Skip to content
Bump x509-limbo and/or wycheproof

Bump x509-limbo and/or wycheproof #252

Sign in to view logs

Bump x509-limbo and/or wycheproof

Bump x509-limbo and/or wycheproof #252

Workflow file for this run

.github/workflows/x509-limbo-version-bump.yml at 6bc06f2
name: Bump x509-limbo and/or wycheproof
permissions:
contents: read
on:
workflow_dispatch:
schedule:
# Run daily
- cron: "0 0 * * *"
jobs:
bump:
if: github.repository_owner == 'pyca'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- id: check-sha-x509-limbo
run: |
SHA=$(git ls-remote https://github.com/C2SP/x509-limbo refs/heads/main | cut -f1)
LAST_COMMIT=$(grep x509-limbo-ref .github/actions/fetch-vectors/action.yml | grep -oE '[a-f0-9]{40}')
if ! grep -q "$SHA" .github/actions/fetch-vectors/action.yml; then
echo "COMMIT_SHA=${SHA}" >> $GITHUB_OUTPUT
echo "COMMIT_MSG<<EOF" >> $GITHUB_OUTPUT
echo -e "## x509-limbo\n[Commit: ${SHA}](https://github.com/C2SP/x509-limbo/commit/${SHA})\n\n[Diff](https://github.com/C2SP/x509-limbo/compare/${LAST_COMMIT}...${SHA}) between the last commit hash merged to this repository and the new commit." >> $GITHUB_OUTPUT
echo "EOF" >> $GITHUB_OUTPUT
fi
- name: Update x509-limbo
run: |
set -xe
CURRENT_DATE=$(date "+%b %d, %Y")
sed -E -i "s/Latest commit on the x509-limbo main branch.*/Latest commit on the x509-limbo main branch, as of ${CURRENT_DATE}./" .github/actions/fetch-vectors/action.yml
sed -E -i "s/ref: \"[0-9a-f]{40}\" # x509-limbo-ref/ref: \"${{ steps.check-sha-x509-limbo.outputs.COMMIT_SHA }}\" # x509-limbo-ref/" .github/actions/fetch-vectors/action.yml
git status
if: steps.check-sha-x509-limbo.outputs.COMMIT_SHA
- id: check-sha-wycheproof
run: |
SHA=$(git ls-remote https://github.com/C2SP/wycheproof refs/heads/master | cut -f1)
LAST_COMMIT=$(grep wycheproof-ref .github/actions/fetch-vectors/action.yml | grep -oE '[a-f0-9]{40}')
if ! grep -q "$SHA" .github/actions/fetch-vectors/action.yml; then
echo "COMMIT_SHA=${SHA}" >> $GITHUB_OUTPUT
echo "COMMIT_MSG<<EOF" >> $GITHUB_OUTPUT
echo -e "## wycheproof\n[Commit: ${SHA}](https://github.com/C2SP/wycheproof/commit/${SHA})\n\n[Diff](https://github.com/C2SP/wycheproof/compare/${LAST_COMMIT}...${SHA}) between the last commit hash merged to this repository and the new commit." >> $GITHUB_OUTPUT
echo "EOF" >> $GITHUB_OUTPUT
fi
- name: Update wycheproof
run: |
set -xe
CURRENT_DATE=$(date "+%b %d, %Y")
sed -E -i "s/Latest commit on the wycheproof master branch.*/Latest commit on the wycheproof master branch, as of ${CURRENT_DATE}./" .github/actions/fetch-vectors/action.yml
sed -E -i "s/ref: \"[0-9a-f]{40}\" # wycheproof-ref/ref: \"${{ steps.check-sha-wycheproof.outputs.COMMIT_SHA }}\" # wycheproof-ref/" .github/actions/fetch-vectors/action.yml
git status
if: steps.check-sha-wycheproof.outputs.COMMIT_SHA
- uses: tibdex/github-app-token@3beb63f4bd073e61482598c45c71c1019b59b73a # v2.1.0
id: generate-token
with:
app_id: ${{ secrets.BORINGBOT_APP_ID }}
private_key: ${{ secrets.BORINGBOT_PRIVATE_KEY }}
if: steps.check-sha-x509-limbo.outputs.COMMIT_SHA || steps.check-sha-wycheproof.outputs.COMMIT_SHA
- name: Create Pull Request
uses: peter-evans/create-pull-request@c5a7806660adbe173f04e3e038b0ccdcd758773c # v6.1.0
with:
branch: "bump-vectors"
commit-message: "Bump x509-limbo and/or wycheproof in CI"
title: "Bump x509-limbo and/or wycheproof in CI"
author: "pyca-boringbot[bot] <pyca-boringbot[bot][email protected]>"
body: |
${{ steps.check-sha-x509-limbo.outputs.COMMIT_MSG }}
${{ steps.check-sha-wycheproof.outputs.COMMIT_MSG }}
token: ${{ steps.generate-token.outputs.token }}
if: steps.check-sha-x509-limbo.outputs.COMMIT_SHA || steps.check-sha-wycheproof.outputs.COMMIT_SHA