Home Explore Help
Sign In
logic855
/
helm-external-secrets
mirror of https://github.com/external-secrets/external-secrets
1
0
Fork 0
Files Issues 0 Wiki
Tree: 06faede276
Branches Tags
helm-externa...
/
.github
/
workflows
/
update-deps.yml

update-deps.yml 2.2 KB
History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273 
  1. name: "Update dependencies"
    2. 

  2. on:
    3. 

  3.   schedule:
    4. 

  4.     # Monday, 10AM UTC
    5. 

  5.     - cron: "0 10 * * 1"
    6. 

  6. 

  7.   workflow_dispatch:
    8. 

  8.     inputs: {}
    9. 

  9. 

  10. 

  11. jobs:
    12. 

  12.   branches:
    13. 

  13.     name: get branch data
    14. 

  14.     runs-on: ubuntu-latest
    15. 

  15.     outputs:
    16. 

  16.       branches: ${{ steps.branches.outputs.branches }}
    17. 

  17. 

  18.     steps:
    19. 

  19.       - name: Checkout
    20. 

  20.         uses: actions/checkout@v3
    21. 

  21.         with:
    22. 

  22.           fetch-depth: 0
    23. 

  23.           ref: ${{ github.event.inputs.ref }}
    24. 

  24.       - name: set branches output
    25. 

  25.         id: branches
    26. 

  26.         # outputs the two most recent `release-x.y` branches plus `main` as JSON
    27. 

  27.         run: |
    28. 

  28.           echo "branches=$(git branch -a | grep -E "remotes/origin/(main|release-)" | sed 's/  remotes\/origin\///' | sort -V | tail -2 | jq -R -s -c 'split("\n") | map(select(length > 0)) | . + ["main"]')" >> $GITHUB_OUTPUT
    29. 

  29. 

  30.   update-dependencies:
    31. 

  31.     runs-on: ubuntu-latest
    32. 

  32.     needs: branches
    33. 

  33.     strategy:
    34. 

  34.       matrix:
    35. 

  35.         branch: ${{ fromJson(needs.branches.outputs.branches) }}
    36. 

  36.     steps:
    37. 

  37.     - name: Setup Go
    38. 

  38.       uses: actions/setup-go@v4
    39. 

  39.       with:
    40. 

  40.         go-version: "1.19"
    41. 

  41. 

  42.       # we can not use the default GHA token, as it prevents subsequent GHA
    43. 

  43.       # from running: we can create a PR but the tests won't run :/
    44. 

  44.     - name: Generate token
    45. 

  45.       id: generate_token
    46. 

  46.       uses: tibdex/github-app-token@v1
    47. 

  47.       with:
    48. 

  48.         app_id: ${{ secrets.APP_ID }}
    49. 

  49.         private_key: ${{ secrets.PRIVATE_KEY }}
    50. 

  50.     - uses: actions/checkout@v3
    51. 

  51.       with:
    52. 

  52.         token: ${{ steps.generate_token.outputs.token }}
    53. 

  53.         ref: ${{ matrix.branch }}
    54. 

  54.         fetch-depth: 0
    55. 

  55.     - name: create pull request
    56. 

  56.       run: |
    57. 

  57.         git config --global user.email "ExternalSecretsOperator@users.noreply.github.com"
    58. 

  58.         git config --global user.name "External Secrets Operator"
    59. 

  59.         BRANCH=update-deps-$(date "+%s")
    60. 

  60.         make update-deps || true
    61. 

  61. 

  62.         if git diff-index --quiet HEAD --; then
    63. 

  63.           echo "nothing changed. skipping."
    64. 

  64.           exit 0;
    65. 

  65.         fi
    66. 

  66. 

  67.         git checkout -b $BRANCH
    68. 

  68.         git add -A
    69. 

  69.         git commit -m "update dependencies" -s
    70. 

  70.         git push origin $BRANCH
    71. 

  71.         gh pr create -B ${{ matrix.branch }} -H ${BRANCH} --title 'chore: update dependencies' --body 'Update dependencies'
    72. 

  72.       env:
    73. 

  73.         GITHUB_TOKEN: ${{ steps.generate_token.outputs.token }}
    74.