gt update #31
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# | |
# __ __ | |
# / /____ ___ ____ ___ ___ _/ / This script is provided to you by https://github.com/tegonal/gt | |
# / __/ -_) _ `/ _ \/ _ \/ _ `/ / It is licensed under European Union Public License 1.2 | |
# \__/\__/\_, /\___/_//_/\_,_/_/ Please report bugs and contribute back your improvements | |
# /___/ | |
# Version: v0.13.3 | |
# | |
################################### | |
name: "gt update" | |
on: | |
schedule: | |
- cron: '0 4 * * MON' | |
workflow_dispatch: | |
jobs: | |
Update: | |
runs-on: ubuntu-latest | |
if: github.repository_owner == 'tegonal' | |
steps: | |
- name: Import gpg key(s) defined in vars.PUBLIC_GPG_KEYS_WE_TRUST and secrets.PUBLIC_GPG_KEYS_WE_TRUST | |
run: | | |
gpg --import - <<< "${{ vars.PUBLIC_GPG_KEYS_WE_TRUST }}" && success=true \ | |
|| (echo "could not import GPG keys via vars.PUBLIC_GPG_KEYS_WE_TRUST -- maybe it's not defined"; exit 1) && \ | |
false || gpg --import - <<< "${{ secrets.PUBLIC_GPG_KEYS_WE_TRUST }}" && success=true \ | |
|| (echo "could not import GPG keys via secrets.PUBLIC_GPG_KEYS_WE_TRUST -- maybe it's not defined"; exit 1) && \ | |
false || "${success:-false}" && echo "was able to import GPGs either via vars or secrets (or via both -- see above)" | |
- uses: actions/checkout@v4 | |
- name: Install gt | |
run: | | |
set -e | |
# see install.doc.sh in https://github.com/tegonal/gt, MODIFY THERE NOT HERE (please report bugs) | |
currentDir=$(pwd) && \ | |
tmpDir=$(mktemp -d -t gt-download-install-XXXXXXXXXX) && cd "$tmpDir" && \ | |
wget "https://raw.githubusercontent.com/tegonal/gt/main/.gt/signing-key.public.asc" && \ | |
wget "https://raw.githubusercontent.com/tegonal/gt/main/.gt/signing-key.public.asc.sig" && \ | |
gpg --verify ./signing-key.public.asc.sig ./signing-key.public.asc && \ | |
echo "public key trusted" && \ | |
mkdir ./gpg && \ | |
gpg --homedir ./gpg --import ./signing-key.public.asc && \ | |
wget "https://raw.githubusercontent.com/tegonal/gt/v0.13.3/install.sh" && \ | |
wget "https://raw.githubusercontent.com/tegonal/gt/v0.13.3/install.sh.sig" && \ | |
gpg --homedir ./gpg --verify ./install.sh.sig ./install.sh && \ | |
chmod +x ./install.sh && \ | |
echo "verification successful" || (echo "!! verification failed, don't continue !!"; exit 1) && \ | |
./install.sh && result=true || (echo "installation failed"; exit 1) && \ | |
false || cd "$currentDir" && rm -r "$tmpDir" && "${result:-false}" | |
# end install.doc.sh | |
- name: reset gpg keys | |
run: gt reset --gpg-only true | |
- name: gt update | |
run: gt update | |
- name: git status | |
run: git status | |
- name: Create pull request if necessary | |
uses: peter-evans/create-pull-request@v5 | |
with: | |
branch: gt/update | |
base: main | |
title: Changes via gt update | |
commit-message: update files pulled via gt | |
body: "following the changes after running `gt update` (among other things)" | |
delete-branch: true | |
token: ${{ secrets.AUTO_PR_TOKEN }} | |
push-to-fork: ${{ secrets.AUTO_PR_FORK_NAME }} |