name: update-flake on: # run action when a change lands in the main branch which updates go.mod. Also # allow manual triggering. push: branches: - main paths: - go.mod - .github/workflows/update-flakes.yml workflow_dispatch: concurrency: group: ${{ github.workflow }}-$${{ github.head_ref || github.run_id }} cancel-in-progress: true jobs: update-flake: runs-on: ubuntu-latest steps: - name: Check out code uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Run update-flakes run: ./update-flake.sh - name: Get access token uses: tibdex/github-app-token@3beb63f4bd073e61482598c45c71c1019b59b73a # v2.1.0 id: generate-token with: app_id: ${{ secrets.LICENSING_APP_ID }} installation_retrieval_mode: "id" installation_retrieval_payload: ${{ secrets.LICENSING_APP_INSTALLATION_ID }} private_key: ${{ secrets.LICENSING_APP_PRIVATE_KEY }} - name: Send pull request uses: peter-evans/create-pull-request@8867c4aba1b742c39f8d0ba35429c2dfa4b6cb20 #v7.0.1 with: token: ${{ steps.generate-token.outputs.token }} author: Flakes Updater committer: Flakes Updater branch: flakes commit-message: "go.mod.sri: update SRI hash for go.mod changes" title: "go.mod.sri: update SRI hash for go.mod changes" body: Triggered by ${{ github.repository }}@${{ github.sha }} signoff: true delete-branch: true reviewers: danderson