forked from Webperf-se/webperf_core
-
Notifications
You must be signed in to change notification settings - Fork 0
79 lines (78 loc) · 3.12 KB
/
update-software.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
name: "Software - Update version and security info"
on:
workflow_dispatch:
schedule:
# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#onschedule
# * is a special character in YAML so you have to quote this string
- cron: '30 8 14,28 * *'
jobs:
build:
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [ubuntu-latest]
config: ["SOFTWARE_GITHUB_ADADVISORY_DATABASE_PATH=advisory_database"]
steps:
- name: Check out repository code
uses: actions/checkout@v4
- name: Setup python
uses: actions/setup-python@v5
with:
python-version: '3.x' # Version range or exact version of a Python version to use, using SemVer's version range syntax
architecture: 'x64' # optional x64 or x86. Defaults to x64 if not specified
- name: Setup dependencies using pip
run: pip install -r requirements.txt
- name: Setup Node.js (v4 version 20.x)
uses: actions/setup-node@v4
with:
node-version: '20.x'
- name: Setup SpeedIndex dependencies (ONLY used for Sitespeed) - Linux
run: |
sudo apt-get update -y
sudo apt-get install -y imagemagick libjpeg-dev xz-utils --no-install-recommends --force-yes
python -m pip install --upgrade pip
python -m pip install --upgrade setuptools
python -m pip install pyssim Pillow image
sudo apt install ffmpeg
- name: Setup Google Chrome browser (ONLY used for Sitespeed) - Linux
run: |
wget -q -O - https://dl-ssl.google.com/linux/linux_signing_key.pub | sudo apt-key add -
sudo sh -c 'echo "deb [arch=amd64] http://dl.google.com/linux/chrome/deb/ stable main" >> /etc/apt/sources.list.d/google.list'
sudo apt-get update
sudo apt-get --only-upgrade install google-chrome-stable
google-chrome --version
- name: Setup npm packages
run: npm install --production
- name: Update USER_AGENT in our defaults/settings.json
run: python update_software.py -b
- name: Checkout advisory-database repo
uses: actions/checkout@v4
with:
repository: github/advisory-database
ref: main
path:
advisory_database
sparse-checkout: |
advisories
- name: Verifing Software(s)
run: python update_software.py -d ${{ secrets.GITHUB_TOKEN }}
- name: Create pull request
uses: peter-evans/create-pull-request@v6
with:
commit-message: Update software and license definitions
branch: software-definition-updates
title: Scheduled Software Definition Update
body: |
This pull request is used to make it easier to keep the software definitions up to date.
Following files may be touched:
- software-sources.json
- software-full.json
- defaults/software-rules.json
- defaults/settings.json
assignees: 7h3Rabbit
reviewers: 7h3Rabbit
add-paths: |
software-sources.json
software-full.json
defaults/software-rules.json
defaults/settings.json