mirror of
https://github.com/gradle/actions.git
synced 2025-08-19 15:31:28 +08:00
8d298156cc
Bumps the github-actions group with 4 updates in the / directory: [actions/checkout](https://github.com/actions/checkout), [gradle/actions](https://github.com/gradle/actions), [github/codeql-action](https://github.com/github/codeql-action) and [actions/download-artifact](https://github.com/actions/download-artifact). Bumps the github-actions group with 1 update in the /.github/actions/init-integ-test directory: [actions/download-artifact](https://github.com/actions/download-artifact). Updates `actions/checkout` from 4.2.2 to 5.0.0 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](11bd71901b...08c6903cd8) Updates `gradle/actions` from 4.4.1 to 4.4.2 - [Release notes](https://github.com/gradle/actions/releases) - [Commits](ac638b010c...017a9effdb) Updates `github/codeql-action` from 3.29.7 to 3.29.8 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](51f77329af...76621b61de) Updates `actions/download-artifact` from 4.3.0 to 5.0.0 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](d3f86a106a...634f93cb29) Updates `actions/download-artifact` from 4.3.0 to 5.0.0 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](d3f86a106a...634f93cb29) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 5.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: gradle/actions dependency-version: 4.4.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: github/codeql-action dependency-version: 3.29.8 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: actions/download-artifact dependency-version: 5.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/download-artifact dependency-version: 5.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com>
69 lines
2.7 KiB
YAML
69 lines
2.7 KiB
YAML
name: 'Update Wrapper checksums file'
|
|
|
|
on:
|
|
# Run weekly (at arbitrary time)
|
|
schedule:
|
|
- cron: '24 5 * * 6'
|
|
workflow_dispatch:
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
jobs:
|
|
update-checksums:
|
|
permissions:
|
|
contents: write
|
|
pull-requests: write
|
|
name: Update checksums
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
|
|
|
|
- name: Set up Node.js
|
|
uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
|
|
with:
|
|
node-version: 20
|
|
cache: npm
|
|
cache-dependency-path: sources/package-lock.json
|
|
|
|
- name: Install dependencies
|
|
run: |
|
|
npm clean-install typed-rest-client@1.8.11 --no-save
|
|
working-directory: sources
|
|
|
|
- name: Update checksums file
|
|
run: node ../.github/workflows/update-checksums-file.js
|
|
working-directory: sources
|
|
|
|
- name: Import GPG key to sign commits
|
|
uses: crazy-max/ghaction-import-gpg@e89d40939c28e39f97cf32126055eeae86ba74ec # v6.3.0
|
|
with:
|
|
gpg_private_key: ${{ secrets.GH_BOT_PGP_PRIVATE_KEY }}
|
|
passphrase: ${{ secrets.GH_BOT_PGP_PASSPHRASE }}
|
|
git_user_signingkey: true
|
|
git_commit_gpgsign: true
|
|
git_config_global: true
|
|
|
|
# If there are no changes, this action will not create a pull request
|
|
- name: Create or update pull request
|
|
uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e # v7.0.8
|
|
with:
|
|
branch: bot/wrapper-checksums-update
|
|
author: bot-githubaction <bot-githubaction@gradle.com>
|
|
committer: bot-githubaction <bot-githubaction@gradle.com>
|
|
commit-message: Update known wrapper checksums
|
|
title: Update known wrapper checksums
|
|
# Note: Unfortunately this action cannot trigger the regular workflows for the PR automatically, see
|
|
# https://github.com/peter-evans/create-pull-request/blob/main/docs/concepts-guidelines.md#triggering-further-workflow-runs
|
|
# Therefore suggest below to close and then reopen the PR
|
|
body: |
|
|
Automatically generated pull request to update the known wrapper checksums.
|
|
|
|
In case of conflicts, manually run the workflow from the [Actions tab](https://github.com/gradle/actions/actions/workflows/update-checksums-file.yml), the changes will then be force-pushed onto this pull request branch.
|
|
Do not manually update the pull request branch; those changes might get overwritten.
|
|
|
|
> [!IMPORTANT]
|
|
> GitHub workflows have not been executed for this pull request yet. Before merging, close and then directly reopen this pull request to trigger the workflows.
|