-
Notifications
You must be signed in to change notification settings - Fork 0
121 lines (105 loc) · 5.08 KB
/
dependency-updates.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
# Copyright 2022 Adam Chalkley
#
# https://github.com/atc0005/shared-project-resources
#
# Licensed under the MIT License. See LICENSE file in the project root for
# full license information.
on:
workflow_call:
inputs:
default-repo:
required: false
type: string
default: origin
primary-branch:
required: false
type: string
default: master
development-branch:
required: false
type: string
default: development
fetch-depth:
required: false
type: number
default: 50
jobs:
# https://stackoverflow.com/questions/76151411/use-github-actions-to-check-if-branch-is-up-to-date-with-main
# https://stackoverflow.com/a/76151412/903870
# https://github.com/atc0005/shared-project-resources/issues/135
assert_pr_branch_is_ahead_of_primary_branch:
name: Assert PR branch is ahead
runs-on: ubuntu-latest
timeout-minutes: 5
steps:
- name: Assert source branches are set
run: |
abort="false"
if [[ "${{ format('{0}/{1}', inputs.default-repo, inputs.primary-branch) }}" == "/" ]] ; then \
echo "default repo and primary branch values not set!"; abort="true"; fi
if [[ "${{ format('{0}/{1}', inputs.default-repo, inputs.development-branch) }}" == "/" ]] ; then \
echo "default repo and development branch values not set!"; abort="true"; fi
if [[ "$abort" == "true" ]]; then exit 1; fi
echo "Primary branch: ${{ format('{0}/{1}', inputs.default-repo, inputs.primary-branch) }}"
echo "Development branch: ${{ format('{0}/{1}', inputs.default-repo, inputs.development-branch) }}"
- name: Check out code (subset)
if: ${{ github.event_name == 'pull_request' }}
uses: actions/checkout@v4.2.2
with:
fetch-depth: ${{ inputs.fetch-depth }}
# Mark the current working directory as a safe directory in git to
# resolve "dubious ownership" complaints.
#
# https://docs.github.com/en/actions/learn-github-actions/variables#default-environment-variables
# https://confluence.atlassian.com/bbkb/git-command-returns-fatal-error-about-the-repository-being-owned-by-someone-else-1167744132.html
# https://github.com/actions/runner-images/issues/6775
# https://github.com/actions/checkout/issues/766
- name: Mark the current working directory as a safe directory in git
# run: git config --global --add safe.directory "$GITHUB_WORKSPACE"
run: git config --global --add safe.directory "${PWD}"
- name: Fetch additional references
if: ${{ github.event_name == 'pull_request' }}
run: |
git fetch origin ${{ inputs.primary-branch }} --depth ${{ inputs.fetch-depth }}
# Allow fetch attempts for ${{ inputs.development-branch }} to fail
git fetch origin ${{ inputs.development-branch }} --depth ${{ inputs.fetch-depth }} || true
- name: Assert PR branch is ahead of acceptable source branches
if: ${{ github.event_name == 'pull_request' }}
run: |
if ! (git merge-base --is-ancestor ${{ format('{0}/{1}', inputs.default-repo, inputs.primary-branch) }} ${{ github.event.pull_request.head.sha }} || \
git merge-base --is-ancestor ${{ format('{0}/{1}', inputs.default-repo, inputs.development-branch) }} ${{ github.event.pull_request.head.sha }});
then echo "This branch is not up to date with ${{ inputs.primary-branch }} or ${{ inputs.development-branch }} branches!";
exit 1; fi
dependency_updates:
needs: assert_pr_branch_is_ahead_of_primary_branch
name: Look for available minor or patch releases
runs-on: ubuntu-latest
# Mark just this one job as failed, not the whole workflow.
continue-on-error: true
timeout-minutes: 10
container:
image: "ghcr.io/atc0005/go-ci:go-ci-stable-mirror-build"
steps:
- name: Check out code
uses: actions/checkout@v4.2.2
# Mark the current working directory as a safe directory in git to
# resolve "dubious ownership" complaints.
#
# https://docs.github.com/en/actions/learn-github-actions/variables#default-environment-variables
# https://confluence.atlassian.com/bbkb/git-command-returns-fatal-error-about-the-repository-being-owned-by-someone-else-1167744132.html
# https://github.com/actions/runner-images/issues/6775
# https://github.com/actions/checkout/issues/766
- name: Mark the current working directory as a safe directory in git
# run: git config --global --add safe.directory "$GITHUB_WORKSPACE"
run: git config --global --add safe.directory "${PWD}"
# Provided for contrast. Will likely remove this one at some point.
- name: go list
run: |
go list -mod=mod -u -f '{{if .Update}}{{.Path}}: {{.Version}} -> {{.Update.Version}} ({{.Update.Time}}){{end}}' -m all
# go list -mod=mod -u -m all
# go list -mod=mod -u -json -m all
- name: go get
run: |
go get -u ./...
go mod tidy
git diff --exit-code go.???