cron #1040
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: cron | |
| on: | |
| schedule: | |
| - cron: '05 06 * * *' | |
| jobs: | |
| cron: | |
| name: Automated version refresher | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Get their version | |
| # The github API gave us a 500 the other day and it caused a headache... | |
| run: | | |
| until curl -fs "https://api.github.com/repos/anchore/grype/releases/latest" -o their_version.txt ; do echo "Waiting for GitHub API..." ; sleep 30 ; done | |
| THEIR_VERSION=$(cat ./their_version.txt | grep "browser_download_url" | cut -d '"' -f 4 | cut -f 8 -d \/ | uniq) | |
| echo THEIR_VERSION=$THEIR_VERSION >> $GITHUB_ENV | |
| - name: Check out Code | |
| uses: actions/checkout@v3 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Get our version | |
| run: | | |
| OUR_VERSION=$(cat Dockerfile | grep install.sh | awk '{print $NF}') | |
| echo OUR_VERSION=$OUR_VERSION >> $GITHUB_ENV | |
| - name: Compare the versions and freshen if need be | |
| run: | | |
| THEIR_VERSION=${{ env.THEIR_VERSION }} | |
| OUR_VERSION=${{ env.OUR_VERSION }} | |
| if [ "$THEIR_VERSION" = "$OUR_VERSION" ]; then echo no newer version found; else echo FRESHEN=true >> $GITHUB_ENV ; fi | |
| - name: Freshen if need be | |
| if: ${{ env.FRESHEN }} | |
| run: | | |
| # This seems like something is broken that I have to specify these... | |
| git config user.email "[email protected]" | |
| git config --global user.name "Automatic Refresher" | |
| git checkout -b freshen | |
| sed -i '/install.sh/ s/'$OUR_VERSION'/'$THEIR_VERSION'/' ./Dockerfile | |
| git commit -am 'autorefreshen process' | |
| git push --set-upstream origin freshen | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Create Pull Request | |
| if: ${{ env.FRESHEN }} | |
| uses: devops-infra/[email protected] | |
| with: | |
| github_token: ${{ secrets.GITHUB_TOKEN }} | |
| source_branch: freshen | |
| target_branch: main | |
| title: Automatic Update | |
| body: The cronjob detected that grype had a release and is updating dependencies | |
| - name: Find Pull Request | |
| if: ${{ env.FRESHEN }} | |
| uses: juliangruber/[email protected] | |
| id: find-pull-request | |
| with: | |
| branch: freshen | |
| - name: merge the pull request | |
| if: ${{ env.FRESHEN }} | |
| uses: juliangruber/[email protected] | |
| with: | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| number: ${{ steps.find-pull-request.outputs.number }} | |
| method: squash | |
| repo: boxboat/grypeadmissioncontroller | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Delete freshen branch | |
| if: ${{ env.FRESHEN }} | |
| uses: dawidd6/[email protected] | |
| with: | |
| github_token: ${{ secrets.GITHUB_TOKEN }} | |
| branches: freshen |