Skip to content

Update go-containerregistry #48

Update go-containerregistry

Update go-containerregistry #48

---
# Copyright The Conforma Contributors
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# SPDX-License-Identifier: Apache-2.0
name: Update go-containerregistry
"on":
workflow_dispatch:
schedule:
# Mondays at 9:30 AM
- cron: "30 9 * * 1"
permissions:
contents: read
jobs:
update:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- uses: actions/cache/restore@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3
with:
key: main
path: '**'
- uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0
with:
go-version-file: go.mod
cache: false
- name: update
run: |
go mod edit -replace github.com/google/go-containerregistry=github.com/conforma/go-containerregistry@main
go mod tidy
env:
# Hack to ensure this repo is always updated, see:
# https://github.com/golang/go/issues/45413
GOPRIVATE: github.com/conforma/go-containerregistry
- uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
id: generate-token
with:
app-id: ${{ vars.EC_AUTOMATION_APP_ID }}
private-key: ${{ secrets.EC_AUTOMATION_KEY }}
- name: pull-request
uses: peter-evans/create-pull-request@c0f553fe549906ede9cf27b5156039d195d2ece0 # v8.1.0
with:
add-paths: |
go.mod
go.sum
branch: ci/update-go-containerregistry
commit-message: Bump conforma/go-containerregistry
sign-commits: true
signoff: true
title: Bump conforma/go-containerregistry
# We could use secrets.GITHUB_TOKEN here. That token is generated on-demand for any
# workflow by GitHub. However, actions performed when using that token do not trigger
# other events. So if we create a pull_request, it won't trigger all the CI checks. More:
# https://docs.github.com/en/actions/writing-workflows/choosing-when-your-workflow-runs/triggering-a-workflow#triggering-a-workflow-from-a-workflow
token: ${{ steps.generate-token.outputs.token }}