Update syft #159
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Update syft | |
"on": | |
schedule: | |
- cron: 0 4 * * 4-5 | |
workflow_dispatch: {} | |
jobs: | |
update: | |
name: Update Package Dependency | |
runs-on: | |
- ubuntu-latest | |
steps: | |
- name: Docker login gcr.io | |
if: ${{ (github.event_name != 'pull_request' || ! github.event.pull_request.head.repo.fork) && (github.actor != 'dependabot[bot]') }} | |
uses: docker/login-action@v2 | |
with: | |
password: ${{ secrets.GCR_PUSH_BOT_JSON_KEY }} | |
registry: gcr.io | |
username: _json_key | |
- name: Docker login docker.io | |
if: ${{ (github.event_name != 'pull_request' || ! github.event.pull_request.head.repo.fork) && (github.actor != 'dependabot[bot]') }} | |
uses: docker/login-action@v2 | |
with: | |
password: ${{ secrets.PAKETO_BUILDPACKS_DOCKERHUB_PASSWORD }} | |
registry: docker.io | |
username: ${{ secrets.PAKETO_BUILDPACKS_DOCKERHUB_USERNAME }} | |
- uses: actions/setup-go@v5 | |
with: | |
go-version: "1.20" | |
- name: Install update-package-dependency | |
run: | | |
#!/usr/bin/env bash | |
set -euo pipefail | |
go install -ldflags="-s -w" github.com/paketo-buildpacks/libpak/cmd/update-package-dependency@latest | |
- name: Install crane | |
run: | | |
#!/usr/bin/env bash | |
set -euo pipefail | |
echo "Installing crane ${CRANE_VERSION}" | |
mkdir -p "${HOME}"/bin | |
echo "${HOME}/bin" >> "${GITHUB_PATH}" | |
curl \ | |
--show-error \ | |
--silent \ | |
--location \ | |
"https://github.com/google/go-containerregistry/releases/download/v${CRANE_VERSION}/go-containerregistry_Linux_x86_64.tar.gz" \ | |
| tar -C "${HOME}/bin" -xz crane | |
env: | |
CRANE_VERSION: 0.18.0 | |
- name: Install yj | |
run: | | |
#!/usr/bin/env bash | |
set -euo pipefail | |
echo "Installing yj ${YJ_VERSION}" | |
mkdir -p "${HOME}"/bin | |
echo "${HOME}/bin" >> "${GITHUB_PATH}" | |
curl \ | |
--location \ | |
--show-error \ | |
--silent \ | |
--output "${HOME}"/bin/yj \ | |
"https://github.com/sclevine/yj/releases/download/v${YJ_VERSION}/yj-linux-amd64" | |
chmod +x "${HOME}"/bin/yj | |
env: | |
YJ_VERSION: 5.1.0 | |
- uses: actions/checkout@v4 | |
- name: Update Package Dependency | |
id: package | |
run: | | |
#!/usr/bin/env bash | |
set -euo pipefail | |
NEW_VERSION=$(crane ls "${DEPENDENCY}" | grep -v latest | sort -V | tail -n 1) | |
if [[ -e builder.toml ]]; then | |
OLD_VERSION=$(yj -tj < builder.toml | jq -r ".buildpacks[].uri | capture(\".*${DEPENDENCY}:(?<version>.+)\") | .version") | |
update-package-dependency \ | |
--builder-toml builder.toml \ | |
--id "${DEPENDENCY}" \ | |
--version "${NEW_VERSION}" | |
git add builder.toml | |
fi | |
if [[ -e package.toml ]]; then | |
OLD_VERSION=$(yj -tj < package.toml | jq -r ".dependencies[].uri | capture(\".*${DEPENDENCY}:(?<version>.+)\") | .version") | |
update-package-dependency \ | |
--buildpack-toml buildpack.toml \ | |
--id "${BP_DEPENDENCY:-$DEPENDENCY}" \ | |
--version "${NEW_VERSION}" | |
update-package-dependency \ | |
--package-toml package.toml \ | |
--id "${PKG_DEPENDENCY:-$DEPENDENCY}" \ | |
--version "${NEW_VERSION}" | |
git add buildpack.toml package.toml | |
fi | |
git checkout -- . | |
if [ "$(echo "$OLD_VERSION" | awk -F '.' '{print $1}')" != "$(echo "$NEW_VERSION" | awk -F '.' '{print $1}')" ]; then | |
LABEL="semver:major" | |
elif [ "$(echo "$OLD_VERSION" | awk -F '.' '{print $2}')" != "$(echo "$NEW_VERSION" | awk -F '.' '{print $2}')" ]; then | |
LABEL="semver:minor" | |
else | |
LABEL="semver:patch" | |
fi | |
echo "old-version=${OLD_VERSION}" >> "$GITHUB_OUTPUT" | |
echo "new-version=${NEW_VERSION}" >> "$GITHUB_OUTPUT" | |
echo "version-label=${LABEL}" >> "$GITHUB_OUTPUT" | |
env: | |
DEPENDENCY: gcr.io/paketo-buildpacks/syft | |
- uses: peter-evans/create-pull-request@v5 | |
with: | |
author: ${{ secrets.PAKETO_BUILDPACKS_DOCKERHUB_USERNAME }} <${{ secrets.PAKETO_BUILDPACKS_DOCKERHUB_USERNAME }}@users.noreply.github.com> | |
body: Bumps [`gcr.io/paketo-buildpacks/syft`](https://gcr.io/paketo-buildpacks/syft) from [`${{ steps.package.outputs.old-version }}`](https://gcr.io/paketo-buildpacks/syft:${{ steps.package.outputs.old-version }}) to [`${{ steps.package.outputs.new-version }}`](https://gcr.io/paketo-buildpacks/syft:${{ steps.package.outputs.new-version }}). | |
branch: update/package/syft | |
commit-message: |- | |
Bump gcr.io/paketo-buildpacks/syft from ${{ steps.package.outputs.old-version }} to ${{ steps.package.outputs.new-version }} | |
Bumps gcr.io/paketo-buildpacks/syft from ${{ steps.package.outputs.old-version }} to ${{ steps.package.outputs.new-version }}. | |
delete-branch: true | |
labels: ${{ steps.package.outputs.version-label }}, type:dependency-upgrade | |
signoff: true | |
title: Bump gcr.io/paketo-buildpacks/syft from ${{ steps.package.outputs.old-version }} to ${{ steps.package.outputs.new-version }} | |
token: ${{ secrets.PAKETO_BOT_GITHUB_TOKEN }} |