dependabump #48
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: dependabump | |
| on: | |
| workflow_dispatch: | |
| schedule: | |
| - cron: '0 0 * * 1-5' # every week-day at midnight | |
| permissions: { } | |
| jobs: | |
| dependabump: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: write | |
| pull-requests: write | |
| actions: read | |
| security-events: read | |
| vulnerability-alerts: read | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v6 | |
| with: | |
| ref: main | |
| - name: Set up Go | |
| uses: ./.github/actions/setup-go | |
| with: | |
| go-version-file: "go.mod" | |
| - name: Bump Dependencies | |
| run: make dependabot | |
| continue-on-error: true | |
| - name: Notify Failure | |
| if: failure() | |
| uses: slackapi/slack-github-action@af78098f536edbc4de71162a307590698245be95 # v3.0.1 | |
| with: | |
| method: chat.postMessage | |
| token: ${{ secrets.DEPENDABUMP_SLACK_API_KEY }} | |
| payload: | | |
| channel: ${{ secrets.SLACK_TEAM_CORE_CHANNEL_ID}} | |
| text: "Failed to check for vulnerabilities in `chainlink-common`: <${{ format('https://github.com/{0}/actions/runs/{1}', github.repository, github.run_id) }}|Run>" | |
| - if: failure() | |
| run: exit 1 | |
| - name: Create Pull Request | |
| id: pr | |
| uses: peter-evans/create-pull-request@5f6978faf089d4d20b00c7766989d076bb2fc7f1 # v8.1.1 | |
| with: | |
| branch: bot/dependabump | |
| commit-message: "bump dependencies" | |
| title: "dependabump" | |
| body: "Upgrading vulnerable dependencies." | |
| sign-commits: true | |
| continue-on-error: true | |
| - name: Notify PR Failure | |
| if: failure() | |
| uses: slackapi/slack-github-action@af78098f536edbc4de71162a307590698245be95 # v3.0.1 | |
| with: | |
| method: chat.postMessage | |
| token: ${{ secrets.DEPENDABUMP_SLACK_API_KEY }} | |
| payload: | | |
| channel: ${{ secrets.SLACK_TEAM_CORE_CHANNEL_ID}} | |
| text: "Vulnerabilities detected in `chainlink-common`, but failed to create PR: <${{ format('https://github.com/{0}/actions/runs/{1}', github.repository, github.run_id) }}|Run>" | |
| - if: failure() | |
| run: exit 1 | |
| - name: Notify PR Created | |
| if: steps.pr.outputs.pull-request-operation == 'created' || steps.pr.outputs.pull-request-operation == 'updated' | |
| uses: slackapi/slack-github-action@af78098f536edbc4de71162a307590698245be95 # v3.0.1 | |
| with: | |
| method: chat.postMessage | |
| token: ${{ secrets.DEPENDABUMP_SLACK_API_KEY }} | |
| payload: | | |
| channel: ${{ secrets.SLACK_TEAM_CORE_CHANNEL_ID}} | |
| text: "Vulnerabilities detected in `chainlink-common` - upgrading dependencies: <${{ format('https://github.com/{0}/actions/runs/{1}', github.repository, github.run_id) }}|Run> - <${{steps.pr.outputs.pull-request-url}}|PR> :review-time:" |