From d41976cadaead098bd2a6188e4012a3496a299f3 Mon Sep 17 00:00:00 2001 From: Weston Steimel Date: Thu, 18 Aug 2022 18:28:27 +0100 Subject: [PATCH] workflow to create automated PRs to update bootstrap tools Signed-off-by: Weston Steimel --- .github/workflows/update-bootstrap-tools.yml | 75 ++++++++++++++++++++ Makefile | 18 +++-- 2 files changed, 87 insertions(+), 6 deletions(-) create mode 100644 .github/workflows/update-bootstrap-tools.yml diff --git a/.github/workflows/update-bootstrap-tools.yml b/.github/workflows/update-bootstrap-tools.yml new file mode 100644 index 00000000000..3982ffbf5bd --- /dev/null +++ b/.github/workflows/update-bootstrap-tools.yml @@ -0,0 +1,75 @@ +name: PR for latest versions of bootstrap tools +on: + schedule: + - cron: "0 8 * * *" # 3 AM EST + + workflow_dispatch: + +env: + GO_VERSION: "1.18.x" + GO_STABLE_VERSION: true + +jobs: + update-bootstrap-tools: + runs-on: ubuntu-latest + if: github.repository == 'anchore/syft' # only run for main repo + steps: + - uses: actions/checkout@v3 + + - uses: actions/setup-go@v2 + with: + go-version: ${{ env.GO_VERSION }} + stable: ${{ env.GO_STABLE_VERSION }} + + - run: | + GOLANGCILINT_LATEST_VERSION=$(go list -m -json github.com/golangci/golangci-lint@latest 2>/dev/null | jq -r '.Version') + BOUNCER_LATEST_VERSION=$(go list -m -json github.com/wagoodman/go-bouncer@latest 2>/dev/null | jq -r '.Version') + CHRONICLE_LATEST_VERSION=$(go list -m -json github.com/anchore/chronicle@latest 2>/dev/null | jq -r '.Version') + GORELEASER_LATEST_VERSION=$(go list -m -json github.com/goreleaser/goreleaser@latest 2>/dev/null | jq -r '.Version') + YAJSV_LATEST_VERSION=$(go list -m -json github.com/neilpa/yajsv@latest 2>/dev/null | jq -r '.Version') + COSIGN_LATEST_VERSION=$(go list -m -json github.com/sigstore/cosign@latest 2>/dev/null | jq -r '.Version') + + # update version variables in the Makefile + sed -r -i -e 's/^(GOLANGCILINT_VERSION = ).*/\1'${GOLANGCILINT_LATEST_VERSION}'/' Makefile + sed -r -i -e 's/^(BOUNCER_VERSION = ).*/\1'${BOUNCER_LATEST_VERSION}'/' Makefile + sed -r -i -e 's/^(CHRONICLE_VERSION = ).*/\1'${CHRONICLE_LATEST_VERSION}'/' Makefile + sed -r -i -e 's/^(GORELEASER_VERSION = ).*/\1'${GORELEASER_LATEST_VERSION}'/' Makefile + sed -r -i -e 's/^(YAJSV_VERSION = ).*/\1'${YAJSV_LATEST_VERSION}'/' Makefile + sed -r -i -e 's/^(COSIGN_VERSION = ).*/\1'${COSIGN_LATEST_VERSION}'/' Makefile + + # update cosign in go.mod as well + go get github.com/sigstore/cosign@$COSIGN_LATEST_VERSION + go mod tidy + + # export the versions for use with create-pull-request + echo "::set-output name=GOLANGCILINT::$GOLANGCILINT_LATEST_VERSION" + echo "::set-output name=BOUNCER::BOUNCER_LATEST_VERSION" + echo "::set-output name=CHRONICLE::CHRONICLE_LATEST_VERSION" + echo "::set-output name=GORELEASER::GORELEASER_LATEST_VERSION" + echo "::set-output name=YAJSV::YAJSV_LATEST_VERSION" + echo "::set-output name=COSIGN::COSIGN_LATEST_VERSION" + id: latest-versions + + - uses: tibdex/github-app-token@v1 + id: generate-token + with: + app_id: ${{ secrets.TOKEN_APP_ID }} + private_key: ${{ secrets.TOKEN_APP_PRIVATE_KEY }} + + - uses: peter-evans/create-pull-request@v4 + with: + signoff: true + delete-branch: true + branch: auto/latest-bootstrap-tools + labels: dependencies + commit-message: 'Update syft bootstrap tools to latest versions.' + title: 'Update syft bootstrap tools to latest versions.' + body: | + - [golangci-lint ${{ steps.latest-versions.outputs.GOLANGCILINT }}](https://github.com/golangci/golangci-lint/releases/tag/${{ steps.latest-versions.outputs.GOLANGCILINT }}) + - [bouncer ${{ steps.latest-versions.outputs.BOUNCER }}](https://github.com/wagoodman/go-bouncer/releases/tag/${{ steps.latest-versions.outputs.BOUNCER }}) + - [chronicle ${{ steps.latest-versions.outputs.CHRONICLE }}](https://github.com/anchore/chronicle/releases/tag/${{ steps.latest-versions.outputs.CHRONICLE }}) + - [goreleaser ${{ steps.latest-versions.outputs.GORELEASER }}](https://github.com/goreleaser/goreleaser/releases/tag/${{ steps.latest-versions.outputs.GORELEASER }}) + - [yajsv ${{ steps.latest-versions.outputs.YAJSV }}](https://github.com/neilpa/yajsv/releases/tag/${{ steps.latest-versions.outputs.YAJSV }}) + - [cosign ${{ steps.latest-versions.outputs.COSIGN }}](https://github.com/sigstore/cosign/releases/tag/${{ steps.latest-versions.outputs.COSIGN }}) + This is an auto-generated pull request to update all of the bootstrap tools to the latest versions. + token: ${{ steps.generate-token.outputs.token }} \ No newline at end of file diff --git a/Makefile b/Makefile index c1d20c24a7f..1d17d6f139a 100644 --- a/Makefile +++ b/Makefile @@ -9,6 +9,12 @@ SNAPSHOT_CMD=$(RELEASE_CMD) --skip-publish --snapshot VERSION=$(shell git describe --dirty --always --tags) COMPARE_TEST_IMAGE = centos:8.2.2004 COMPARE_DIR = ./test/compare +GOLANGCILINT_VERSION = v1.47.2 +BOUNCER_VERSION = v0.4.0 +CHRONICLE_VERSION = v0.3.0 +GORELEASER_VERSION = v1.10.3 +YAJSV_VERSION = v1.4.0 +COSIGN_VERSION = v1.10.0 # formatting variables BOLD := $(shell tput -T linux bold) @@ -106,12 +112,12 @@ $(TEMPDIR): .PHONY: bootstrap-tools bootstrap-tools: $(TEMPDIR) GO111MODULE=off GOBIN=$(shell realpath $(TEMPDIR)) go get -u golang.org/x/perf/cmd/benchstat - curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(TEMPDIR)/ v1.47.2 - curl -sSfL https://raw.githubusercontent.com/wagoodman/go-bouncer/master/bouncer.sh | sh -s -- -b $(TEMPDIR)/ v0.4.0 - curl -sSfL https://raw.githubusercontent.com/anchore/chronicle/main/install.sh | sh -s -- -b $(TEMPDIR)/ v0.3.0 - .github/scripts/goreleaser-install.sh -d -b $(TEMPDIR)/ v1.10.3 - GOBIN="$(shell realpath $(TEMPDIR))" go install github.com/neilpa/yajsv@v1.4.0 - GOBIN="$(shell realpath $(TEMPDIR))" go install github.com/sigstore/cosign/cmd/cosign@v1.10.0 + curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(TEMPDIR)/ $(GOLANGCILINT_VERSION) + curl -sSfL https://raw.githubusercontent.com/wagoodman/go-bouncer/master/bouncer.sh | sh -s -- -b $(TEMPDIR)/ $(BOUNCER_VERSION) + curl -sSfL https://raw.githubusercontent.com/anchore/chronicle/main/install.sh | sh -s -- -b $(TEMPDIR)/ $(CHRONICLE_VERSION) + .github/scripts/goreleaser-install.sh -d -b $(TEMPDIR)/ $(GORELEASER_VERSION) + GOBIN="$(shell realpath $(TEMPDIR))" go install github.com/neilpa/yajsv@$(YAJSV_VERSION) + GOBIN="$(shell realpath $(TEMPDIR))" go install github.com/sigstore/cosign/cmd/cosign@$(COSIGN_VERSION) .PHONY: bootstrap-go bootstrap-go: