Bump debian from buster-20210721 to buster-20231009 in /docker/validator #6
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Dependency Notifier | |
| on: | |
| pull_request: | |
| types: | |
| - opened | |
| - synchronize | |
| #pull_request_review: | |
| # Should we enforce reviews in the future, then re-enable this. | |
| # types: | |
| # - submitted | |
| # - dismissed | |
| push: | |
| branches: | |
| - auto | |
| jobs: | |
| calc-summaries: | |
| runs-on: ubuntu-latest | |
| name: Calculate dependency summary changes | |
| if: ${{ github.event_name == 'push' || github.actor != 'bors-libra' }} | |
| outputs: | |
| lsr-summary-diff: ${{ steps.verify-lsr.outputs.diff }} | |
| lec-summary-diff: ${{ steps.verify-lec.outputs.diff }} | |
| release-summary-diff: ${{ steps.verify-release.outputs.diff }} | |
| dep-auditors-list: ${{ steps.dep-auditors.outputs.list }} | |
| steps: | |
| - name: checkout | |
| uses: actions/checkout@v2.3.4 | |
| if: ${{ startsWith(github.event_name, 'pull_request') }} | |
| with: | |
| ref: ${{ github.event.pull_request.head.sha }} | |
| - name: fetch base ref | |
| id: fetch-base-ref | |
| uses: diem/actions/pr-base-ref@a5fa31ff2b54a544cd88ac912cda469742592e6c | |
| if: ${{ startsWith(github.event_name, 'pull_request') }} | |
| with: | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: checkout base ref | |
| uses: actions/checkout@v2.3.4 | |
| if: ${{ startsWith(github.event_name, 'pull_request') }} | |
| with: | |
| ref: ${{ steps.fetch-base-ref.outputs.ref }} | |
| path: libra-base | |
| - name: checkout | |
| uses: actions/checkout@v2.3.4 | |
| if: ${{ github.event_name == 'push' }} | |
| with: | |
| ref: ${{ github.event.after }} | |
| - name: checkout base ref | |
| uses: actions/checkout@v2.3.4 | |
| if: ${{ github.event_name == 'push' }} | |
| with: | |
| ref: ${{ github.event.before }} | |
| path: libra-base | |
| - name: generate new summaries | |
| run: | | |
| set +e | |
| cargo x generate-summaries | |
| - name: generate base summaries | |
| run: | | |
| set +e | |
| cd libra-base | |
| cargo x generate-summaries | |
| # TODO (sunshowers): add key-manager TCB | |
| - name: diff LSR summary | |
| id: verify-lsr | |
| run: | | |
| output="$(cargo x diff-summary libra-base/target/summaries/summary-lsr.toml target/summaries/summary-lsr.toml)" | |
| echo "${output}" | |
| output="${output//'%'/'%25'}" | |
| output="${output//$'\n'/'%0A'}" | |
| output="${output//$'\r'/'%0D'}" | |
| echo "::set-output name=diff::${output}" | |
| - name: diff LEC summary | |
| id: verify-lec | |
| run: | | |
| output="$(cargo x diff-summary libra-base/target/summaries/summary-lec.toml target/summaries/summary-lec.toml)" | |
| echo "${output}" | |
| output="${output//'%'/'%25'}" | |
| output="${output//$'\n'/'%0A'}" | |
| output="${output//$'\r'/'%0D'}" | |
| echo "::set-output name=diff::${output}" | |
| - name: diff release summary | |
| id: verify-release | |
| run: | | |
| output="$(cargo x diff-summary libra-base/target/summaries/summary-release.toml target/summaries/summary-release.toml)" | |
| echo "${output}" | |
| output="${output//'%'/'%25'}" | |
| output="${output//$'\n'/'%0A'}" | |
| output="${output//$'\r'/'%0D'}" | |
| echo "::set-output name=diff::${output}" | |
| - name: read dep-auditors list | |
| id: dep-auditors | |
| run: | | |
| output=$(cat ./.github/dep-auditors.json | jq -r 'join(",")') | |
| echo "::set-output name=list::${output}" | |
| # requires-dep-audit-review: | |
| # runs-on: ubuntu-latest | |
| # name: Require review for TCB dep summary changes. | |
| # if: ${{ github.event_name == 'push' || github.actor != 'bors-libra' }} | |
| # needs: calc-summaries | |
| # steps: | |
| # - name: require dep-audit review if TCB deps changed | |
| # if: ${{ needs.calc-summaries.outputs.lsr-summary-diff || needs.calc-summaries.lec-summary-diff }} | |
| # uses: diem/actions/require-review@a5fa31ff2b54a544cd88ac912cda469742592e6c | |
| # with: | |
| # github-token: ${{ secrets.GITHUB_TOKEN }} | |
| # users: ${{ needs.calc-summaries.outputs.dep-auditors-list }} | |
| annotate-pr: | |
| runs-on: ubuntu-latest | |
| name: Annotate PR with when summaries change | |
| if: ${{ github.actor != 'bors-libra' && github.event_name == 'pull_request' }} | |
| needs: calc-summaries | |
| steps: | |
| - name: annotate PR with LSR diff | |
| if: ${{ needs.calc-summaries.outputs.lsr-summary-diff }} | |
| uses: diem/actions/comment@a5fa31ff2b54a544cd88ac912cda469742592e6c | |
| with: | |
| comment: | | |
| **LSR dependency change summary**: | |
| ``` | |
| ${{ needs.calc-summaries.outputs.lsr-summary-diff }} | |
| ``` | |
| tag: lsr-summary | |
| delete-older: true | |
| - name: annotate PR with LEC diff | |
| if: ${{ needs.calc-summaries.outputs.lec-summary-diff }} | |
| uses: diem/actions/comment@a5fa31ff2b54a544cd88ac912cda469742592e6c | |
| with: | |
| comment: | | |
| **LEC dependency change summary**: | |
| ``` | |
| ${{ needs.calc-summaries.outputs.lec-summary-diff }} | |
| ``` | |
| tag: lec-summary | |
| delete-older: true | |
| - name: annotate PR with release diff | |
| if: ${{ needs.calc-summaries.outputs.release-summary-diff }} | |
| uses: diem/actions/comment@a5fa31ff2b54a544cd88ac912cda469742592e6c | |
| with: | |
| comment: | | |
| **release binaries dependency change summary**: | |
| ``` | |
| ${{ needs.calc-summaries.outputs.release-summary-diff }} | |
| ``` | |
| tag: release-summary | |
| delete-older: true | |
| - name: label PR if TCB changed | |
| if: ${{ needs.calc-summaries.outputs.lsr-summary-diff || needs.calc-summaries.outputs.lec-summary-diff }} | |
| uses: diem/actions/labels@a5fa31ff2b54a544cd88ac912cda469742592e6c | |
| with: | |
| add: tcb-deps-changed | |
| - name: label PR if tracked deps changed | |
| if: ${{ needs.calc-summaries.outputs.lsr-summary-diff || needs.calc-summaries.outputs.lec-summary-diff || needs.calc-summaries.outputs.release-summary-diff }} | |
| uses: diem/actions/labels@a5fa31ff2b54a544cd88ac912cda469742592e6c | |
| with: | |
| add: deps-changed | |
| - name: unlabel PR if TCB changed | |
| if: ${{ !needs.calc-summaries.outputs.lsr-summary-diff && !needs.calc-summaries.outputs.lec-summary-diff }} | |
| uses: diem/actions/labels@a5fa31ff2b54a544cd88ac912cda469742592e6c | |
| with: | |
| remove: tcb-deps-changed | |
| - name: unlabel PR if tracked deps changed | |
| if: ${{ !needs.calc-summaries.outputs.lsr-summary-diff && !needs.calc-summaries.outputs.lec-summary-diff && !needs.calc-summaries.outputs.release-summary-diff }} | |
| uses: diem/actions/labels@a5fa31ff2b54a544cd88ac912cda469742592e6c | |
| with: | |
| remove: deps-changed | |
| - name: request dep-audit review if TCB deps changed | |
| uses: diem/actions/request-review@a5fa31ff2b54a544cd88ac912cda469742592e6c | |
| if: ${{ needs.calc-summaries.outputs.lsr-summary-diff || needs.calc-summaries.outputs.lec-summary-diff }} | |
| with: | |
| users: ${{ needs.calc-summaries.outputs.dep-auditors-list }} |