File tree Expand file tree Collapse file tree
Expand file tree Collapse file tree Original file line number Diff line number Diff line change @@ -10,11 +10,42 @@ permissions: {}
1010
1111jobs :
1212 apk-check-versions :
13+ permissions :
14+ # Required to clone repo
15+ contents : read
1316 runs-on : ubuntu-latest
1417 steps :
18+ - name : Set IMAGE
19+ shell : bash
20+ run : |
21+ set -euo pipefail
22+ IFS=$'\n\t'
23+ echo "IMAGE=${GITHUB_REPOSITORY#*/docker-}" >> "${GITHUB_ENV}"
24+ uses : actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
25+ with :
26+ fetch-depth : 1
27+ persist-credentials : false
1528 - name : Check the versions
1629 shell : bash
1730 run : |
1831 set -euo pipefail
1932 IFS=$'\n\t'
20- docker run --pull always -t --user root --entrypoint /bin/sh "leplusorg/${GITHUB_REPOSITORY#*/docker-}:main" -c 'if apk update && apk -u list | tee -a /dev/stderr | grep -q -e .; then exit 1; fi'
33+ PINNED=$(awk -F= '/^[[:space:]]+[a-z0-9][a-z0-9._+-]*=[0-9]/ { gsub(/[[:space:]]/, "", $1); print $1 }' "${IMAGE}/Dockerfile")
34+ if [ -z "${PINNED}" ]; then
35+ echo "No pinned packages found in ${IMAGE}/Dockerfile" >&2
36+ exit 1
37+ fi
38+ echo "Pinned packages:"
39+ echo "${PINNED}"
40+ UPGRADABLE=$(docker run --pull always --rm --user root --entrypoint /bin/sh "leplusorg/${IMAGE}:main" -c 'apk update >/dev/null 2>&1 && apk -u list 2>/dev/null')
41+ OUTDATED=""
42+ for pkg in ${PINNED}; do
43+ if printf '%s\n' "${UPGRADABLE}" | grep -qE "^${pkg}-[0-9]"; then
44+ OUTDATED="${OUTDATED} ${pkg}"
45+ fi
46+ done
47+ if [ -n "${OUTDATED}" ]; then
48+ echo "The following pinned packages are outdated:${OUTDATED}" >&2
49+ exit 1
50+ fi
51+ echo "All pinned packages are up to date"
You can’t perform that action at this time.
0 commit comments