SPIRV-Tools/.github/workflows/autoroll.yml

name: Update dependencies
permissions:
  contents: read

on:
  schedule:
    - cron: '0 2 * * *'
  workflow_dispatch:

jobs:
  update-dependencies:
    permissions:
      contents: write
      pull-requests: write
    name: Update dependencies
    runs-on: ubuntu-latest

    steps:
      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1

      # Checkout the depot tools they are needed by roll_deps.sh
      - name: Checkout depot tools
        run: git clone https://chromium.googlesource.com/chromium/tools/depot_tools.git

      - name: Update PATH
        run: echo "$(pwd)/depot_tools" >> $GITHUB_PATH

      - name: Download dependencies
        run: python3 utils/git-sync-deps

      - name: Setup git user information
        run: |
          git config user.name "GitHub Actions[bot]"
          git config user.email "<>"
          git checkout -b roll_deps

      - name: Update dependencies
        run: |
          utils/roll_deps.sh
          if [[ `git diff HEAD..origin/main --name-only | wc -l` == 0 ]]; then
            echo "changed=false" >> $GITHUB_OUTPUT
          else
            echo "changed=true" >> $GITHUB_OUTPUT
          fi
        id: update_dependencies
      - name: Push changes and create PR
        if: steps.update_dependencies.outputs.changed == 'true'
        run: |
          git push --force --set-upstream origin roll_deps
          # Create a PR. If it aready exists, the command fails, so ignore the return code.
          gh pr create --base main -f || true 
          # Add the 'kokoro:run' label so that the kokoro tests will be run.
          gh pr edit --add-label 'kokoro:run'
          gh pr merge --auto --squash
        env:
          GITHUB_TOKEN: ${{ github.token }}
Create a github action to update DEPS (#5061) Adding a github action to open a PR when the DEPS can be updated. It will run once a day or it can be manually triggered. I updated roll_deps.sh so that it will not return an error if there were no new commits for a repository. 2023-01-18 18:19:39 +00:00			`name: Update dependencies`
Change default permissions for workflows (#5149) * change default workflow permission to read-all Fixes #5147 * permission: content read-only * remove bad changes 2023-03-13 15:18:01 +00:00			`permissions:`
			`contents: read`
Create a github action to update DEPS (#5061) Adding a github action to open a PR when the DEPS can be updated. It will run once a day or it can be manually triggered. I updated roll_deps.sh so that it will not return an error if there were no new commits for a repository. 2023-01-18 18:19:39 +00:00
			`on:`
			`schedule:`
			`- cron: '0 2 * * *'`
			`workflow_dispatch:`

			`jobs:`
			`update-dependencies:`
Change default permissions for workflows (#5149) * change default workflow permission to read-all Fixes #5147 * permission: content read-only * remove bad changes 2023-03-13 15:18:01 +00:00			`permissions:`
			`contents: write`
ci: fix dependency updater bot (#5165) Thought `content` permission was enough to create (not merge) PRs, but turns out the `pull-request` permission is also required. This should unblock the bot. Signed-off-by: Nathan Gauër <brioche@google.com> 2023-03-20 13:06:58 +00:00			`pull-requests: write`
Create a github action to update DEPS (#5061) Adding a github action to open a PR when the DEPS can be updated. It will run once a day or it can be manually triggered. I updated roll_deps.sh so that it will not return an error if there were no new commits for a repository. 2023-01-18 18:19:39 +00:00			`name: Update dependencies`
			`runs-on: ubuntu-latest`

			`steps:`
build(deps): bump the github-actions group with 4 updates (#5445) Bumps the github-actions group with 4 updates: [actions/checkout](https://github.com/actions/checkout), [ossf/scorecard-action](https://github.com/ossf/scorecard-action), [actions/upload-artifact](https://github.com/actions/upload-artifact) and [github/codeql-action](https://github.com/github/codeql-action). Updates `actions/checkout` from 3.1.0 to 4.1.1 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v3.1.0...b4ffde65f46336ab88eb53be808477a3936bae11) Updates `ossf/scorecard-action` from 2.1.2 to 2.3.0 - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](https://github.com/ossf/scorecard-action/compare/e38b1902ae4f44df626f11ba0734b14fb91f8f86...483ef80eb98fb506c348f7d62e28055e49fe2398) Updates `actions/upload-artifact` from 3.1.0 to 3.1.3 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/3cea5372237819ed00197afe530f5a7ea3e805c8...a8a3f3ad30e3422c9c7b888a15615d19a852ae32) Updates `github/codeql-action` from 2.2.4 to 2.22.3 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/17573ee1cc1b9d061760f3a006fc4aac4f944fd5...0116bc2df50751f9724a2e35ef1f24d22f90e4e1) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: ossf/scorecard-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 2023-10-18 18:56:29 +00:00			`- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1`
Create a github action to update DEPS (#5061) Adding a github action to open a PR when the DEPS can be updated. It will run once a day or it can be manually triggered. I updated roll_deps.sh so that it will not return an error if there were no new commits for a repository. 2023-01-18 18:19:39 +00:00
			`# Checkout the depot tools they are needed by roll_deps.sh`
			`- name: Checkout depot tools`
			`run: git clone https://chromium.googlesource.com/chromium/tools/depot_tools.git`

			`- name: Update PATH`
Use absolute path to depot_tools (#5360) The autoroll workflow is currently failing due to being unable to find some depot_tools executables. This is due to a limitation in Go os/exec which effectively rejects all relative paths in PATH, and is exposed by a recent update to depot_tools (https://crrev.com/43083529de5802a83f53f1d53d7f5f9615999996). 2023-08-04 22:01:50 +00:00			`run: echo "$(pwd)/depot_tools" >> $GITHUB_PATH`
Create a github action to update DEPS (#5061) Adding a github action to open a PR when the DEPS can be updated. It will run once a day or it can be manually triggered. I updated roll_deps.sh so that it will not return an error if there were no new commits for a repository. 2023-01-18 18:19:39 +00:00
			`- name: Download dependencies`
			`run: python3 utils/git-sync-deps`

			`- name: Setup git user information`
			`run: \|`
Rename bot in autoroll.yml (#5072) The current bot is having trouble with the CLA. I checked with the Khronos admin, and this was his reply: > We already safe list *[bot] which should account for all GitHub bots. If you have manually named the GitHub Actions bot to GitHub Actions bot, it should be renamed to GitHub Actions[bot]. This should resolve the issue. Trying that to see if it works. 2023-01-19 00:49:07 +00:00			`git config user.name "GitHub Actions[bot]"`
Create a github action to update DEPS (#5061) Adding a github action to open a PR when the DEPS can be updated. It will run once a day or it can be manually triggered. I updated roll_deps.sh so that it will not return an error if there were no new commits for a repository. 2023-01-18 18:19:39 +00:00			`git config user.email "<>"`
			`git checkout -b roll_deps`

			`- name: Update dependencies`
			`run: \|`
			`utils/roll_deps.sh`
			if [[ `git diff HEAD..origin/main --name-only \| wc -l` == 0 ]]; then
			`echo "changed=false" >> $GITHUB_OUTPUT`
			`else`
			`echo "changed=true" >> $GITHUB_OUTPUT`
			`fi`
			`id: update_dependencies`
			`- name: Push changes and create PR`
			`if: steps.update_dependencies.outputs.changed == 'true'`
			`run: \|`
			`git push --force --set-upstream origin roll_deps`
Fix failing action when PR is already open. (#5380) 2023-08-15 13:53:10 +00:00			`# Create a PR. If it aready exists, the command fails, so ignore the return code.`
Remove reviewer from autoroller (#5414) For some reason the `gh` command to create a pull request with a team as the reviewer is not working. That command works when I run it locally. I don't know what the problem is, but I will just stop adding a reviewer. Then anyone can look at it. 2023-09-26 16:06:29 +00:00			`gh pr create --base main -f \|\| true`
Fix failing action when PR is already open. (#5380) 2023-08-15 13:53:10 +00:00			`# Add the 'kokoro:run' label so that the kokoro tests will be run.`
			`gh pr edit --add-label 'kokoro:run'`
			`gh pr merge --auto --squash`
Create a github action to update DEPS (#5061) Adding a github action to open a PR when the DEPS can be updated. It will run once a day or it can be manually triggered. I updated roll_deps.sh so that it will not return an error if there were no new commits for a repository. 2023-01-18 18:19:39 +00:00			`env:`
			`GITHUB_TOKEN: ${{ github.token }}`