Update latest dep versions #10
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Update latest dep versions | |
| on: | |
| schedule: | |
| # daily at 4:12 UTC | |
| - cron: "12 4 * * *" | |
| workflow_dispatch: | |
| permissions: | |
| contents: read | |
| jobs: | |
| update-latest-dep-versions: | |
| permissions: | |
| contents: write # for git push to PR branch | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| - name: Free disk space | |
| run: .github/scripts/gha-free-disk-space.sh | |
| - name: Set up JDK for running Gradle | |
| uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5.2.0 | |
| with: | |
| distribution: temurin | |
| java-version-file: .java-version | |
| - name: Setup Gradle | |
| uses: gradle/actions/setup-gradle@50e97c2cd7a37755bbfafc9c5b7cafaece252f6e # v6.1.0 | |
| - name: Resolve latest dep versions | |
| run: > | |
| ./gradlew resolveLatestDepVersions | |
| -PtestLatestDeps=true | |
| -PresolveLatestDeps=true | |
| - name: Check for changes | |
| id: check-changes | |
| run: | | |
| if git diff --quiet .github/config/latest-dep-versions.json; then | |
| echo "changed=false" >> $GITHUB_OUTPUT | |
| else | |
| echo "changed=true" >> $GITHUB_OUTPUT | |
| fi | |
| - name: Use CLA approved bot | |
| if: steps.check-changes.outputs.changed == 'true' | |
| run: .github/scripts/use-cla-approved-bot.sh | |
| - uses: actions/create-github-app-token@1b10c78c7865c340bc4f6099eb2f838309f1e8c3 # v3.1.1 | |
| if: steps.check-changes.outputs.changed == 'true' | |
| id: otelbot-token | |
| with: | |
| app-id: ${{ vars.OTELBOT_APP_ID }} | |
| private-key: ${{ secrets.OTELBOT_PRIVATE_KEY }} | |
| - name: Create pull request | |
| if: steps.check-changes.outputs.changed == 'true' | |
| env: | |
| # not using secrets.GITHUB_TOKEN since pull requests from that token do not run workflows | |
| GH_TOKEN: ${{ steps.otelbot-token.outputs.token }} | |
| run: | | |
| message="Update pinned latest dep versions" | |
| body="Auto-generated update of pinned latest dependency versions used by \`testLatestDeps\` builds." | |
| branch="otelbot/update-latest-dep-versions" | |
| git checkout -b $branch | |
| git add .github/config/latest-dep-versions.json | |
| git commit -m "$message" | |
| # If the remote branch already exists, only force-push when its tip | |
| # was authored by otelbot. This preserves any manual commits that | |
| # may have pushed on top of an open auto-PR. | |
| if git ls-remote --exit-code --heads origin "$branch" >/dev/null; then | |
| git fetch origin "$branch" | |
| author_email=$(git log -1 --format='%ae' "origin/$branch") | |
| if [ "$author_email" != "197425009+otelbot@users.noreply.github.com" ]; then | |
| echo "Remote tip of $branch was authored by $author_email (not otelbot); skipping push." >&2 | |
| exit 0 | |
| fi | |
| fi | |
| git push --force-with-lease --set-upstream origin $branch | |
| # only create a new PR if one doesn't already exist | |
| existing_pr=$(gh pr list --head "$branch" --state open --json number --jq '.[0].number') | |
| if [ -z "$existing_pr" ]; then | |
| gh pr create --title "$message" \ | |
| --body "$body" \ | |
| --base main | |
| fi |