| name: Bump downstream dependencies |
| permissions: |
| contents: read |
| |
| on: |
| workflow_dispatch: |
| schedule: |
| # Run daily |
| - cron: "0 10 * * *" |
| |
| jobs: |
| bump: |
| if: github.repository_owner == 'pyca' |
| runs-on: ubuntu-latest |
| steps: |
| - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 |
| with: |
| # Needed so we can push back to the repo |
| persist-credentials: true |
| - name: Parse downstream dependencies |
| id: downstream-bump |
| run: ./.github/bin/bump_downstreams.sh |
| - uses: tibdex/github-app-token@3beb63f4bd073e61482598c45c71c1019b59b73a # v2.1.0 |
| id: generate-token |
| with: |
| app_id: ${{ secrets.BORINGBOT_APP_ID }} |
| private_key: ${{ secrets.BORINGBOT_PRIVATE_KEY }} |
| if: steps.downstream-bump.outputs.HAS_UPDATES == 'true' |
| - name: Create Pull Request |
| uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725 # v8.0.0 |
| with: |
| branch: "bump-downstreams" |
| commit-message: "Bump downstream dependencies in CI" |
| title: "Bump downstream dependencies in CI" |
| author: "pyca-boringbot[bot] <pyca-boringbot[bot]+106132319@users.noreply.github.com>" |
| body: | |
| ${{ steps.downstream-bump.outputs.COMMIT_MSG }} |
| token: ${{ steps.generate-token.outputs.token }} |
| if: steps.downstream-bump.outputs.HAS_UPDATES == 'true' |
