Check for dependency updates #504
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: Check for dependency updates | |
# yamllint disable-line rule:truthy | |
on: | |
workflow_dispatch: | |
schedule: | |
# Run once a day | |
- cron: '0 0 * * *' | |
pull_request: | |
paths: | |
- '.github/workflows/check-for-dependency-updates.yaml' | |
permissions: | |
contents: "write" | |
pull-requests: "write" | |
env: | |
UPDATECLI_CONFIG_DIR: "${{ github.workspace }}/.github/configs/updatecli.d" | |
UPDATECLI_GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" | |
jobs: | |
detect-updatecli-configs: | |
name: Detect Updatecli Configuration Files | |
runs-on: ubuntu-latest | |
outputs: | |
updatecli_configs: ${{ steps.detect_updatecli_configs.outputs.updatecli_configs }} | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Detect Updatecli Configuration Files | |
id: detect_updatecli_configs | |
run: | | |
# shellcheck disable=SC2010 | |
echo "updatecli_configs=$(find charts -type f -name ".updatecli*.yaml" | jq --raw-input --slurp --compact-output 'split("\n") | map(select(. != ""))')" >> "${GITHUB_OUTPUT}" | |
run-dependency-check: | |
name: Run Dependency Check | |
needs: detect-updatecli-configs | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
config: ${{fromJson(needs.detect-updatecli-configs.outputs.updatecli_configs)}} | |
fail-fast: false | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Install Updatecli | |
uses: updatecli/updatecli-action@v2 | |
- name: Get details | |
id: get-details | |
run: | | |
chart="$(basename "$(dirname "${{ matrix.config }}")")" | |
depName="$(basename "${{ matrix.config }}" | sed -e "s/.updatecli-\(.*\)\.yaml/\1/")" | |
versionPath="$(yq eval '.targets.*.spec.key' "${{ matrix.config }}" | head -n 1 | cut -c2-)" | |
oldVersion="$(yq eval "${versionPath}" "$(dirname "${{ matrix.config }}")/Chart.yaml")" | |
{ | |
echo "title=$(yq eval ".name" "${{ matrix.config }}")" | |
echo "branch=chore/update-${chart}-${depName}" | |
echo "depChart=$(dirname "${{ matrix.config }}")/charts/${depName}-${oldVersion}.tgz" | |
echo "oldVersion=${oldVersion}" >> "${GITHUB_OUTPUT}" | |
} >> "${GITHUB_OUTPUT}" | |
- name: Run Updatecli | |
id: update-dependency | |
run: | | |
updatecli apply --config "${{ matrix.config }}" | |
if ! git diff --exit-code "${{ steps.get-details.outputs.depChart }}" > /dev/null; then | |
echo "changed=true" >> "${GITHUB_OUTPUT}" | |
fi | |
- name: Get updated details | |
id: get-updated-details | |
run: | | |
versionPath="$(yq eval '.targets.*.spec.key' "${{ matrix.config }}" | head -n 1 | cut -c2-)" | |
echo "newVersion=$(yq eval "${versionPath}" "$(dirname "${{ matrix.config }}")/Chart.yaml")" >> "${GITHUB_OUTPUT}" | |
- name: Install Helm | |
if: steps.update-dependency.outputs.changed == 'true' | |
uses: azure/setup-helm@v4 | |
with: | |
token: ${{ secrets.GITHUB_TOKEN }} | |
- name: Regenerate files | |
if: steps.update-dependency.outputs.changed == 'true' | |
run: make -C "$(dirname "${{ matrix.config }}")" clean build | |
- name: Create pull request | |
if: steps.update-dependency.outputs.changed == 'true' | |
uses: peter-evans/create-pull-request@v7 | |
with: | |
title: "[dependency] ${{ steps.get-details.outputs.title }} to ${{ steps.get-updated-details.outputs.newVersion }}" | |
body: ${{ steps.get-details.outputs.title }} to ${{ steps.get-updated-details.outputs.newVersion }} | |
base: main | |
author: "${{ github.actor }} <${{ github.actor }}@users.noreply.github.com>" | |
committer: "GitHub <[email protected]>" | |
commit-message: Update ${{ steps.get-details.outputs.title }} to ${{ steps.get-updated-details.outputs.newVersion }} | |
labels: dependencies | |
branch: ${{ steps.get-details.outputs.branch }} | |
delete-branch: true |