Update encrypt-at-rest #250
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Update encrypt-at-rest | |
"on": | |
schedule: | |
- cron: 0 4 * * 4-5 | |
workflow_dispatch: {} | |
jobs: | |
update: | |
name: Update Package Dependency | |
runs-on: | |
- ubuntu-latest | |
steps: | |
- name: Docker login gcr.io | |
if: ${{ (github.event_name != 'pull_request' || ! github.event.pull_request.head.repo.fork) && (github.actor != 'dependabot[bot]') }} | |
uses: docker/login-action@v3 | |
with: | |
password: ${{ secrets.GCR_PUSH_BOT_JSON_KEY }} | |
registry: gcr.io | |
username: _json_key | |
- name: Docker login docker.io | |
if: ${{ (github.event_name != 'pull_request' || ! github.event.pull_request.head.repo.fork) && (github.actor != 'dependabot[bot]') }} | |
uses: docker/login-action@v3 | |
with: | |
password: ${{ secrets.PAKETO_BUILDPACKS_DOCKERHUB_PASSWORD }} | |
registry: docker.io | |
username: ${{ secrets.PAKETO_BUILDPACKS_DOCKERHUB_USERNAME }} | |
- uses: actions/setup-go@v5 | |
with: | |
go-version: "1.23" | |
- name: Install update-package-dependency | |
run: | | |
#!/usr/bin/env bash | |
set -euo pipefail | |
go install -ldflags="-s -w" github.com/paketo-buildpacks/libpak/cmd/update-package-dependency@latest | |
- uses: buildpacks/github-actions/setup-tools@v5.7.2 | |
with: | |
crane-version: 0.19.1 | |
yj-version: 5.1.0 | |
- uses: actions/checkout@v4 | |
- name: Update Package Dependency | |
id: package | |
run: | | |
#!/usr/bin/env bash | |
set -euo pipefail | |
NEW_VERSION=$(crane ls "${DEPENDENCY}" | grep -v latest | sort -V | tail -n 1) | |
if [[ -e builder.toml ]]; then | |
OLD_VERSION=$(yj -tj < builder.toml | jq -r ".buildpacks[].uri | capture(\".*${DEPENDENCY}:(?<version>.+)\") | .version") | |
update-package-dependency \ | |
--builder-toml builder.toml \ | |
--id "${DEPENDENCY}" \ | |
--version "${NEW_VERSION}" | |
git add builder.toml | |
fi | |
if [[ -e package.toml ]]; then | |
OLD_VERSION=$(yj -tj < package.toml | jq -r ".dependencies[].uri | capture(\".*${DEPENDENCY}:(?<version>.+)\") | .version") | |
update-package-dependency \ | |
--buildpack-toml buildpack.toml \ | |
--id "${BP_DEPENDENCY:-$DEPENDENCY}" \ | |
--version "${NEW_VERSION}" | |
update-package-dependency \ | |
--package-toml package.toml \ | |
--id "${PKG_DEPENDENCY:-$DEPENDENCY}" \ | |
--version "${NEW_VERSION}" | |
git add buildpack.toml package.toml | |
fi | |
git checkout -- . | |
if [ "$(echo "$OLD_VERSION" | awk -F '.' '{print $1}')" != "$(echo "$NEW_VERSION" | awk -F '.' '{print $1}')" ]; then | |
LABEL="semver:major" | |
elif [ "$(echo "$OLD_VERSION" | awk -F '.' '{print $2}')" != "$(echo "$NEW_VERSION" | awk -F '.' '{print $2}')" ]; then | |
LABEL="semver:minor" | |
else | |
LABEL="semver:patch" | |
fi | |
echo "old-version=${OLD_VERSION}" >> "$GITHUB_OUTPUT" | |
echo "new-version=${NEW_VERSION}" >> "$GITHUB_OUTPUT" | |
echo "version-label=${LABEL}" >> "$GITHUB_OUTPUT" | |
env: | |
DEPENDENCY: gcr.io/paketo-buildpacks/encrypt-at-rest | |
- uses: peter-evans/create-pull-request@v6 | |
with: | |
author: ${{ secrets.JAVA_GITHUB_USERNAME }} <${{ secrets.JAVA_GITHUB_USERNAME }}@users.noreply.github.com> | |
body: Bumps [`gcr.io/paketo-buildpacks/encrypt-at-rest`](https://gcr.io/paketo-buildpacks/encrypt-at-rest) from [`${{ steps.package.outputs.old-version }}`](https://gcr.io/paketo-buildpacks/encrypt-at-rest:${{ steps.package.outputs.old-version }}) to [`${{ steps.package.outputs.new-version }}`](https://gcr.io/paketo-buildpacks/encrypt-at-rest:${{ steps.package.outputs.new-version }}). | |
branch: update/package/encrypt-at-rest | |
commit-message: |- | |
Bump gcr.io/paketo-buildpacks/encrypt-at-rest from ${{ steps.package.outputs.old-version }} to ${{ steps.package.outputs.new-version }} | |
Bumps gcr.io/paketo-buildpacks/encrypt-at-rest from ${{ steps.package.outputs.old-version }} to ${{ steps.package.outputs.new-version }}. | |
delete-branch: true | |
labels: ${{ steps.package.outputs.version-label }}, type:dependency-upgrade | |
signoff: true | |
title: Bump gcr.io/paketo-buildpacks/encrypt-at-rest from ${{ steps.package.outputs.old-version }} to ${{ steps.package.outputs.new-version }} | |
token: ${{ secrets.PAKETO_BOT_GITHUB_TOKEN }} |