Update Syft CLI #563

Workflow file for this run

.github/workflows/pb-update-syft-cli.yml at 57deab0

	name: Update Syft CLI
	"on":
	schedule:
	- cron: 0 5 * * 1-5
	workflow_dispatch: {}
	jobs:
	update:
	name: Update Buildpack Dependency
	runs-on:
	- ubuntu-latest
	steps:
	- uses: actions/setup-go@v5
	with:
	go-version: "1.22"
	- name: Install update-buildpack-dependency
	run: \|
	#!/usr/bin/env bash

	set -euo pipefail

	go install -ldflags="-s -w" github.com/paketo-buildpacks/libpak/cmd/update-buildpack-dependency@latest
	- uses: buildpacks/github-actions/[email protected]
	with:
	crane-version: 0.19.1
	yj-version: 5.1.0
	- uses: actions/checkout@v4
	- id: dependency
	uses: docker://ghcr.io/paketo-buildpacks/actions/github-release-dependency:main
	with:
	glob: syft_.+_linux_amd64.tar.gz
	owner: anchore
	repository: syft
	tag_filter: v(1.*)
	token: ${{ secrets.PAKETO_BOT_GITHUB_TOKEN }}
	- name: Update Buildpack Dependency
	id: buildpack
	run: \|
	#!/usr/bin/env bash

	set -euo pipefail

	VERSION_DEPS=$(yj -tj < buildpack.toml \| jq -r ".metadata.dependencies[] \| select( .id == env.ID ) \| select( .version \| test( env.VERSION_PATTERN ) )")
	ARCH=${ARCH:-amd64}
	OLD_VERSION=$(echo "$VERSION_DEPS" \| jq -r 'select( .purl \| contains( env.ARCH ) ) \| .version')

	if [ -z "$OLD_VERSION" ]; then
	ARCH="" # empty means noarch
	OLD_VERSION=$(echo "$VERSION_DEPS" \| jq -r ".version")
	fi

	update-buildpack-dependency \
	--buildpack-toml buildpack.toml \
	--id "${ID}" \
	--arch "${ARCH}" \
	--version-pattern "${VERSION_PATTERN}" \
	--version "${VERSION}" \
	--cpe-pattern "${CPE_PATTERN:-}" \
	--cpe "${CPE:-}" \
	--purl-pattern "${PURL_PATTERN:-}" \
	--purl "${PURL:-}" \
	--uri "${URI}" \
	--sha256 "${SHA256}" \
	--source "${SOURCE_URI}" \
	--source-sha256 "${SOURCE_SHA256}"

	git add buildpack.toml
	git checkout -- .

	if [ "$(echo "$OLD_VERSION" \| awk -F '.' '{print $1}')" != "$(echo "$VERSION" \| awk -F '.' '{print $1}')" ]; then
	LABEL="semver:major"
	elif [ "$(echo "$OLD_VERSION" \| awk -F '.' '{print $2}')" != "$(echo "$VERSION" \| awk -F '.' '{print $2}')" ]; then
	LABEL="semver:minor"
	else
	LABEL="semver:patch"
	fi

	echo "old-version=${OLD_VERSION}" >> "$GITHUB_OUTPUT"
	echo "new-version=${VERSION}" >> "$GITHUB_OUTPUT"
	echo "version-label=${LABEL}" >> "$GITHUB_OUTPUT"
	env:
	ARCH: ""
	CPE: ${{ steps.dependency.outputs.cpe }}
	CPE_PATTERN: ""
	ID: syft
	PURL: ${{ steps.dependency.outputs.purl }}
	PURL_PATTERN: ""
	SHA256: ${{ steps.dependency.outputs.sha256 }}
	SOURCE_SHA256: ${{ steps.dependency.outputs.source_sha256 }}
	SOURCE_URI: ${{ steps.dependency.outputs.source }}
	URI: ${{ steps.dependency.outputs.uri }}
	VERSION: ${{ steps.dependency.outputs.version }}
	VERSION_PATTERN: '[\d]+\.[\d]+\.[\d]+'
	- uses: peter-evans/create-pull-request@v6
	with:
	author: ${{ secrets.JAVA_GITHUB_USERNAME }} <${{ secrets.JAVA_GITHUB_USERNAME }}@users.noreply.github.com>
	body: Bumps `Syft CLI` from `${{ steps.buildpack.outputs.old-version }}` to `${{ steps.buildpack.outputs.new-version }}`.
	branch: update/buildpack/syft-cli
	commit-message: \|-
	Bump Syft CLI from ${{ steps.buildpack.outputs.old-version }} to ${{ steps.buildpack.outputs.new-version }}

	Bumps Syft CLI from ${{ steps.buildpack.outputs.old-version }} to ${{ steps.buildpack.outputs.new-version }}.
	delete-branch: true
	labels: ${{ steps.buildpack.outputs.version-label }}, type:dependency-upgrade
	signoff: true
	title: Bump Syft CLI from ${{ steps.buildpack.outputs.old-version }} to ${{ steps.buildpack.outputs.new-version }}
	token: ${{ secrets.PAKETO_BOT_GITHUB_TOKEN }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Update Syft CLI #563

Workflow file

Update Syft CLI #563

Jobs

Run details

Workflow file for this run