Skip to content

Commit 15b639c

Browse files
ZaperexZaperex
committed
chore: add update-rpm-lockfile workflow
Signed-off-by: Frank Kong <[email protected]> rh-pre-commit.version: 2.3.2 rh-pre-commit.check-secrets: ENABLED
1 parent d01dfef commit 15b639c

File tree

1 file changed

+105
-0
lines changed

1 file changed

+105
-0
lines changed

.github/workflows/update-rpm-lockfile.yaml

Lines changed: 105 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,105 @@
1+
name: Update RPM Lockfile
2+
3+
on:
4+
workflow_dispatch:
5+
schedule:
6+
# Run at 3AM UTC every Monday
7+
- cron: '0 3 * * 1'
8+
push:
9+
branches:
10+
- main
11+
paths:
12+
- 'rpms.in.yaml'
13+
- '.rhdh/docker/Dockerfile'
14+
permissions:
15+
contents: write
16+
pull-requests: write
17+
18+
jobs:
19+
update-lockfile:
20+
runs-on: ubuntu-latest
21+
steps:
22+
- name: Checkout repository
23+
uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # 4.3.0
24+
with:
25+
fetch-depth: 0
26+
27+
- name: Configure Git
28+
run: |
29+
git config --global user.name "github-actions[bot]"
30+
git config --global user.email "github-actions[bot]@users.noreply.github.com"
31+
32+
- name: Install rpm-lockfile-prototype
33+
run: |
34+
if [[ ! -x "${HOME}/.local/bin/rpm-lockfile-prototype" ]]; then
35+
echo "Installing rpm-lockfile-prototype ..."
36+
37+
sudo apt-get update
38+
sudo apt-get install -y python3 python3-pip python3-dev build-essential
39+
sudo apt-get install -y podman skopeo rpm
40+
sudo apt-get install -y dnf python3-dnf
41+
42+
mkdir -p "${HOME}/.local/bin/"
43+
python3 -m pip install --user https://github.com/konflux-ci/rpm-lockfile-prototype/archive/refs/heads/main.zip
44+
45+
# Update PATH
46+
export PATH=${PATH%":${HOME}/.local/bin"}:${HOME}/.local/bin
47+
echo "${HOME}/.local/bin" >> $GITHUB_PATH
48+
else
49+
echo "rpm-lockfile-prototype already installed"
50+
fi
51+
52+
- name: Check if hermetic Dockerfile exists
53+
run: |
54+
if [ ! -f ".rhdh/docker/Dockerfile" ]; then
55+
echo "Error: .rhdh/docker/Dockerfile not found!"
56+
exit 1
57+
fi
58+
59+
- name: Run rpm-lockfile-prototype
60+
run: |
61+
echo "Regen rpms.lock.yaml from Dockerfile + rpms.in.yaml using $(which rpm-lockfile-prototype) in [$(pwd)]"
62+
"${HOME}/.local/bin/rpm-lockfile-prototype" -f .rhdh/docker/Dockerfile rpms.in.yaml
63+
64+
- name: Check for lockfile changes
65+
id: check-lockfile-changes
66+
run: |
67+
if git diff --quiet rpms.lock.yaml; then
68+
echo "No changes to rpms.lock.yaml detected, skipping PR creation"
69+
echo "changes=false" >> $GITHUB_OUTPUT
70+
else
71+
echo "Changes detected in rpms.lock.yaml"
72+
echo "changes=true" >> $GITHUB_OUTPUT
73+
fi
74+
75+
- name: Create Pull Request
76+
id: create-pull-request
77+
if: steps.check-lockfile-changes.outputs.changes == 'true'
78+
uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e # v7.0.8
79+
with:
80+
token: ${{ secrets.GITHUB_TOKEN }}
81+
commit-message: "chore: update rpms.lock.yaml"
82+
title: "chore: update RPM lockfile"
83+
body: |
84+
## Description
85+
86+
This PR updates the `rpms.lock.yaml` file with the latest package versions based on current `rpms.in.yaml` configuration using `.rhdh/docker/Dockerfile` as the base container context
87+
88+
This PR was automatically created by the [Update RPM Lockfile GitHub Action](${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}).
89+
branch: update-rpm-lockfile
90+
delete-branch: true
91+
draft: false
92+
sign-commits: true
93+
labels: |
94+
lgtm
95+
approved
96+
add-paths: |
97+
rpms.lock.yaml
98+
99+
- name: Summary
100+
run: |
101+
if [ "${{ steps.check-lockfile-changes.outputs.changes }}" == "true" ]; then
102+
echo "✅ RPM lockfile updated and created PR: ${{ steps.create-pull-request.outputs.pull-request-url }}"
103+
else
104+
echo "ℹ️ No changes detected in RPM lockfile"
105+
fi

0 commit comments

Comments
 (0)