Bump x509-limbo and/or wycheproof #706
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Bump x509-limbo and/or wycheproof | |
| permissions: | |
| contents: read | |
| on: | |
| workflow_dispatch: | |
| schedule: | |
| # Run daily | |
| - cron: "0 10 * * *" | |
| jobs: | |
| bump: | |
| if: github.repository_owner == 'pyca' | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 | |
| with: | |
| # Needed so we can push back to the repo | |
| persist-credentials: true | |
| - id: bump-x509-limbo | |
| run: | | |
| python3 .github/bin/bump_dependency.py \ | |
| --name "x509-limbo" \ | |
| --repo-url "https://github.com/C2SP/x509-limbo" \ | |
| --branch "main" \ | |
| --file-path ".github/actions/fetch-vectors/action.yml" \ | |
| --current-version-pattern 'ref: "([a-f0-9]{40})" # x509-limbo-ref' \ | |
| --update-pattern 'ref: "{new_version}" # x509-limbo-ref' \ | |
| --comment-pattern 'Latest commit on the x509-limbo main branch.*?\.' | |
| - id: bump-wycheproof | |
| run: | | |
| python3 .github/bin/bump_dependency.py \ | |
| --name "wycheproof" \ | |
| --repo-url "https://github.com/C2SP/wycheproof" \ | |
| --branch "main" \ | |
| --file-path ".github/actions/fetch-vectors/action.yml" \ | |
| --current-version-pattern 'ref: "([a-f0-9]{40})" # wycheproof-ref' \ | |
| --update-pattern 'ref: "{new_version}" # wycheproof-ref' \ | |
| --comment-pattern 'Latest commit on the wycheproof main branch.*?\.' | |
| - name: Check for updates | |
| run: git status | |
| - uses: tibdex/github-app-token@3beb63f4bd073e61482598c45c71c1019b59b73a # v2.1.0 | |
| id: generate-token | |
| with: | |
| app_id: ${{ secrets.BORINGBOT_APP_ID }} | |
| private_key: ${{ secrets.BORINGBOT_PRIVATE_KEY }} | |
| if: steps.bump-x509-limbo.outputs.HAS_UPDATES == 'true' || steps.bump-wycheproof.outputs.HAS_UPDATES == 'true' | |
| - name: Create Pull Request | |
| uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e # v7.0.8 | |
| with: | |
| branch: "bump-vectors" | |
| commit-message: "Bump x509-limbo and/or wycheproof in CI" | |
| title: "Bump x509-limbo and/or wycheproof in CI" | |
| author: "pyca-boringbot[bot] <pyca-boringbot[bot][email protected]>" | |
| body: | | |
| ${{ steps.bump-x509-limbo.outputs.COMMIT_MSG }} | |
| ${{ steps.bump-wycheproof.outputs.COMMIT_MSG }} | |
| token: ${{ steps.generate-token.outputs.token }} | |
| if: steps.bump-x509-limbo.outputs.HAS_UPDATES == 'true' || steps.bump-wycheproof.outputs.HAS_UPDATES == 'true' |