Skip to content
Build, test and publish extensions

chore(deps): update all github action #599

Sign in to view logs

chore(deps): update all github action

chore(deps): update all github action #599

Workflow file for this run

.github/workflows/bake.yml at 5c0b3c0
name: Build, test and publish extensions
on:
push:
workflow_dispatch:
inputs:
extension_name:
description: "The PostgreSQL extension to build (directory name)"
required: true
type: string
defaults:
run:
shell: 'bash -Eeuo pipefail -x {0}'
permissions: {}
jobs:
# Gather extensions that have been modified
change-triage:
name: Check changed files
runs-on: ubuntu-24.04
outputs:
matrix: ${{ steps.get-matrix.outputs.matrix}}
steps:
- name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
with:
persist-credentials: false
- name: Fetch valid targets
id: get-targets
uses: dagger/dagger-for-github@27b130bf0f79a7f6fbbbe0fbca6760dc9bb40a77 # v8.4.1
env:
# renovate: datasource=github-tags depName=dagger/dagger versioning=semver
DAGGER_VERSION: 0.20.8
with:
version: ${{ env.DAGGER_VERSION }}
verb: call
module: ./dagger/maintenance/
args: get-targets
- name: Validate extension name
if: github.event_name == 'workflow_dispatch'
env:
INPUT_EXTENSION_NAME: ${{ github.event.inputs.extension_name }}
VALID_TARGETS: ${{ steps.get-targets.outputs.output }}
run: |
if ! echo "$VALID_TARGETS" | jq -e --arg ext "$INPUT_EXTENSION_NAME" 'index($ext)' > /dev/null; then
echo "::error::'$INPUT_EXTENSION_NAME' is not a valid extension target. Valid targets: $VALID_TARGETS"
exit 1
fi
- name: Compute paths-filter extensions block
env:
VALID_TARGETS: ${{ steps.get-targets.outputs.output }}
run: |
if ! echo "$VALID_TARGETS" | jq -e 'length > 0' > /dev/null; then
echo "::error::dagger get-targets returned no extensions: $VALID_TARGETS"
exit 1
fi
{
echo 'EXTENSIONS<<YAML_EOF'
echo "$VALID_TARGETS" | jq -r '.[] | "\(.):\n - \"\(.)/**\"\n - *shared"'
echo 'YAML_EOF'
} >> "$GITHUB_ENV"
- name: Check for changes
uses: dorny/paths-filter@fbd0ab8f3e69293af611ebaee6363fc25e6d187d # v4.0.1
id: filter
with:
filters: |
_shared: &shared
- 'docker-bake.hcl'
- 'Taskfile.yml'
- 'test/**'
- 'dagger/maintenance/**'
- '.github/workflows/bake_targets.yml'
${{ env.EXTENSIONS }}
# Compute a matrix containing the list of all extensions that have been modified
- name: Compute matrix
id: get-matrix
env:
# JSON array containing the extensions that have been changed
CHANGES: ${{ steps.filter.outputs.changes }}
# Input Extension name
INPUT_EXTENSION_NAME: ${{ github.event.inputs.extension_name }}
EVENT_NAME: ${{ github.event_name }}
run: |
if [[ "${EVENT_NAME}" == 'workflow_dispatch' ]]; then
CHANGES="[\"$INPUT_EXTENSION_NAME\"]"
fi
# Filter away the shared filter
EXTENSIONS_CHANGED=$(echo "$CHANGES" | jq -c 'map(select(. != "_shared"))')
echo "matrix=$EXTENSIONS_CHANGED" >> "$GITHUB_OUTPUT"
Bake:
name: Bake
needs: change-triage
permissions:
packages: write
contents: read
id-token: write
security-events: write
if: ${{ join(fromJSON(needs.change-triage.outputs.matrix)) != '' }}
strategy:
fail-fast: false
matrix:
extension: ${{ fromJSON(needs.change-triage.outputs.matrix) }}
uses: ./.github/workflows/bake_targets.yml
with:
extension_name: ${{ matrix.extension }}
secrets:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
Catalogs:
name: Update Catalogs
needs: Bake
runs-on: ubuntu-24.04
permissions:
contents: write
if: github.ref == 'refs/heads/main'
steps:
- name: Repository Dispatch
uses: peter-evans/repository-dispatch@28959ce8df70de7be546dd1250a005dd32156697 # v4
with:
event-type: update-catalogs