Add workflow to update actions

[hlts2]

Description

In a previous PR, we have created a command to update the actions version.
To prevent forgetting to update the version, we will use cron to update it periodically.

Related Issue

Versions

• Go Version: 1.22.3
• Rust Version: 1.77.2
• Docker Version: 20.10.8
• Kubernetes Version: v1.30.0
• NGT Version: 2.2.1

Checklist

• I have read the CONTRIBUTING document and completed our CLA agreement.
• I have checked open Pull Requests for the similar feature or fixes?

Special notes for your reviewer

Summary by CodeRabbit

• Chores
  • Introduced a GitHub Actions workflow to automate updating Action dependencies and manage pull requests.
  • Updated the default shell in the build process to bash for improved command execution.
  • Upgraded the PETER_EVANS_CREATE_PULL_REQUEST action to version 6.1.0.

[coderabbitai]

Walkthrough

Walkthrough

The recent update enhances the development workflow by introducing a new GitHub Actions workflow (update-actions.yaml) that automates Action dependency updates, including PR creation and Git configuration. Additionally, the Makefile specifies the shell environment by setting the SHELL variable to bash, ensuring consistent command execution. Finally, the PETER_EVANS_CREATE_PULL_REQUEST action has been updated to version 6.1.0.

Changes

Files	Change Summary
.github/workflows/update-actions.yaml	Introduced a new workflow for automating the update of Actions dependencies, including PR creation and Git setup.
Makefile	Added SHELL = bash to specify the shell environment for running Makefile commands.
versions/actions/PETER_EVANS_CREATE_PULL_REQUEST	Updated version to 6.1.0 for the PETER_EVANS_CREATE_PULL_REQUEST action.

Sequence Diagram(s)

sequenceDiagram
    participant User
    participant GitHubActions
    participant Repository
    participant GPG
    participant PRCreator

    User->>GitHubActions: Trigger update-actions.yaml
    GitHubActions->>Repository: Checkout latest code
    GitHubActions->>GitHubActions: Log context info
    GitHubActions->>GPG: Import GPG key
    GitHubActions->>Repository: Update Action dependencies
    GitHubActions->>Repository: Check for changes
    alt Changes detected
        GitHubActions->>PRCreator: Create pull request
    end

Loading

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

Share

• X
• Mastodon
• Reddit
• LinkedIn

Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai generate interesting stats about this repository and render them as a table.
  • @coderabbitai show all the console.log statements in this repository.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (invoked as PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Additionally, you can add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[vdaas-ci]

[CHATOPS:HELP] ChatOps commands.

• 🙆‍♀️ /approve - approve
• 🍱 /format - format codes and add licenses
• ✅ /gen-test - generate test codes
• 🏷️ /label - add labels
• 🔚 2️⃣ 🔚 /label actions/e2e-deploy - run E2E deploy & integration test

[coderabbitai]

Actionable comments posted: 0

Review Details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 6d4b505 and 82989d6.

Files selected for processing (2)

• .github/workflows/update-actions.yaml (1 hunks)
• Makefile (1 hunks)

Files skipped from review due to trivial changes (1)

• Makefile

Additional comments not posted (7)

.github/workflows/update-actions.yaml (7)

7-12: The dump-contexts-to-log job looks good and uses standard actions appropriately.

---

16-16: The step to check out the repository using actions/checkout@v4 is correctly implemented.

---

19-21: The step to set the Git configuration is necessary and correctly implemented.

---

22-26: The step to import GPG keys and set Git configurations for signing commits is correctly implemented.

---

27-29: The step to run the update command using make update/actions is correctly implemented.

---

30-38: The step to check for differences in the repository and set an output variable if differences are found is correctly implemented.

---

39-50: The step to create a pull request if differences are found is correctly implemented.

[cloudflare-workers-and-pages]

Deploying vald with    Cloudflare Pages

Latest commit:	649bc7e
Status:	✅  Deploy successful!
Preview URL:	https://4e883d16.vald.pages.dev
Branch Preview URL:	https://feat-update-actions-deps-cro.vald.pages.dev

View logs

[coderabbitai]

Actionable comments posted: 0

Review Details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 82989d6 and 2a87915.

Files selected for processing (2)

• .github/workflows/update-actions.yaml (1 hunks)
• versions/actions/PETER_EVANS_CREATE_PULL_REQUEST (1 hunks)

Files skipped from review due to trivial changes (1)

• versions/actions/PETER_EVANS_CREATE_PULL_REQUEST

Files skipped from review as they are similar to previous changes (1)

• .github/workflows/update-actions.yaml

[coderabbitai]

Actionable comments posted: 0

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 2a87915 and ba4d09d.

Files selected for processing (1)

• Makefile (1 hunks)

Files skipped from review due to trivial changes (1)

• Makefile

[coderabbitai]

Actionable comments posted: 0

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between ba4d09d and c86573a.

Files selected for processing (2)

• .github/workflows/update-actions.yaml (1 hunks)
• versions/actions/PETER_EVANS_CREATE_PULL_REQUEST (1 hunks)

Files skipped from review due to trivial changes (1)

• versions/actions/PETER_EVANS_CREATE_PULL_REQUEST

Additional comments not posted (7)

.github/workflows/update-actions.yaml (7)

7-11: LGTM! The dump-contexts-to-log job is well-defined.

The job checks out the repository and runs a custom action to dump context information.

---

15-15: LGTM! The repository checkout step is well-defined.

The step uses actions/checkout@v4 to check out the repository.

---

18-20: LGTM! The Git configuration step is well-defined.

The step sets the Git configuration to add the current workspace as a safe directory.

---

21-25: LGTM! The GPG import and commit signing step is well-defined.

The step uses crazy-max/ghaction-import-gpg@v6 to import a GPG key and configure Git to sign commits.

Ensure that the secrets GPG_PRIVATE_KEY and DISPATCH_TOKEN are correctly configured in the repository settings.

---

29-37: LGTM! The difference check step is well-defined.

The step checks for differences in the repository and sets an output variable if changes are detected.

Ensure that the output variable HAS_GIT_DIFF is correctly set.

Verification successful

---

The output variable HAS_GIT_DIFF is correctly set and used.

The variable is set in the Check difference step and used in a conditional statement later in the workflow.

• Line where the variable is set: .github/workflows/update-actions.yaml: echo "HAS_GIT_DIFF=true" >> $GITHUB_OUTPUT
• Line where the variable is used: .github/workflows/update-actions.yaml: if: ${{ steps.check_diff.outputs.HAS_GIT_DIFF == 'true' }}

Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify that the output variable `HAS_GIT_DIFF` is correctly set.

# Test: Search for the output variable in the workflow file. Expect: The variable to be set correctly.
rg 'HAS_GIT_DIFF' .github/workflows/update-actions.yaml

Length of output: 177

---

38-49: LGTM! The pull request creation step is well-defined.

The step uses peter-evans/create-pull-request@v6 to create a pull request if changes are detected.

Ensure that the secrets DISPATCH_USER and DISPATCH_TOKEN are correctly configured in the repository settings.

---

26-28: LGTM! The update command step is well-defined.

The step runs a make command to update actions.

Ensure that the make update/actions command is correctly defined in the Makefile.

Verification successful

Let's confirm the full definition of the update/actions target in the Makefile to ensure it is correctly defined.

---

Let's extract more lines following the update/actions target to capture the full context and associated commands.

---

Let's verify the definitions of the dependent targets to ensure they are correctly defined and include the necessary commands.

---

The update/actions target is correctly defined and includes all necessary dependencies. Each dependent target has its own set of commands, ensuring that the update/actions target will execute the required updates.

• The update/actions target depends on multiple other targets, all of which are correctly defined in the Makefile.

Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify that the `make update/actions` command is correctly defined in the Makefile.

# Test: Search for the `update/actions` target in the Makefile. Expect: The target to be present.
rg 'update/actions' Makefile

Length of output: 46

---

Script:

#!/bin/bash
# Extract the full definition of the `update/actions` target from the Makefile.
rg -A 5 'update/actions' Makefile

Length of output: 115

---

Script:

#!/bin/bash
# Extract more lines following the `update/actions` target to capture the full context and associated commands.
rg -A 20 'update/actions' Makefile

Length of output: 335

---

Script:

#!/bin/bash
# Search for the definitions of the dependent targets in the Makefile.
rg -A 10 -e 'proto/all' -e 'deps' -e 'update/template' -e 'go/deps' -e 'rust/deps' -e 'format' Makefile

Length of output: 3983

[coderabbitai]

Actionable comments posted: 0

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between c86573a and 649bc7e.

Files selected for processing (1)

• .github/workflows/update-actions.yaml (1 hunks)

Files skipped from review due to trivial changes (1)

• .github/workflows/update-actions.yaml