Skip to content

Update encrypt-at-rest #249

Update encrypt-at-rest

Update encrypt-at-rest #249

name: Update encrypt-at-rest
"on":
schedule:
- cron: 0 4 * * 4-5
workflow_dispatch: {}
jobs:
update:
name: Update Package Dependency
runs-on:
- ubuntu-latest
steps:
- name: Docker login gcr.io
if: ${{ (github.event_name != 'pull_request' || ! github.event.pull_request.head.repo.fork) && (github.actor != 'dependabot[bot]') }}
uses: docker/login-action@v3
with:
password: ${{ secrets.GCR_PUSH_BOT_JSON_KEY }}
registry: gcr.io
username: _json_key
- name: Docker login docker.io
if: ${{ (github.event_name != 'pull_request' || ! github.event.pull_request.head.repo.fork) && (github.actor != 'dependabot[bot]') }}
uses: docker/login-action@v3
with:
password: ${{ secrets.PAKETO_BUILDPACKS_DOCKERHUB_PASSWORD }}
registry: docker.io
username: ${{ secrets.PAKETO_BUILDPACKS_DOCKERHUB_USERNAME }}
- uses: actions/setup-go@v5
with:
go-version: "1.23"
- name: Install update-package-dependency
run: |
#!/usr/bin/env bash
set -euo pipefail
go install -ldflags="-s -w" github.com/paketo-buildpacks/libpak/cmd/update-package-dependency@latest
- uses: buildpacks/github-actions/setup-tools@v5.7.2
with:
crane-version: 0.19.1
yj-version: 5.1.0
- uses: actions/checkout@v4
- name: Update Package Dependency
id: package
run: |
#!/usr/bin/env bash
set -euo pipefail
NEW_VERSION=$(crane ls "${DEPENDENCY}" | grep -v latest | sort -V | tail -n 1)
if [[ -e builder.toml ]]; then
OLD_VERSION=$(yj -tj < builder.toml | jq -r ".buildpacks[].uri | capture(\".*${DEPENDENCY}:(?<version>.+)\") | .version")
update-package-dependency \
--builder-toml builder.toml \
--id "${DEPENDENCY}" \
--version "${NEW_VERSION}"
git add builder.toml
fi
if [[ -e package.toml ]]; then
OLD_VERSION=$(yj -tj < package.toml | jq -r ".dependencies[].uri | capture(\".*${DEPENDENCY}:(?<version>.+)\") | .version")
update-package-dependency \
--buildpack-toml buildpack.toml \
--id "${BP_DEPENDENCY:-$DEPENDENCY}" \
--version "${NEW_VERSION}"
update-package-dependency \
--package-toml package.toml \
--id "${PKG_DEPENDENCY:-$DEPENDENCY}" \
--version "${NEW_VERSION}"
git add buildpack.toml package.toml
fi
git checkout -- .
if [ "$(echo "$OLD_VERSION" | awk -F '.' '{print $1}')" != "$(echo "$NEW_VERSION" | awk -F '.' '{print $1}')" ]; then
LABEL="semver:major"
elif [ "$(echo "$OLD_VERSION" | awk -F '.' '{print $2}')" != "$(echo "$NEW_VERSION" | awk -F '.' '{print $2}')" ]; then
LABEL="semver:minor"
else
LABEL="semver:patch"
fi
echo "old-version=${OLD_VERSION}" >> "$GITHUB_OUTPUT"
echo "new-version=${NEW_VERSION}" >> "$GITHUB_OUTPUT"
echo "version-label=${LABEL}" >> "$GITHUB_OUTPUT"
env:
DEPENDENCY: gcr.io/paketo-buildpacks/encrypt-at-rest
- uses: peter-evans/create-pull-request@v6
with:
author: ${{ secrets.JAVA_GITHUB_USERNAME }} <${{ secrets.JAVA_GITHUB_USERNAME }}@users.noreply.github.com>
body: Bumps [`gcr.io/paketo-buildpacks/encrypt-at-rest`](https://gcr.io/paketo-buildpacks/encrypt-at-rest) from [`${{ steps.package.outputs.old-version }}`](https://gcr.io/paketo-buildpacks/encrypt-at-rest:${{ steps.package.outputs.old-version }}) to [`${{ steps.package.outputs.new-version }}`](https://gcr.io/paketo-buildpacks/encrypt-at-rest:${{ steps.package.outputs.new-version }}).
branch: update/package/encrypt-at-rest
commit-message: |-
Bump gcr.io/paketo-buildpacks/encrypt-at-rest from ${{ steps.package.outputs.old-version }} to ${{ steps.package.outputs.new-version }}
Bumps gcr.io/paketo-buildpacks/encrypt-at-rest from ${{ steps.package.outputs.old-version }} to ${{ steps.package.outputs.new-version }}.
delete-branch: true
labels: ${{ steps.package.outputs.version-label }}, type:dependency-upgrade
signoff: true
title: Bump gcr.io/paketo-buildpacks/encrypt-at-rest from ${{ steps.package.outputs.old-version }} to ${{ steps.package.outputs.new-version }}
token: ${{ secrets.PAKETO_BOT_GITHUB_TOKEN }}