grype/.github/workflows/update-generated-code.yml at main · anchore/grype · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
name: PR to update OS codename generated code
on:
  schedule:
    - cron: "0 1 * * 1" # every Monday at 1 AM UTC

  workflow_dispatch:

permissions:
  contents: read

env:
  SLACK_NOTIFICATIONS: true

jobs:
  run-code-gen:
    name: "Run code generation"
    runs-on: ubuntu-latest
    if: github.repository == 'anchore/grype' # only run for main repo
    steps:
      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd #v6.0.2
        with:
          persist-credentials: false

      - name: Bootstrap environment
        uses: ./.github/actions/bootstrap
        with:
          bootstrap-apt-packages: ""
          compute-fingerprints: "false"
          go-dependencies: true

      - name: "Generate codename data"
        run: |
          make generate-codename-data

      - uses: tibdex/github-app-token@3beb63f4bd073e61482598c45c71c1019b59b73a #v2.1.0
        id: generate-token
        with:
          app_id: ${{ secrets.TOKEN_APP_ID }}
          private_key: ${{ secrets.TOKEN_APP_PRIVATE_KEY }}

      - uses: peter-evans/create-pull-request@c0f553fe549906ede9cf27b5156039d195d2ece0 #v8.1.0
        with:
          signoff: true
          delete-branch: true
          branch: auto/latest-codename-data
          labels: dependencies
          commit-message: "chore(deps): update OS codename generated code"
          title: "chore(deps): update OS codename generated code"
          body: |
            Update OS codename data from endoflife.date
          token: ${{ steps.generate-token.outputs.token }}

      - name: Notify Slack on failure
        uses: slackapi/slack-github-action@91efab103c0de0a537f72a35f6b8cda0ee76bf0a #v2.1.1
        if: ${{ failure() && env.SLACK_NOTIFICATIONS == 'true' }}
        with:
          webhook: ${{ secrets.SLACK_TOOLBOX_WEBHOOK_URL }}
          webhook-type: incoming-webhook
          payload: |
            text: "Grype OS codename code generation failed"
            blocks:
              - type: section
                text:
                  type: mrkdwn
                  text: |
                    *Grype OS codename code generation failed*
                    • Workflow: `${{ github.workflow }}`
                    • Event: `${{ github.event_name }}`
                    • Job Status: `${{ job.status }}`
                    • <${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}|View Run>