Skip to content

chore(deps): update module google.golang.org/grpc to v1.56.3 [security] (main) - autoclosed #2953

chore(deps): update module google.golang.org/grpc to v1.56.3 [security] (main) - autoclosed

chore(deps): update module google.golang.org/grpc to v1.56.3 [security] (main) - autoclosed #2953

Workflow file for this run

name: Verify drone updates
on: [pull_request]
jobs:
check-drone-changes:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Get changed files
# we need continue on error because the git diff | grep pipe can return a non-zero error code if no result is found
continue-on-error: true
id: changed-files
run: |
echo "changed_files=$(git diff --name-only main -- .drone/ | xargs)" >> $GITHUB_OUTPUT
git diff main .drone/ | grep "+hmac "
echo "sha_updated=$?" >> $GITHUB_OUTPUT
- name: Check that drone was updated properly
if: always()
run: |
jsonnetChanged=false
yamlChanged=false
echo "sha updated? ${{ steps.changed-files.outputs.sha_updated }}"
# check whether the drone jsonnet and yaml files were updated
for file in ${{ steps.changed-files.outputs.changed_files }}; do
if [ "$file" == ".drone/drone.jsonnet" ]; then
echo "$file was changed"
jsonnetChanged=true
fi
if [ "$file" == ".drone/drone.yml" ]; then
echo "$file was changed"
yamlChanged=true
fi
done
# if niether file was changed we're okay
if { [ "$yamlChanged" = false ] && [ "$jsonnetChanged" = false ]; } then
echo "neither file was changed"
exit 0
fi
# if both files were changed then we should ensure that the sha in the yaml was also updated
if { [ "$yamlChanged" = true ] && [ "$jsonnetChanged" = true ]; } then
# annoyingly, the return value is a string
if [ "${{ steps.changed-files.outputs.sha_updated }}" = "0" ]; then
echo "both files were changed and sha was updated"
exit 0
fi
echo "both drone yaml and jsonnet were updated but the sha in the yaml file was not updated"
exit 1
fi
# only one of the two files was updated
echo "if one of the drone files (yaml or jsonnet) was changed then bothy files must be updated"
exit 1