usm: watcher: Add periodic scan #64025
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: "Run Go Mod Tidy And Generate Licenses" | |
on: | |
pull_request: | |
types: | |
- labeled | |
workflow_dispatch: | |
inputs: | |
pr_number: | |
description: "PR number" | |
required: true | |
type: number | |
jobs: | |
mod_tidy_and_generate_licenses: | |
if: ${{ github.event_name == 'workflow_dispatch' || (github.event_name == 'pull_request' && github.actor == 'dependabot[bot]' && contains(github.event.pull_request.labels.*.name, 'dependencies-go')) }} | |
runs-on: ubuntu-latest | |
permissions: | |
contents: write | |
steps: | |
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
with: | |
ref: ${{ github.head_ref }} | |
- name: Checkout PR | |
# run only if triggered manually, otherwise we are already on the right branch and we won't have `pr_number` | |
if: ${{ github.event_name == 'workflow_dispatch' }} | |
run: gh pr checkout "$PR_NUMBER" | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
PR_NUMBER: ${{ github.event.inputs.pr_number }} | |
- name: Install go | |
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 | |
with: | |
go-version-file: ".go-version" | |
- name: Install python | |
uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 | |
with: | |
python-version: 3.11 | |
cache: "pip" | |
- name: Install python requirements.txt | |
run: python3 -m pip install -r requirements.txt | |
- name: Go mod tidy | |
run: inv -e tidy | |
- name: Update LICENSE-3rdparty.csv | |
if: ${{ github.event_name == 'workflow_dispatch' || !contains(github.event.pull_request.labels.*.name, 'dependencies-go-tools') }} | |
run: | | |
inv -e install-tools | |
inv -e generate-licenses | |
- name: Update mocks | |
if: ${{ github.event_name == 'workflow_dispatch' || !contains(github.event.pull_request.labels.*.name, 'dependencies-go-tools') }} | |
run: inv -e security-agent.gen-mocks # generate both security agent and process mocks | |
- uses: stefanzweifel/git-auto-commit-action@8621497c8c39c72f3e2a999a26b4ca1b5058a842 # v5.0.1 | |
id: autocommit | |
with: | |
commit_message: Auto-generate go.sum and LICENSE-3rdparty.csv changes | |
- name: changes | |
env: | |
CHANGES: ${{ steps.autocommit.outputs.changes_detected }} | |
run: | | |
echo "Changes detected: $CHANGES" |