mirror of
https://github.com/anchore/syft.git
synced 2025-11-17 00:13:15 +01:00
53 lines
1.7 KiB
YAML
53 lines
1.7 KiB
YAML
name: PR to update Anchore dependencies
|
|
on:
|
|
workflow_dispatch:
|
|
inputs:
|
|
repos:
|
|
description: "List of dependencies to update"
|
|
required: true
|
|
type: string
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
jobs:
|
|
update:
|
|
# Runner definition: workflows/.github/runs-on.yml
|
|
runs-on: runs-on=${{ github.run_id }}/runner=small-arm
|
|
if: github.repository_owner == 'anchore' # only run for main repo (not forks)
|
|
steps:
|
|
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 #v5.0.0
|
|
with:
|
|
persist-credentials: false
|
|
|
|
- name: Bootstrap environment
|
|
uses: ./.github/actions/bootstrap
|
|
with:
|
|
tools: false
|
|
bootstrap-apt-packages: ""
|
|
|
|
- name: Update dependencies
|
|
id: update
|
|
uses: anchore/workflows/.github/actions/update-go-dependencies@main
|
|
with:
|
|
repos: ${{ github.event.inputs.repos }}
|
|
|
|
- uses: actions/create-github-app-token@67018539274d69449ef7c02e8e71183d1719ab42 #v2.1.4
|
|
id: generate-token
|
|
with:
|
|
app-id: ${{ secrets.TOKEN_APP_ID }}
|
|
private-key: ${{ secrets.TOKEN_APP_PRIVATE_KEY }}
|
|
|
|
- uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e #v7.0.8
|
|
with:
|
|
signoff: true
|
|
delete-branch: true
|
|
draft: ${{ steps.update.outputs.draft }}
|
|
# do not change this branch, as other workflows depend on it
|
|
branch: auto/integration
|
|
labels: dependencies,pre-release
|
|
commit-message: "chore(deps): update anchore dependencies"
|
|
title: "chore(deps): update anchore dependencies"
|
|
body: ${{ steps.update.outputs.summary }}
|
|
token: ${{ steps.generate-token.outputs.token }}
|