rb b/lib/generators/rolemodel/github/github_generator.rb index 2261ecd0..b264ae64 100644 --- a/lib/generators/rolemodel/github/github_generator.rb +++ b/lib/generators/rolemodel/github/github_generator.rb @@ -18,7 +18,7 @@ def install_dependabot_and_codeowners copy_file 'dependabot.yml', '.github/dependabot.yml' copy_file 'CODEOWNERS', '.github/CODEOWNERS' - say 'Dependabot config added. Please edit CODEOWNERS to assign appropriate reviewers for your project.' + say '👉 See CODEOWNERS file for important instructions.', %i[bold red on_blue] end def update_database_yml_for_ci