Update Dependencies #1720
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Update Dependencies | |
| on: | |
| # Run every day. | |
| schedule: | |
| - cron: "0 3 * * *" | |
| # And on every PR merge so we get the updated dependencies ASAP, and to make sure the changelog doesn't conflict. | |
| push: | |
| branches: | |
| - master | |
| workflow_dispatch: | |
| permissions: | |
| contents: write # To modify files and create commits | |
| pull-requests: write # To create and update pull requests | |
| actions: write # To cancel previous workflow runs | |
| jobs: | |
| update-cli: | |
| name: Update CLI | |
| runs-on: ubuntu-latest | |
| outputs: | |
| originalTag: ${{ steps.updater.outputs.originalTag }} | |
| latestTag: ${{ steps.updater.outputs.latestTag }} | |
| prBranch: ${{ steps.updater.outputs.prBranch }} | |
| steps: | |
| - name: Generate GitHub App Token | |
| id: app_token | |
| uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v3.2.0 | |
| with: | |
| app-id: ${{ vars.SENTRY_FASTLANE_PLUGIN_UPDATER_GITHUB_APP_ID }} | |
| private-key: ${{ secrets.SENTRY_FASTLANE_PLUGIN_UPDATER_GITHUB_APP_PRIVATE_KEY }} | |
| owner: ${{ github.repository_owner }} | |
| - id: updater | |
| uses: getsentry/github-workflows/updater@607fed74f812e69201531a5185b6c3c57caa4e89 # v3.4.0 | |
| with: | |
| path: script/sentry-cli.properties | |
| name: CLI | |
| api-token: ${{ steps.app_token.outputs.token }} | |
| update-binaries: | |
| name: Update Binaries | |
| runs-on: ubuntu-latest | |
| needs: update-cli | |
| if: needs.update-cli.outputs.originalTag != needs.update-cli.outputs.latestTag | |
| steps: | |
| - name: Generate GitHub App Token | |
| id: app_token | |
| uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v3.2.0 | |
| with: | |
| app-id: ${{ vars.SENTRY_FASTLANE_PLUGIN_UPDATER_GITHUB_APP_ID }} | |
| private-key: ${{ secrets.SENTRY_FASTLANE_PLUGIN_UPDATER_GITHUB_APP_PRIVATE_KEY }} | |
| owner: ${{ github.repository_owner }} | |
| - name: Checkout PR branch | |
| uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 | |
| with: | |
| ref: ${{ needs.update-cli.outputs.prBranch }} | |
| token: ${{ steps.app_token.outputs.token }} | |
| - name: Download latest binaries. | |
| run: script/sentry-cli-download.sh | |
| - name: Resolve bot user ID for noreply email | |
| id: bot_user | |
| env: | |
| GH_TOKEN: ${{ steps.app_token.outputs.token }} | |
| run: | | |
| BOT_ID=$(gh api "users/${{ steps.app_token.outputs.app-slug }}%5Bbot%5D" --jq .id) | |
| echo "id=${BOT_ID}" >> "${GITHUB_OUTPUT}" | |
| - name: Commit latest binaries. | |
| uses: stefanzweifel/git-auto-commit-action@04702edda442b2e678b25b537cec683a1493fcb9 # v7.1.0 | |
| with: | |
| branch: ${{ needs.update-cli.outputs.prBranch }} | |
| commit_message: bump bundled binaries | |
| commit_author: "${{ steps.app_token.outputs.app-slug }}[bot] <${{ steps.bot_user.outputs.id }}+${{ steps.app_token.outputs.app-slug }}[bot]@users.noreply.github.com>" | |
| commit_user_name: "${{ steps.app_token.outputs.app-slug }}[bot]" | |
| commit_user_email: "${{ steps.bot_user.outputs.id }}+${{ steps.app_token.outputs.app-slug }}[bot]@users.noreply.github.com" |