mirror of
https://hub.gitmirror.com/https://github.com/gradle/actions.git
synced 2025-11-04 03:50:02 +08:00
142c9b6599
Bumps the github-actions group with 2 updates in the / directory: [actions/setup-node](https://github.com/actions/setup-node) and [github/codeql-action](https://github.com/github/codeql-action). Bumps the github-actions group with 1 update in the /.github/actions/build-dist directory: [actions/setup-node](https://github.com/actions/setup-node). Updates `actions/setup-node` from 5.0.0 to 6.0.0 - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](a0853c2454...2028fbc5c2) Updates `github/codeql-action` from 4.30.8 to 4.30.9 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](f443b600d9...16140ae1a1) Updates `actions/setup-node` from 5.0.0 to 6.0.0 - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](a0853c2454...2028fbc5c2) --- updated-dependencies: - dependency-name: actions/setup-node dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: github/codeql-action dependency-version: 4.30.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: actions/setup-node dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com>
69 lines
2.7 KiB
YAML
69 lines
2.7 KiB
YAML
name: 'Update Wrapper checksums file'
|
|
|
|
on:
|
|
# Run weekly (at arbitrary time)
|
|
schedule:
|
|
- cron: '24 5 * * 6'
|
|
workflow_dispatch:
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
jobs:
|
|
update-checksums:
|
|
permissions:
|
|
contents: write
|
|
pull-requests: write
|
|
name: Update checksums
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
|
|
|
|
- name: Set up Node.js
|
|
uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0
|
|
with:
|
|
node-version: 20
|
|
cache: npm
|
|
cache-dependency-path: sources/package-lock.json
|
|
|
|
- name: Install dependencies
|
|
run: |
|
|
npm clean-install typed-rest-client@1.8.11 --no-save
|
|
working-directory: sources
|
|
|
|
- name: Update checksums file
|
|
run: node ../.github/workflows/update-checksums-file.js
|
|
working-directory: sources
|
|
|
|
- name: Import GPG key to sign commits
|
|
uses: crazy-max/ghaction-import-gpg@e89d40939c28e39f97cf32126055eeae86ba74ec # v6.3.0
|
|
with:
|
|
gpg_private_key: ${{ secrets.GH_BOT_PGP_PRIVATE_KEY }}
|
|
passphrase: ${{ secrets.GH_BOT_PGP_PASSPHRASE }}
|
|
git_user_signingkey: true
|
|
git_commit_gpgsign: true
|
|
git_config_global: true
|
|
|
|
# If there are no changes, this action will not create a pull request
|
|
- name: Create or update pull request
|
|
uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e # v7.0.8
|
|
with:
|
|
branch: bot/wrapper-checksums-update
|
|
author: bot-githubaction <bot-githubaction@gradle.com>
|
|
committer: bot-githubaction <bot-githubaction@gradle.com>
|
|
commit-message: Update known wrapper checksums
|
|
title: Update known wrapper checksums
|
|
# Note: Unfortunately this action cannot trigger the regular workflows for the PR automatically, see
|
|
# https://github.com/peter-evans/create-pull-request/blob/main/docs/concepts-guidelines.md#triggering-further-workflow-runs
|
|
# Therefore suggest below to close and then reopen the PR
|
|
body: |
|
|
Automatically generated pull request to update the known wrapper checksums.
|
|
|
|
In case of conflicts, manually run the workflow from the [Actions tab](https://github.com/gradle/actions/actions/workflows/update-checksums-file.yml), the changes will then be force-pushed onto this pull request branch.
|
|
Do not manually update the pull request branch; those changes might get overwritten.
|
|
|
|
> [!IMPORTANT]
|
|
> GitHub workflows have not been executed for this pull request yet. Before merging, close and then directly reopen this pull request to trigger the workflows.
|