update path

.changie.yaml

@@ -31,7 +31,7 @@ custom:
 footerFormat: |
   {{- $contributorDict := dict }}
   {{- /* any names added to this list should be all lowercase for later matching purposes */}}
-  {{- $core_team := list "emmyoop" "nathaniel-may" "gshank" "leahwicz" "chenyulinx" "stu-k" "iknox-fa" "versusfacit" "mcknight-42" "jtcohen6" "dependabot" }}
+  {{- $core_team := list "emmyoop" "nathaniel-may" "gshank" "leahwicz" "chenyulinx" "stu-k" "iknox-fa" "versusfacit" "mcknight-42" "jtcohen6" "dependabot" "snyk-bot" }}
   {{- range $change := .Changes }}
     {{- $authorList := splitList " " $change.Custom.Author }}
     {{- /* loop through all authors for a PR */}}

.github/workflows/bot-changelog.yml

@@ -0,0 +1,48 @@
+# **what?**
+# When bots create a PR, this action will add a corresponding changie yaml file to that
+# PR when a specific label is added.
+#
+# The file is created off a template:
+#
+# kind: <per action matrix>
+# body: <PR title>
+# time: <current timestamp>
+# custom:
+#   Author: <PR User Login (generally the bot)>
+#   Issue: 4904
+#   PR: <PR number>
+#
+# **why?**
+# Automate changelog generation for more visability with automated bot PRs.
+#
+# **when?**
+# Once a PR is created, label should be added to PR before or after creation. You can also
+#  manually trigger this by adding the appropriate label at any time.
+#
+# **how to add another bot?**
+# Add the label and changie kind to the include matrix.  That's it!
+#
+
+name: Bot Changelog
+
+on:
+  pull_request:
+    # catch when the PR is opened with the label or when the label is added
+    types: [opened, labeled]
+
+permissions:
+  contents: write
+  pull-requests: read
+
+jobs:
+  generate_changelog:
+    runs-on: ubuntu-latest
+
+    steps:
+
+    - name: Create and commit changelog on bot PR
+      if: "contains(github.event.pull_request.labels.*.name, ${{ matrix.label }})"
+      id: bot_changelog
+      uses: dbt-labs/actions/.github/workflows/bot-changelog.yml@changie-bots
+      with:
+        GITHUB_TOKEN: ${{ secrets.FISHTOWN_BOT_PAT }}

.github/workflows/dependency-changelog.yml

@@ -1,114 +0,0 @@
-# **what?**
-# When dependabot create a PR, it always adds the `dependencies` label. This
-# action will add a corresponding changie yaml file to that PR when that label is added.
-# The file is created off a template:
-#
-# kind: Dependencies
-# body: <PR title>
-# time: <current timestamp>
-# custom:
-#   Author: dependabot
-#   Issue: 4904
-#   PR: <PR number>
-#
-# **why?**
-# Automate changelog generation for more visability with automated dependency updates via dependabot.
-
-# **when?**
-# Once a PR is created and it has been correctly labeled with `dependencies`.  The intended use
-# is for the PRs created by dependabot.  You can also manually trigger this by adding the
-# `dependencies` label at any time.
-
-name: Dependency Changelog
-
-on:
-  pull_request:
-    # catch when the PR is opened with the label or when the label is added
-    types: [opened, labeled]
-
-permissions:
-  contents: write
-  pull-requests: read
-
-jobs:
-  dependency_changelog:
-    if: "contains(github.event.pull_request.labels.*.name, 'dependencies')"
-    runs-on: ubuntu-latest
-
-    steps:
-    # timestamp changes the order the changelog entries are listed in the final Changelog.md file.  Precision is not
-    # important here.
-    # The timestamp on the filename and the timestamp in the contents of the file have different expected formats.
-    - name: Get File Name Timestamp
-      id: filename_time
-      uses: nanzm/get-time-action@v1.1
-      with:
-        format: 'YYYYMMDD-HHmmss'
-
-    - name: Get File Content Timestamp
-      id: file_content_time
-      uses: nanzm/get-time-action@v1.1
-      with:
-        format: 'YYYY-MM-DDTHH:mm:ss.000000-05:00'
-
-    # changie expects files to be named in a specific pattern.
-    - name: Generate Filepath
-      id: fp
-      run: |
-        FILEPATH=.changes/unreleased/Dependencies-${{ steps.filename_time.outputs.time }}.yaml
-        echo "::set-output name=FILEPATH::$FILEPATH"
-
-    - name: Check if changelog file exists already
-      # if there's already a changelog entry, don't add another one!
-      # https://github.com/marketplace/actions/paths-changes-filter
-      # For each filter, it sets output variable named by the filter to the text:
-      #  'true' - if any of changed files matches any of filter rules
-      #  'false' - if none of changed files matches any of filter rules
-      # also, returns:
-      #  `changes` - JSON array with names of all filters matching any of the changed files
-      uses: dorny/paths-filter@v2
-      id: changelog_check
-      with:
-        token: ${{ secrets.GITHUB_TOKEN }}
-        filters: |
-          exists:
-            - added: '.changes/unreleased/**.yaml'
-
-    - name: Checkout Branch
-      if: steps.changelog_check.outputs.exists == 'false'
-      uses: actions/checkout@v2
-      with:
-        # specifying the ref avoids checking out the repository in a detached state
-        ref: ${{ github.event.pull_request.head.ref }}
-        # If this is not set to false, Git push is performed with github.token and not the token
-        # configured using the env: GITHUB_TOKEN in commit step
-        persist-credentials: false
-
-    - name: Create file from template
-      if: steps.changelog_check.outputs.exists == 'false'
-      run: |
-        echo kind: Dependencies > "${{ steps.fp.outputs.FILEPATH }}"
-        echo 'body: "${{ github.event.pull_request.title }}"' >> "${{ steps.fp.outputs.FILEPATH }}"
-        echo time: "${{ steps.file_content_time.outputs.time }}" >> "${{ steps.fp.outputs.FILEPATH }}"
-        echo custom: >> "${{ steps.fp.outputs.FILEPATH }}"
-        echo '  Author: ${{ github.event.pull_request.user.login }}' >> "${{ steps.fp.outputs.FILEPATH }}"
-        echo '  Issue: "4904"' >> "${{ steps.fp.outputs.FILEPATH }}"  # github.event.pull_request.issue for auto id?
-        echo '  PR: "${{ github.event.pull_request.number }}"' >> "${{ steps.fp.outputs.FILEPATH }}"
-
-    - name: Commit Changelog File
-      if: steps.changelog_check.outputs.exists == 'false'
-      uses: gr2m/create-or-update-pull-request-action@v1
-      env:
-        # When using the GITHUB_TOKEN, the resulting commit will not trigger another GitHub Actions
-        # Workflow run. This is due to limitations set by GitHub.
-        # See: https://docs.github.com/en/actions/security-guides/automatic-token-authentication#using-the-github_token-in-a-workflow
-        # When you use the repository's GITHUB_TOKEN to perform tasks on behalf of the GitHub Actions
-        # app, events triggered by the GITHUB_TOKEN will not create a new workflow run. This prevents
-        # you from accidentally creating recursive workflow runs. To get around this, use a Personal
-        # Access Token to commit changes.
-        GITHUB_TOKEN: ${{ secrets.FISHTOWN_BOT_PAT }}
-      with:
-        branch: ${{ github.event.pull_request.head.ref }}
-        # author expected in the format "Lorem J. Ipsum <lorem@example.com>"
-        author: "Github Build Bot <buildbot@fishtownanalytics.com>"
-        commit-message: "Add automated changelog yaml from template"