cron #1075
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: cron | |
| on: | |
| schedule: | |
| - cron: '05 06 * * *' | |
| jobs: | |
| cron: | |
| name: Automated version refresher | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Get their version | |
| # The github API gave us a 500 the other day and it caused a headache... | |
| run: | | |
| until curl -fs "https://api.github.com/repos/anchore/grype/releases/latest" -o their_version.txt ; do echo "Waiting for GitHub API..." ; sleep 30 ; done | |
| THEIR_VERSION=$(cat ./their_version.txt | grep "browser_download_url" | cut -d '"' -f 4 | cut -f 8 -d \/ | uniq) | |
| echo THEIR_VERSION=$THEIR_VERSION >> $GITHUB_ENV | |
| - name: Check out Code | |
| uses: actions/checkout@v3 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Get our version | |
| run: | | |
| OUR_VERSION=$(cat Dockerfile | grep install.sh | awk '{print $NF}') | |
| echo OUR_VERSION=$OUR_VERSION >> $GITHUB_ENV | |
| - name: Compare the versions and freshen if need be | |
| run: | | |
| THEIR_VERSION=${{ env.THEIR_VERSION }} | |
| OUR_VERSION=${{ env.OUR_VERSION }} | |
| if [ "$THEIR_VERSION" = "$OUR_VERSION" ]; then echo no newer version found; else echo FRESHEN=true >> $GITHUB_ENV ; fi | |
| - name: Freshen if need be | |
| if: ${{ env.FRESHEN }} | |
| run: | | |
| # This seems like something is broken that I have to specify these... | |
| git config user.email "runner@boxboat.com" | |
| git config --global user.name "Automatic Refresher" | |
| git checkout -b freshen | |
| sed -i '/install.sh/ s/'$OUR_VERSION'/'$THEIR_VERSION'/' ./Dockerfile | |
| git commit -am 'autorefreshen process' | |
| git push --set-upstream origin freshen | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Create Pull Request | |
| if: ${{ env.FRESHEN }} | |
| uses: devops-infra/action-pull-request@v0.5.3 | |
| with: | |
| github_token: ${{ secrets.GITHUB_TOKEN }} | |
| source_branch: freshen | |
| target_branch: main | |
| title: Automatic Update | |
| body: The cronjob detected that grype had a release and is updating dependencies | |
| - name: Find Pull Request | |
| if: ${{ env.FRESHEN }} | |
| uses: juliangruber/find-pull-request-action@v1.5.0 | |
| id: find-pull-request | |
| with: | |
| branch: freshen | |
| - name: merge the pull request | |
| if: ${{ env.FRESHEN }} | |
| uses: juliangruber/merge-pull-request-action@v1.1.0 | |
| with: | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| number: ${{ steps.find-pull-request.outputs.number }} | |
| method: squash | |
| repo: boxboat/grypeadmissioncontroller | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Delete freshen branch | |
| if: ${{ env.FRESHEN }} | |
| uses: dawidd6/action-delete-branch@v3.1.0 | |
| with: | |
| github_token: ${{ secrets.GITHUB_TOKEN }} | |
| branches: freshen |