Skip to content

Update go-containerregistry #58

Update go-containerregistry

Update go-containerregistry #58

---
# Copyright The Conforma Contributors
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# SPDX-License-Identifier: Apache-2.0
name: Update go-containerregistry
"on":
workflow_dispatch:
schedule:
# Mondays at 9:30 AM
- cron: "30 9 * * 1"
permissions:
contents: read
jobs:
update:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- uses: actions/cache/restore@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
with:
key: main
path: '**'
- uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0
with:
go-version-file: go.mod
cache: false
- name: update
run: |
go mod edit -replace github.com/google/go-containerregistry=github.com/conforma/go-containerregistry@main
go mod tidy
env:
# Hack to ensure this repo is always updated, see:
# https://github.com/golang/go/issues/45413
GOPRIVATE: github.com/conforma/go-containerregistry
- uses: actions/create-github-app-token@fee1f7d63c2ff003460e3d139729b119787bc349 # v2.2.2
id: generate-token
with:
app-id: ${{ vars.EC_AUTOMATION_APP_ID }}
private-key: ${{ secrets.EC_AUTOMATION_KEY }}
- name: pull-request
uses: peter-evans/create-pull-request@c0f553fe549906ede9cf27b5156039d195d2ece0 # v8.1.0
with:
add-paths: |
go.mod
go.sum
branch: ci/update-go-containerregistry
commit-message: Bump conforma/go-containerregistry
sign-commits: true
signoff: true
title: Bump conforma/go-containerregistry
# We could use secrets.GITHUB_TOKEN here. That token is generated on-demand for any
# workflow by GitHub. However, actions performed when using that token do not trigger
# other events. So if we create a pull_request, it won't trigger all the CI checks. More:
# https://docs.github.com/en/actions/writing-workflows/choosing-when-your-workflow-runs/triggering-a-workflow#triggering-a-workflow-from-a-workflow
token: ${{ steps.generate-token.outputs.token }}