Update docker dependencies #2391
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# NOTE: This name appears in GitHub's Checks API and in workflow's status badge. | |
name: ci-renovate | |
# Trigger the workflow when: | |
on: | |
# When a pull request event occurs for a pull request against one of the | |
# matched branches. | |
pull_request: | |
branches: [master] | |
jobs: | |
add-changelog: | |
# NOTE: This name appears in GitHub's Checks API. | |
name: add-changelog | |
# Trigger job only for dependency update bot. | |
if: github.actor == 'renovate[bot]' | |
runs-on: ubuntu-latest | |
# Permissions needed to update PR. | |
permissions: | |
# Enable creating, updating files. | |
contents: write | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
with: | |
# Needed for correct git commit --amend. | |
fetch-depth: 0 | |
# Checkout pull request HEAD commit instead of merge commit. | |
ref: ${{ github.event.pull_request.head.sha }} | |
# Needed to enable checks re-run. | |
token: ${{ secrets.PAT || secrets.GITHUB_TOKEN }} | |
- name: Create and commit Change Log fragment if it does not exist | |
env: | |
# There's no support for escaping this for use in a shell command. | |
# GitHub's recommendation is to pass it through the environment. | |
# https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-an-intermediate-environment-variable | |
FILE_NAME: .changelog/${{ github.event.pull_request.number }}.internal.md | |
HEAD_REF: ${{ github.head_ref }} | |
run: | | |
if [[ ! -f "$FILE_NAME" ]]; then | |
echo "Update dependencies" > "$FILE_NAME" | |
# Set git user email and name to match author of the last commit. | |
git config --local user.email "$(git log --pretty='%ae' -1)" | |
git config --local user.name "$(git log --pretty=format:'%an' -1)" | |
git add "$FILE_NAME" | |
git commit --amend --no-edit | |
git push --force-with-lease origin "HEAD:refs/heads/$HEAD_REF" | |
echo "FILE_EXISTS=false" >> "$GITHUB_OUTPUT" | |
fi |