Check for dependency updates #451
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: Check for dependency updates | |
# yamllint disable-line rule:truthy | |
on: | |
workflow_dispatch: | |
schedule: | |
# Run once a day | |
- cron: '0 0 * * *' | |
pull_request: | |
paths: | |
- '.github/workflows/check-for-dependency-updates.yaml' | |
permissions: | |
contents: "write" | |
pull-requests: "write" | |
env: | |
UPDATECLI_CONFIG_DIR: "${{ github.workspace }}/.github/configs/updatecli.d" | |
UPDATECLI_GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" | |
jobs: | |
detect-updatecli-configs: | |
name: Detect Updatecli Configuration Files | |
runs-on: ubuntu-latest | |
outputs: | |
updatecli_configs: ${{ steps.detect_updatecli_configs.outputs.updatecli_configs }} | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Detect Updatecli Configuration Files | |
id: detect_updatecli_configs | |
run: | | |
# shellcheck disable=SC2010 | |
echo "updatecli_configs=$(find charts -type f -name ".updatecli*.yaml" | jq --raw-input --slurp --compact-output 'split("\n") | map(select(. != ""))')" >> "${GITHUB_OUTPUT}" | |
run-dependency-check: | |
name: Run Dependency Check | |
needs: detect-updatecli-configs | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
config: ${{fromJson(needs.detect-updatecli-configs.outputs.updatecli_configs)}} | |
fail-fast: false | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Install Updatecli | |
uses: updatecli/updatecli-action@v2 | |
- name: Run Updatecli | |
id: update-dependency | |
run: | | |
updatecli apply --config "${{ matrix.config }}" | |
if ! git diff --exit-code > /dev/null; then | |
echo "changed=true" >> "${GITHUB_OUTPUT}" | |
fi | |
- name: Install Helm | |
if: steps.update-dependency.outputs.changed == 'true' | |
uses: azure/setup-helm@v4 | |
with: | |
token: ${{ secrets.GITHUB_TOKEN }} | |
- name: Regenerate files | |
if: steps.update-dependency.outputs.changed == 'true' | |
run: make -C "$(dirname "${{ matrix.config }}")" clean build | |
- name: Get details | |
id: get-details | |
run: | | |
echo "title=$(yq eval ".name" "${{ matrix.config }}")" >> "${GITHUB_OUTPUT}" | |
versionPath="$(yq eval '.targets.*.spec.key' "${{ matrix.config }}" | head -n 1 | cut -c2-)" | |
echo "version=$(yq eval "${versionPath}" "$(dirname "${{ matrix.config }}")/Chart.yaml")" >> "${GITHUB_OUTPUT}" | |
chart="$(basename "$(dirname "${{ matrix.config }}")")" >> "${GITHUB_OUTPUT}" | |
dep="$(basename "${{ matrix.config }}" | sed -e "s/.updatecli-\(.*\)\.yaml/\1/")" | |
echo "branch=chore/update-${chart}-${dep}" >> "${GITHUB_OUTPUT}" | |
- name: Create pull request | |
if: steps.update-dependency.outputs.changed == 'true' | |
uses: peter-evans/create-pull-request@v7 | |
with: | |
title: "[dependency] ${{ steps.get-details.outputs.title }} to ${{ steps.get-details.outputs.version }}" | |
body: ${{ steps.get-details.outputs.title }} to ${{ steps.get-details.outputs.version }} | |
base: main | |
author: "${{ github.actor }} <${{ github.actor }}@users.noreply.github.com>" | |
committer: "GitHub <noreply@github.com>" | |
commit-message: Update ${{ steps.get-details.outputs.title }} to ${{ steps.get-details.outputs.version }} | |
labels: dependencies | |
branch: ${{ steps.get-details.outputs.branch }} | |
delete-branch: true |