Skip to content

Update packages

Update packages #30

name: Update packages
on:
workflow_dispatch:
schedule:
# Runs Wednesdays at a weird time (22:21 UTC) to avoid delays during
# periods of high loads of GitHub Actions workflow runs.
- cron: '4 22 * * 3'
jobs:
update:
runs-on: windows-2022
steps:
- name: Checkout code
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Install python dependency 'requests'
run: pip install requests
- name: Set git up
run: |
git config user.email '[email protected]'
git config user.name 'vm-packages'
- name: Update packages
run: |
$root = pwd
New-Item test_logs -itemType Directory | Out-Null
foreach ($packagePath in (Get-ChildItem packages)){
$package = $packagePath.Name
$newVersion = 0
# Test indepdendly every type of update and commit what works
foreach ($UPDATE_TYPE in ('DEPENDENCIES', 'GITHUB_URL', 'VERSION_URL')) {
$version = python scripts\utils\update_package.py $package --update_type $UPDATE_TYPE
$updated = $?
echo "$package $version"
if ($updated -and $version) {
# Test package before committing
scripts\test\test_install.ps1 -max_tries 1 $package | out-null
$tested = $?
cd $root
if ($tested) {
git add "packages/$package/"
$newVersion = $version
} else {
echo "$package $version FAILED"
git diff
}
}
# Clean changes and built packages
git restore .
Remove-Item built_pkgs -Recurse -ErrorAction Ignore
}
if ($newVersion) {
git commit -m "Update $package to $newVersion"
}
}
Exit(0)
- name: Upload logs to artifacts
uses: ./.github/actions/upload-logs
if: always()
- name: Create Pull Request
uses: peter-evans/create-pull-request@a4f52f8033a6168103c2538976c07b467e8163bc # v6.0.1
with:
title: ':robot: Package update'
body: 'Automated package update created by [update_packages.yml](https://github.com/mandiant/VM-Packages/blob/main/.github/workflows/update_packages.yml). Note the update is triggered weekly and will modify this PR if it has not been merged.'
branch: package-update
author: vm-packages <[email protected]>
add-paths: packages/*
# GH actions can not trigger other GH actions,
# use a Personal Access Token to trigger the CI workflow in the created PR
token: ${{ secrets.REPO_TOKEN }}