Skip to content

Check for JRE updates #192

Check for JRE updates

Check for JRE updates #192

Workflow file for this run

# This is a basic workflow to help you get started with Actions
name: Check for JRE updates
# Controls when the workflow will run
on:
schedule:
- cron: '11 11 * * 3'
push:
branches: [ main ]
paths:
- '.github/workflows/update-jre.yml'
- 'scripts/jre-update'
# push:
# branches: [ main ]
# paths-ignore:
# - '.github/workflows/gh-pages.yml'
# - '.github/workflows/update-release.yml'
# - '.github/workflows/codeql-analysis.yml'
# - '.github/*.yml'
# - 'website/**'
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
env:
GH_TOKEN: ${{secrets.PUBLISH_GH_TOKEN}}
# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
# This workflow contains a single job called "build"
update-bundled-jre:
# The type of runner that the job will run on
runs-on: ubuntu-latest
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
- uses: actions/checkout@v3
- uses: actions/setup-node@master
with:
node-version: 18
- name: Install NPM dev dependencies
run: npm install -D
- name: Check for latest JRE versions
id: jre-version-check
run: |
OUTPUT=$(npm run -s deps:jre:check)
if [[ $? -ne 0 ]]; then
echo "Checking for latest JRE versions failed."
exit 1
else
LAST_LINE=$(echo "$OUTPUT" | tail -n 1)
echo "UPDATED_VERSION<<EOF" >> $GITHUB_ENV
echo $LAST_LINE >> $GITHUB_ENV
echo EOF >> $GITHUB_ENV
fi
- name: Check if JRE versions were updated
id: jre-updated
run: |
STATUS=$(git status --porcelain jre-version.json)
echo "STATUS=$STATUS" >> $GITHUB_ENV
- name: Create pull request for updated JRE versions
uses: peter-evans/create-pull-request@v4
id: create-pull-request
if: ${{ env.STATUS != '' }}
with:
token: ${{secrets.PUBLISH_GH_TOKEN}}
author: GitHub Actions <[email protected]>
add-paths: jre-version.json
commit-message: Update bundled JRE to ${{ env.UPDATED_VERSION }}
branch: update-bundled-jre
delete-branch: true
title: Update bundled JRE to ${{ env.UPDATED_VERSION }}
body: |
This automated pull request updates the bundled JRE versions to the new security patch release ${{ env.UPDATED_VERSION }}.
- name: Send alert email
uses: dawidd6/action-send-mail@v3
if: ${{ steps.create-pull-request.outputs.pull-request-operation == 'updated' || steps.create-pull-request.outputs.pull-request-operation == 'created' }}
with:
server_address: ${{secrets.MAIL_SMTP_SERVER}}
server_port: 465
from: GitHub Actions <[email protected]>
username: ${{secrets.MAIL_USER}}
password: ${{secrets.MAIL_PASSWORD}}
subject: New JRE security update
to: ${{secrets.ALTERT_RECIPIENT_ADDRESS}}
secure: true
body: New JRE security update ${{ env.UPDATED_VERSION }}. Created pull request ${{ steps.create-pull-request.outputs.pull-request-url }}.