-
Notifications
You must be signed in to change notification settings - Fork 2
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* add cronjob to autofreshen us * fix reference to branch * add pipes for readability and also use outputs * add if to steps so they run only if required * explicitly pass in GITHUB_TOKEN * adding autofreshen job tested on my fork
- Loading branch information
Showing
1 changed file
with
66 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,66 @@ | ||
| name: cron | ||
|
|
||
| on: | ||
| schedule: | ||
| - cron: '05 06 * * *' | ||
|
|
||
| jobs: | ||
| cron: | ||
| name: Automated version refresher | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Get their version | ||
| run: | | ||
| THEIR_VERSION=$(curl -s "https://api.github.com/repos/anchore/grype/releases/latest" | grep "browser_download_url" | cut -d '"' -f 4 | cut -f 8 -d \/ | uniq) | ||
| echo THEIR_VERSION=$THEIR_VERSION >> $GITHUB_ENV | ||
| - name: Check out Code | ||
| uses: actions/checkout@v2 | ||
| env: | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| - name: Get our version | ||
| run: | | ||
| OUR_VERSION=$(cat Dockerfile | grep install.sh | awk '{print $NF}') | ||
| echo OUR_VERSION=$OUR_VERSION >> $GITHUB_ENV | ||
| - name: Compare the versions and freshen if need be | ||
| run: | | ||
| THEIR_VERSION=${{ env.THEIR_VERSION }} | ||
| OUR_VERSION=${{ env.OUR_VERSION }} | ||
| if [ "$THEIR_VERSION" = "$OUR_VERSION" ]; then echo no newer version found; else echo FRESHEN=true >> $GITHUB_ENV ; fi | ||
| - name: Freshen if need be | ||
| if: ${{ env.FRESHEN }} | ||
| run: | | ||
| # This seems like something is broken that I have to specify these... | ||
| git config user.email "runner@boxboat.com" | ||
| git config --global user.name "Automatic Refresher" | ||
| git checkout -b freshen | ||
| sed -i '/install.sh/ s/'$OUR_VERSION'/'$THEIR_VERSION'/' ./Dockerfile | ||
| git commit -am 'autorefreshen process' | ||
| git push --set-upstream origin freshen | ||
| env: | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| - name: Create Pull Request | ||
| if: ${{ env.FRESHEN }} | ||
| uses: devops-infra/action-pull-request@v0.4.2 | ||
| with: | ||
| github_token: ${{ secrets.GITHUB_TOKEN }} | ||
| source_branch: freshen | ||
| target_branch: main | ||
| title: Automatic Update | ||
| body: The cronjob detected that grype had a release and is updating dependencies | ||
| - name: Find Pull Request | ||
| if: ${{ env.FRESHEN }} | ||
| uses: juliangruber/find-pull-request-action@v1.5.0 | ||
| id: find-pull-request | ||
| with: | ||
| branch: freshen | ||
| - name: merge the pull request | ||
| if: ${{ env.FRESHEN }} | ||
| uses: juliangruber/merge-pull-request-action@v1.1.0 | ||
| with: | ||
| github-token: ${{ secrets.GITHUB_TOKEN }} | ||
| number: ${{ steps.find-pull-request.outputs.number }} | ||
| method: squash | ||
| repo: boxboat/grypeadmissioncontroller | ||
| env: | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
|
|