-
Notifications
You must be signed in to change notification settings - Fork 567
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
workflow to create automated PRs to update bootstrap tools #1167
Changes from all commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,75 @@ | ||
name: PR for latest versions of bootstrap tools | ||
on: | ||
schedule: | ||
- cron: "0 8 * * *" # 3 AM EST | ||
|
||
workflow_dispatch: | ||
|
||
env: | ||
GO_VERSION: "1.18.x" | ||
GO_STABLE_VERSION: true | ||
|
||
jobs: | ||
update-bootstrap-tools: | ||
runs-on: ubuntu-latest | ||
if: github.repository == 'anchore/syft' # only run for main repo | ||
steps: | ||
- uses: actions/checkout@v3 | ||
|
||
- uses: actions/setup-go@v2 | ||
with: | ||
go-version: ${{ env.GO_VERSION }} | ||
stable: ${{ env.GO_STABLE_VERSION }} | ||
|
||
- run: | | ||
GOLANGCILINT_LATEST_VERSION=$(go list -m -json github.com/golangci/golangci-lint@latest 2>/dev/null | jq -r '.Version') | ||
BOUNCER_LATEST_VERSION=$(go list -m -json github.com/wagoodman/go-bouncer@latest 2>/dev/null | jq -r '.Version') | ||
CHRONICLE_LATEST_VERSION=$(go list -m -json github.com/anchore/chronicle@latest 2>/dev/null | jq -r '.Version') | ||
GORELEASER_LATEST_VERSION=$(go list -m -json github.com/goreleaser/goreleaser@latest 2>/dev/null | jq -r '.Version') | ||
YAJSV_LATEST_VERSION=$(go list -m -json github.com/neilpa/yajsv@latest 2>/dev/null | jq -r '.Version') | ||
COSIGN_LATEST_VERSION=$(go list -m -json github.com/sigstore/cosign@latest 2>/dev/null | jq -r '.Version') | ||
|
||
# update version variables in the Makefile | ||
sed -r -i -e 's/^(GOLANGCILINT_VERSION = ).*/\1'${GOLANGCILINT_LATEST_VERSION}'/' Makefile | ||
sed -r -i -e 's/^(BOUNCER_VERSION = ).*/\1'${BOUNCER_LATEST_VERSION}'/' Makefile | ||
sed -r -i -e 's/^(CHRONICLE_VERSION = ).*/\1'${CHRONICLE_LATEST_VERSION}'/' Makefile | ||
sed -r -i -e 's/^(GORELEASER_VERSION = ).*/\1'${GORELEASER_LATEST_VERSION}'/' Makefile | ||
sed -r -i -e 's/^(YAJSV_VERSION = ).*/\1'${YAJSV_LATEST_VERSION}'/' Makefile | ||
sed -r -i -e 's/^(COSIGN_VERSION = ).*/\1'${COSIGN_LATEST_VERSION}'/' Makefile | ||
|
||
# update cosign in go.mod as well | ||
go get github.com/sigstore/cosign@$COSIGN_LATEST_VERSION | ||
go mod tidy | ||
|
||
# export the versions for use with create-pull-request | ||
echo "::set-output name=GOLANGCILINT::$GOLANGCILINT_LATEST_VERSION" | ||
echo "::set-output name=BOUNCER::BOUNCER_LATEST_VERSION" | ||
echo "::set-output name=CHRONICLE::CHRONICLE_LATEST_VERSION" | ||
echo "::set-output name=GORELEASER::GORELEASER_LATEST_VERSION" | ||
echo "::set-output name=YAJSV::YAJSV_LATEST_VERSION" | ||
echo "::set-output name=COSIGN::COSIGN_LATEST_VERSION" | ||
id: latest-versions | ||
|
||
- uses: tibdex/github-app-token@v1 | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Interesting! Why do we need to use this action for the workflow? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I don't actually know, that was something @kzantow had as part of the stereoscope update one, so I assumed it would need to be here also |
||
id: generate-token | ||
with: | ||
app_id: ${{ secrets.TOKEN_APP_ID }} | ||
private_key: ${{ secrets.TOKEN_APP_PRIVATE_KEY }} | ||
|
||
- uses: peter-evans/create-pull-request@v4 | ||
with: | ||
signoff: true | ||
delete-branch: true | ||
branch: auto/latest-bootstrap-tools | ||
labels: dependencies | ||
commit-message: 'Update syft bootstrap tools to latest versions.' | ||
title: 'Update syft bootstrap tools to latest versions.' | ||
body: | | ||
- [golangci-lint ${{ steps.latest-versions.outputs.GOLANGCILINT }}](https://github.com/golangci/golangci-lint/releases/tag/${{ steps.latest-versions.outputs.GOLANGCILINT }}) | ||
- [bouncer ${{ steps.latest-versions.outputs.BOUNCER }}](https://github.com/wagoodman/go-bouncer/releases/tag/${{ steps.latest-versions.outputs.BOUNCER }}) | ||
- [chronicle ${{ steps.latest-versions.outputs.CHRONICLE }}](https://github.com/anchore/chronicle/releases/tag/${{ steps.latest-versions.outputs.CHRONICLE }}) | ||
- [goreleaser ${{ steps.latest-versions.outputs.GORELEASER }}](https://github.com/goreleaser/goreleaser/releases/tag/${{ steps.latest-versions.outputs.GORELEASER }}) | ||
- [yajsv ${{ steps.latest-versions.outputs.YAJSV }}](https://github.com/neilpa/yajsv/releases/tag/${{ steps.latest-versions.outputs.YAJSV }}) | ||
- [cosign ${{ steps.latest-versions.outputs.COSIGN }}](https://github.com/sigstore/cosign/releases/tag/${{ steps.latest-versions.outputs.COSIGN }}) | ||
This is an auto-generated pull request to update all of the bootstrap tools to the latest versions. | ||
token: ${{ steps.generate-token.outputs.token }} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
TIL
ubuntu-latest
comes with jqThere was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I was just assuming because we have https://github.com/anchore/grype/blob/ae37eb4a05acfacf551138e15a2266a0894d4399/.github/workflows/update-syft-release.yml#L25