github.com/anchore/syft@v1.38.2/.github/workflows/update-anchore-dependencies.yml (about) 1 name: PR to update Anchore dependencies 2 on: 3 workflow_dispatch: 4 inputs: 5 repos: 6 description: "List of dependencies to update" 7 required: true 8 type: string 9 10 permissions: 11 contents: read 12 13 jobs: 14 update: 15 runs-on: ubuntu-latest 16 if: github.repository_owner == 'anchore' # only run for main repo (not forks) 17 steps: 18 - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 #v6.0.1 19 with: 20 persist-credentials: false 21 22 - name: Bootstrap environment 23 uses: ./.github/actions/bootstrap 24 with: 25 tools: false 26 bootstrap-apt-packages: "" 27 28 - name: Update dependencies 29 id: update 30 uses: anchore/workflows/.github/actions/update-go-dependencies@main 31 with: 32 repos: ${{ github.event.inputs.repos }} 33 34 - uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf #v2.2.1 35 id: generate-token 36 with: 37 app-id: ${{ secrets.TOKEN_APP_ID }} 38 private-key: ${{ secrets.TOKEN_APP_PRIVATE_KEY }} 39 40 - uses: peter-evans/create-pull-request@22a9089034f40e5a961c8808d113e2c98fb63676 #v7.0.11 41 with: 42 signoff: true 43 delete-branch: true 44 draft: ${{ steps.update.outputs.draft }} 45 # do not change this branch, as other workflows depend on it 46 branch: auto/integration 47 labels: dependencies,pre-release 48 commit-message: "chore(deps): update anchore dependencies" 49 title: "chore(deps): update anchore dependencies" 50 body: ${{ steps.update.outputs.summary }} 51 token: ${{ steps.generate-token.outputs.token }}