update rpm packages #19
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: update rpm packages | |
| on: | |
| workflow_dispatch: | |
| schedule: | |
| - cron: '0 19 * * 0' # 7pm UTC on Sundays | |
| jobs: | |
| update-rpm-packages: | |
| runs-on: ubuntu-22.04 | |
| timeout-minutes: 60 | |
| steps: | |
| - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
| with: | |
| ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }} | |
| token: ${{ !github.event.pull_request.head.repo.fork && secrets.NUNKI_CI_COMMIT_PUSH_PR || github.token }} | |
| - uses: ./.github/actions/setup_nix | |
| with: | |
| githubToken: ${{ secrets.GITHUB_TOKEN }} | |
| cachixToken: ${{ secrets.CACHIX_AUTH_TOKEN }} | |
| - name: Update Microsoft RPMs | |
| run: | | |
| nix run .#rpm-pin-vendor -- kata-packages-uvm kata-packages-uvm-coco systemd libseccomp > packages/by-name/microsoft/kata-image/package-index.json | |
| - name: Update Kata RPMs | |
| run: | | |
| nix run .#rpm-pin-vendor -- kata-packages-uvm kata-packages-uvm-coco systemd libseccomp core-packages-base-image > packages/by-name/kata/kata-image/package-index.json | |
| - name: Create PR | |
| uses: peter-evans/create-pull-request@8867c4aba1b742c39f8d0ba35429c2dfa4b6cb20 # v7.0.1 | |
| with: | |
| title: "deps: update pinned rpm packages" | |
| body: "Automated updated created by [rpm_updates workflow](https://github.com/edgelesssys/contrast/blob/main/.github/workflows/rpm_updates.yml)." | |
| commit-message: "deps: update pinned rpm packages" | |
| base: main | |
| draft: false | |
| labels: "dependencies" | |
| committer: edgelessci <[email protected]> | |
| author: edgelessci <[email protected]> | |
| token: ${{ secrets.NUNKI_CI_COMMIT_PUSH_PR }} |