Skip to content

.github/workflows/licenses-update.yml #11

.github/workflows/licenses-update.yml

.github/workflows/licenses-update.yml #11

name: Licenses Update
on:
workflow_dispatch:
schedule:
- cron: '0 0 * * MON'
jobs:
update:
if: github.repository == 'sourcegraph/sourcegraph'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: ruby/setup-ruby@d4526a55538b775af234ba4af27118ed6f8f6677 # SECURITY: pin third-party action hashes
with:
ruby-version: '3.1.3' # Not needed with a .ruby-version file - uses: actions/setup-ruby@v1
- name: Install asdf plugins
uses: asdf-vm/actions/install@v1
- name: Install npm dependencies
run: pnpm install --frozen-lockfile
- name: Install license_finder
run: gem install license_finder:7.1.0 # sync with licenses-check.yml
- name: Generate report
run: ./dev/licenses.sh
- name: Preview report diff
run: git --no-pager diff
- name: Create pull request
uses: peter-evans/create-pull-request@38e0b6e68b4c852a5500a94740f0e535e0d7ba54 # SECURITY: pin third-party action hashes https://github.com/peter-evans/create-pull-request
id: cpr
with:
labels: automerge
base: main
branch: chore/licenses-update
title: 'chore: update third-party licenses'
commit-message: 'chore: update third-party licenses'
team-reviewers: 'team-dev-infra'
body: |
This is an automated pull request generated by [this run](https://github.com/sourcegraph/sourcegraph/actions/runs/${{ github.run_id }}).
Learn more about our GitHub Actions for managing licenses [here](https://docs-legacy.sourcegraph.com/dev/background-information/ci#third-party-licenses).
You're safe to merge this pull request when the required checks are passing.
Test plan: CI should pass with any updates.
# token must be a personal access token for pull request to trigger other actions
# token must have `repo` scope
# currently @sourcegraph-devx-bot create-pr-github-actions in 1password
# configure in https://github.com/sourcegraph/sourcegraph/settings/secrets/DEVX_TOKEN
token: ${{ secrets.DEVX_TOKEN }}
- name: Enable pull request automerge
if: steps.cpr.outputs.pull-request-operation == 'created'
uses: peter-evans/enable-pull-request-automerge@21d45e1c52f5d111d2019b5d33f953ed2e735c46 # SECURITY: pin third-party action hashes
with:
token: ${{ secrets.GH_REPO_TOKEN }}
pull-request-number: ${{ steps.cpr.outputs.pull-request-number }}
merge-method: squash
report_failure:
needs: update
if: ${{ failure() }}
uses: sourcegraph/sourcegraph/.github/workflows/report-job-failure.yml@main
secrets: inherit