Skip to content

PR for latest Anchore tools #657

PR for latest Anchore tools

PR for latest Anchore tools #657

name: PR for latest Anchore tools
on:
schedule:
# 7:04 UTC Mon-Fri; (2:04 am EST)
- cron: '4 7 * * 1-5'
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
jobs:
upgrade-syft:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Trigger Makefile action
run: make upgrade-syft
# https://github.com/marketplace/actions/create-pull-request
- name: Create Pull Request
uses: peter-evans/create-pull-request@v3
with:
signoff: true
delete-branch: true
branch: auto/latest-syft
labels: dependencies
commit-message: 'Upgrade to Syft ${{ env.syft_v }}'
title: 'Upgrade to Syft ${{ env.syft_v }}'
body: |
This is an auto-generated pull request to upgrade to [Syft ${{ env.syft_v }}](https://github.com/anchore/syft/releases/tag/${{ env.syft_v }}).
**Do not commit to this branch.**
- The GitHub Action will force-push over your commits the next time it runs.
- If the Syft upgrade is safe as-is (manual and automated tests pass), go ahead and approve + merge.
- If production or test code must be updated, do so in a separate branch.
- Run `make upgrade-syft` to apply the same change the GitHub Action is performing.
upgrade-grype:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Trigger Makefile action
run: make upgrade-grype
# https://github.com/marketplace/actions/create-pull-request
- name: Create Pull Request
uses: peter-evans/create-pull-request@v3
with:
signoff: true
delete-branch: true
branch: auto/latest-grype
labels: dependencies
commit-message: 'Upgrade to Grype ${{ env.grype_v }}'
title: 'Upgrade to Grype ${{ env.grype_v }}'
body: |
This is an auto-generated pull request to upgrade to [Grype ${{ env.grype_v }}](https://github.com/anchore/grype/releases/tag/${{ env.grype_v }}).
**Do not commit to this branch.**
- The GitHub Action will force-push over your commits the next time it runs.
- If the Grype upgrade is safe as-is (manual and automated tests pass), go ahead and approve + merge.
- If production or test code must be updated, do so in a separate branch.
- Run `make upgrade-grype` to apply the same change the GitHub Action is performing.