Skip to content

Sync Submodules and Dependencies #419

Sync Submodules and Dependencies

Sync Submodules and Dependencies #419

name: Sync Submodules and Dependencies
# Pulls changes from the main branch of submodules daily at 9:00 UTC and opens a PR.
on:
schedule:
- cron: '0 9 * * *'
workflow_dispatch:
permissions:
# This is required for configure-aws-credentials to request an OIDC JWT ID token to access AWS resources later on.
# More info: https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#adding-permissions-settings
id-token: write
contents: write
pull-requests: write
jobs:
update:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
submodules: recursive
token: ${{ secrets.GITHUB_TOKEN }}
- name: configure aws credentials
uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2
with:
aws-region: ${{ secrets.REGION }}
role-to-assume: ${{ secrets.ROLE }}
role-session-name: sync-submodules-and-deps-session
- name: Update submodules
run: |
git submodule update --remote
- name: Create PR
uses: peter-evans/create-pull-request@c5a7806660adbe173f04e3e038b0ccdcd758773c # v6.1.0
with:
token: ${{ secrets.GITHUB_TOKEN }}
signoff: true
title: 'build(deps): Bump submodules and dependencies'
body: >
Bump for Finch's dependencies.
Updates finch-core submodule which defines the core dependencies for Finch on each respective
platform such as: operating system images and Lima bundle (Lima version and it's dependencies)
as `lima-and-qemu.macos-*.*.tar.gz` archives.
Since updating the Lima version may also update the default version of the `nerdctl-full`
archive (which contains nerdctl, containerd, buildkit, etc.), this may require a manual
update to
[`e2e/vm/version_test.go`](https://github.com/runfinch/finch/tree/create-pull-request/patch/e2e/vm/version_test.go).
To do so, checkout this PR branch locally, add a new commit to the branch,
and push back to the branch:
```bash
git fetch --all
git switch create-pull-request/patch
# make changes
git add e2e/vm/version_test.go
git commit -s "update dependency versions in version test"
git push
```