Look for changes in ed25519 upstream #1432
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Look for changes in ed25519 upstream | |
on: | |
schedule: | |
- cron: '0 13 * * *' | |
workflow_dispatch: | |
permissions: {} | |
jobs: | |
check-ed25519-upstream: | |
name: Open an issue if upstream ed25519 has new commits | |
runs-on: ubuntu-latest | |
permissions: | |
issues: 'write' # for filing an issue on failure | |
steps: | |
- name: Check out repository | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 | |
- name: Test if ed25519 upstream main HEAD is what we expect | |
id: test_ed25519 | |
run: | | |
if output=$(securesystemslib/_vendor/test-ed25519-upstream.sh); then | |
echo "result=0" >> $GITHUB_OUTPUT | |
else | |
echo "result=1" >> $GITHUB_OUTPUT | |
echo "output=$output" >> $GITHUB_OUTPUT | |
fi | |
- name: Create issue (unless one is open already) | |
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea | |
if: ${{ steps.test_ed25519.outputs.result == '1' }} | |
with: | |
script: | | |
console.log("ed25519 upstream main has changed!") | |
console.log("${{ steps.test_ed25519.outputs.output }}") | |
const repo = context.repo.owner + "/" + context.repo.repo | |
const issues = await github.rest.search.issuesAndPullRequests({ | |
q: "ed25519+upstream+has+new+commits+in:title+state:open+type:issue+repo:" + repo, | |
}) | |
if (issues.data.total_count > 0) { | |
console.log("Issue is already open, not creating.") | |
} else { | |
console.log("Creating a new issue...") | |
await github.rest.issues.create({ | |
owner: context.repo.owner, | |
repo: context.repo.repo, | |
title: "ed25519 upstream has new commits", | |
body: "It seems https://github.com/pyca/ed25519.git has changed: " + | |
"${{ steps.test_ed25519.outputs.output }} " + | |
"Please review changes, update the vendored copy if needed, and " + | |
"then update the expected hash in _vendor/test-ed25519-upstream.sh" | |
}) | |
} |