mirror of
https://github.com/sourcegraph/sourcegraph.git
synced 2026-02-06 16:31:47 +00:00
370ea21eb3
* Add update config for universal-ctags
* Add upstream monitoring for additional packages
* Add context to disabled release checking
* Fix s3proxy upstream
* Add new wolfictl action
* Try running wolfictl update --dry-run
* Add repo
* Add env
* Use checkout
* Remove checkout as it confuses wolfictl
* Trick wolfictl
* Fix env
* path
* Tweaks for wolfictl
* Remove checkout again
* Add base branch for testing
* Remove branch now that changes are on main
* Tweak labels
* Add some extra flags
* Fix flags?
* Fix quotes
* Build and use forked wolfictl
* Fix path for checkout
* Relative checkout path
* use path under workspace
* Move binary rather than directory
* Don't pass --dry-run on main
* Remove dry-run mode
* Use patched branch
* Add yam.yaml
* Tweak comments
* Remove syntect-server
* Revert s3proxy changes
* Bump epoch to appease CI
* Revert "Bump epoch to appease CI"
This reverts commit 4e3925ccb6.
* Remove yam.yaml (added on different branch)
* Add git author information
* Give repo write permissions
* Check for all packages
* Enable cron and add personal TODO
* Reformat wolfictl command
* Remove on: push
* Add review suggestions
* Tweak workflow dispatch?
* add push ack
* Remove debugging
* Remove on: push
67 lines
1.9 KiB
YAML
67 lines
1.9 KiB
YAML
name: 'wolfictl-update'
|
|
|
|
on:
|
|
schedule:
|
|
# everyday at 0:00 UTC
|
|
- cron: 0 0 * * *
|
|
workflow_dispatch:
|
|
|
|
permissions:
|
|
contents: write
|
|
pull-requests: write
|
|
issues: write
|
|
|
|
jobs:
|
|
wolfictl-update:
|
|
name: Wolfictl Update
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
# Install wolfictl
|
|
|
|
# NOTE: The main wolfictl binary has a bug which prevents us from using it
|
|
# Once https://github.com/wolfi-dev/wolfictl/pull/763 is merged, we can remove the following which
|
|
# builds wolfictl from a patched fork.
|
|
|
|
# Build and install a fork of wolfictl
|
|
- name: Check out code from external repository
|
|
uses: actions/checkout@v4
|
|
with:
|
|
repository: 'willdollman/wolfictl'
|
|
ref: 'will/fix-update-pkgpath'
|
|
token: ${{ secrets.GITHUB_TOKEN }}
|
|
path: 'wolfictl'
|
|
|
|
- name: Set up Go
|
|
uses: actions/setup-go@v5
|
|
with:
|
|
go-version: '1.22'
|
|
|
|
- name: Build binary
|
|
run: |
|
|
TMP=$(mktemp -d)
|
|
export GOBIN=$TMP
|
|
cd $GITHUB_WORKSPACE/wolfictl
|
|
go install ./...
|
|
echo "$TMP" >> $GITHUB_PATH
|
|
|
|
# TODO(will): Once the bugfix PR is accepted:
|
|
# * Replace above wolfictl build step with the following
|
|
# * Pin commit hash
|
|
# - uses: wolfi-dev/actions/install-wolfictl@main
|
|
|
|
# Run wolfictl update
|
|
# Ideally we would use actions/checkout to clone sourcegraph/sourcegraph, but this isn't properly supported by wolfictl
|
|
- name: wolfictl update
|
|
run: |
|
|
wolfictl update \
|
|
--create-issues='false' \
|
|
--path='wolfi-packages/' \
|
|
--github-labels='SSDLC' --github-labels='security-auto-update' --github-labels='security-auto-update/packages' \
|
|
$GITHUB_SERVER_URL/$GITHUB_REPOSITORY
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
GIT_AUTHOR_NAME: sourcegraph secbot
|
|
GIT_AUTHOR_EMAIL: security@sourcegraph.com
|
|
|