.github/workflows/licenses-update.yml #14
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Licenses Update | ||
| on: | ||
| workflow_dispatch: | ||
| schedule: | ||
| - cron: '0 0 * * MON' | ||
| jobs: | ||
| update: | ||
| if: github.repository == 'sourcegraph/sourcegraph' | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - uses: actions/checkout@v3 | ||
| - uses: ruby/setup-ruby@d4526a55538b775af234ba4af27118ed6f8f6677 # SECURITY: pin third-party action hashes | ||
| with: | ||
| ruby-version: '3.1.3' # Not needed with a .ruby-version file - uses: actions/setup-ruby@v1 | ||
| - name: Install asdf plugins | ||
| uses: asdf-vm/actions/install@v1 | ||
| - name: Install npm dependencies | ||
| run: pnpm install --frozen-lockfile | ||
| - name: Install license_finder | ||
| run: gem install license_finder:7.1.0 # sync with licenses-check.yml | ||
| - name: Generate report | ||
| run: ./dev/licenses.sh | ||
| - name: Preview report diff | ||
| run: git --no-pager diff | ||
| - name: Create pull request | ||
| uses: peter-evans/create-pull-request@38e0b6e68b4c852a5500a94740f0e535e0d7ba54 # SECURITY: pin third-party action hashes https://github.com/peter-evans/create-pull-request | ||
| id: cpr | ||
| with: | ||
| labels: automerge | ||
| base: main | ||
| branch: chore/licenses-update | ||
| title: 'chore: update third-party licenses' | ||
| commit-message: 'chore: update third-party licenses' | ||
| team-reviewers: 'developer-infrastructure' | ||
| body: | | ||
| This is an automated pull request generated by [this run](https://github.com/sourcegraph/sourcegraph/actions/runs/${{ github.run_id }}). | ||
| Learn more about our GitHub Actions for managing licenses [here](https://docs-legacy.sourcegraph.com/dev/background-information/ci#third-party-licenses). | ||
| You're safe to merge this pull request when the required checks are passing. | ||
| Test plan: CI should pass with any updates. | ||
| # token must be a personal access token for pull request to trigger other actions | ||
| # token must have `repo` scope | ||
| # currently @sourcegraph-devx-bot create-pr-github-actions in 1password | ||
| # configure in https://github.com/sourcegraph/sourcegraph/settings/secrets/DEVX_TOKEN | ||
| token: ${{ secrets.DEVX_TOKEN }} | ||
| - name: Enable pull request automerge | ||
| if: steps.cpr.outputs.pull-request-operation == 'created' | ||
| uses: peter-evans/enable-pull-request-automerge@21d45e1c52f5d111d2019b5d33f953ed2e735c46 # SECURITY: pin third-party action hashes | ||
| with: | ||
| token: ${{ secrets.GH_REPO_TOKEN }} | ||
| pull-request-number: ${{ steps.cpr.outputs.pull-request-number }} | ||
| merge-method: squash | ||
| report_failure: | ||
| needs: update | ||
| if: ${{ failure() }} | ||
| uses: sourcegraph/sourcegraph/.github/workflows/report-job-failure.yml@main | ||
|
Check failure on line 64 in .github/workflows/licenses-update.yml
|
||
| secrets: inherit | ||
