Skip to content

GH Actions Cron Schedule #16

GH Actions Cron Schedule

GH Actions Cron Schedule #16

Workflow file for this run

name: GH Actions Cron Schedule
on:
workflow_dispatch:
schedule:
# Every M-F at 12:00am run this job
- cron: "0 0 * * 1-5"
env:
CURRENT_REDHAT_IMAGE: registry.access.redhat.com/ubi9/go-toolset@sha256:52ab391730a63945f61d93e8c913db4cc7a96f200de909cd525e2632055d9fa6
jobs:
release-next:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Configure upstream
run: |
git remote add upstream https://github.com/sigstore/rekor
git config --global user.email "[email protected]"
git config --global user.name "GitHub Actions Bot"
- name: Check for existing pull request
run: |
openPRs="$(gh pr list --state open -H release-next-ci --json number | jq -r '.[].number' | wc -l)"
echo 'NUM_OPEN_PRS='$openPRs >> $GITHUB_ENV
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Run update script
run: |
./redhat/release/update-to-head.sh
if: ${{ env.NUM_OPEN_PRS == 0 }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
check-upstream-shas:
runs-on: ubuntu-latest
steps:
- name: Check out the upstream rekor repository
uses: actions/checkout@v2
with:
repository: sigstore/rekor
path: upstream-rekor
ref: main
- name: Get upstream shas
run: |
cd upstream-rekor
upstreamSHA=$(grep -o -m 1 'golang:[^@]\+@sha256:[a-f0-9]\{64\}' Dockerfile)
echo 'UPSTREAM_SHA='$upstreamSHA >> $GITHUB_ENV
- name: Pull down the midstream rekor repository
uses: actions/checkout@v2
with:
path: midstream-rekor
ref: main
- name: Get midstream shas
run: |
cd midstream-rekor
midstreamSHA=$(grep -o -m 1 'golang:[^@]\+@sha256:[a-f0-9]\{64\}' redhat/patches/0001-dockerfile.patch)
echo 'MIDSTREAM_SHA='$midstreamSHA >> $GITHUB_ENV
- name: Generate new patch file
if: ${{ env.UPSTREAM_SHA != env.MIDSTREAM_SHA }}
run: |
cd upstream-rekor
sed -i 's|${{ env.UPSTREAM_SHA }}|${{ env.CURRENT_REDHAT_IMAGE }}|g' Dockerfile
git diff > 0001-dockerfile.patch
cd ../midstream-rekor
git fetch origin
git checkout -B update-dockerfile.patch-file origin/main
cp -f ../upstream-rekor/0001-dockerfile.patch redhat/patches/
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Check for existing pull request
if: ${{ env.UPSTREAM_SHA != env.MIDSTREAM_SHA }}
run: |
cd midstream-rekor
openPRs="$(gh pr list --state open -H update-dockerfile.patch-file --json number | jq -r '.[].number' | wc -l)"
echo 'NUM_OPEN_PRS='$openPRs >> $GITHUB_ENV
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Configure git
run: |
git config --global user.email "${GITHUB_ACTOR}@users.noreply.github.com"
git config --global user.name "${GITHUB_ACTOR}"
- name: Create pull request
if: ${{ env.NUM_OPEN_PRS == 0 && env.UPSTREAM_SHA != env.MIDSTREAM_SHA }}
run: |
cd midstream-rekor
git add .
git commit -m "Update image in docker file"
git push -f origin update-dockerfile.patch-file
gh pr create --base main --head update-dockerfile.patch-file --title "Update patch file" --body "This is an automated pr to update the docker patch file"
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}