mirror of
https://github.com/gradle/actions.git
synced 2026-04-19 18:12:58 +08:00
dependabot[bot]
93b41b6790
Bumps the github-actions group with 5 updates in the / directory: | Package | From | To | | --- | --- | --- | | [gradle/actions](https://github.com/gradle/actions) | `6.0.1` | `6.1.0` | | [github/codeql-action](https://github.com/github/codeql-action) | `4.35.1` | `4.35.2` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `7.0.0` | `7.0.1` | | [actions/github-script](https://github.com/actions/github-script) | `8.0.0` | `9.0.0` | | [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) | `8.1.0` | `8.1.1` | Bumps the github-actions group with 1 update in the /.github/actions/build-dist directory: [actions/upload-artifact](https://github.com/actions/upload-artifact). Updates `gradle/actions` from 6.0.1 to 6.1.0 - [Release notes](https://github.com/gradle/actions/releases) - [Commits](https://github.com/gradle/actions/compare/39e147cb9de83bb9910b8ef8bd7fff0ee20fcd6f...50e97c2cd7a37755bbfafc9c5b7cafaece252f6e) Updates `github/codeql-action` from 4.35.1 to 4.35.2 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/c10b8064de6f491fea524254123dbe5e09572f13...95e58e9a2cdfd71adc6e0353d5c52f41a045d225) Updates `actions/upload-artifact` from 7.0.0 to 7.0.1 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/bbbca2ddaa5d8feaa63e36b76fdaad77386f024f...043fb46d1a93c77aae656e7c1c64a875d1fc6a0a) Updates `actions/github-script` from 8.0.0 to 9.0.0 - [Release notes](https://github.com/actions/github-script/releases) - [Commits](https://github.com/actions/github-script/compare/ed597411d8f924073f98dfc5c65a23a2325f34cd...3a2844b7e9c422d3c10d287c895573f7108da1b3) Updates `peter-evans/create-pull-request` from 8.1.0 to 8.1.1 - [Release notes](https://github.com/peter-evans/create-pull-request/releases) - [Commits](https://github.com/peter-evans/create-pull-request/compare/c0f553fe549906ede9cf27b5156039d195d2ece0...5f6978faf089d4d20b00c7766989d076bb2fc7f1) Updates `actions/upload-artifact` from 7.0.0 to 7.0.1 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/bbbca2ddaa5d8feaa63e36b76fdaad77386f024f...043fb46d1a93c77aae656e7c1c64a875d1fc6a0a) --- updated-dependencies: - dependency-name: gradle/actions dependency-version: 6.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: github/codeql-action dependency-version: 4.35.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-version: 7.0.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: actions/github-script dependency-version: 9.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: peter-evans/create-pull-request dependency-version: 8.1.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-version: 7.0.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com>
69 lines
2.7 KiB
YAML
69 lines
2.7 KiB
YAML
name: 'Update Wrapper checksums file'
|
|
|
|
on:
|
|
# Run weekly (at arbitrary time)
|
|
schedule:
|
|
- cron: '24 5 * * 6'
|
|
workflow_dispatch:
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
jobs:
|
|
update-checksums:
|
|
permissions:
|
|
contents: write
|
|
pull-requests: write
|
|
name: Update checksums
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
|
|
|
|
- name: Set up Node.js
|
|
uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
|
|
with:
|
|
node-version: 20
|
|
cache: npm
|
|
cache-dependency-path: sources/package-lock.json
|
|
|
|
- name: Install dependencies
|
|
run: |
|
|
npm clean-install typed-rest-client@1.8.11 --no-save
|
|
working-directory: sources
|
|
|
|
- name: Update checksums file
|
|
run: node ../.github/workflows/update-checksums-file.js
|
|
working-directory: sources
|
|
|
|
- name: Import GPG key to sign commits
|
|
uses: crazy-max/ghaction-import-gpg@2dc316deee8e90f13e1a351ab510b4d5bc0c82cd # v7.0.0
|
|
with:
|
|
gpg_private_key: ${{ secrets.GH_BOT_PGP_PRIVATE_KEY }}
|
|
passphrase: ${{ secrets.GH_BOT_PGP_PASSPHRASE }}
|
|
git_user_signingkey: true
|
|
git_commit_gpgsign: true
|
|
git_config_global: true
|
|
|
|
# If there are no changes, this action will not create a pull request
|
|
- name: Create or update pull request
|
|
uses: peter-evans/create-pull-request@5f6978faf089d4d20b00c7766989d076bb2fc7f1 # v8.1.1
|
|
with:
|
|
branch: bot/wrapper-checksums-update
|
|
author: bot-githubaction <bot-githubaction@gradle.com>
|
|
committer: bot-githubaction <bot-githubaction@gradle.com>
|
|
commit-message: Update known wrapper checksums
|
|
title: Update known wrapper checksums
|
|
# Note: Unfortunately this action cannot trigger the regular workflows for the PR automatically, see
|
|
# https://github.com/peter-evans/create-pull-request/blob/main/docs/concepts-guidelines.md#triggering-further-workflow-runs
|
|
# Therefore suggest below to close and then reopen the PR
|
|
body: |
|
|
Automatically generated pull request to update the known wrapper checksums.
|
|
|
|
In case of conflicts, manually run the workflow from the [Actions tab](https://github.com/gradle/actions/actions/workflows/update-checksums-file.yml), the changes will then be force-pushed onto this pull request branch.
|
|
Do not manually update the pull request branch; those changes might get overwritten.
|
|
|
|
> [!IMPORTANT]
|
|
> GitHub workflows have not been executed for this pull request yet. Before merging, close and then directly reopen this pull request to trigger the workflows.
|