Skip to content

Dependency Bot

Dependency Bot #402

Workflow file for this run

# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
name: Dependency Bot
on:
workflow_dispatch:
schedule:
- cron: "0 4 * * *"
jobs:
bump-velox:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Generate a token
id: generate-token
uses: actions/create-github-app-token@v1
with:
app-id: ${{ vars.BOT_APP_ID }}
private-key: ${{ secrets.BOT_PRIVATE_KEY }}
- name: Update version files
run: |
bash .github/workflows/scripts/bot-dep/bump-velox.sh
- name: Create Pull Request
id: cpr
uses: peter-evans/create-pull-request@v7
with:
token: ${{ steps.generate-token.outputs.token }}
commit-message: '[BOT] Bump Velox version'
title: '[BOT] Bump Velox version'
body: |
${{ env.BUMP_VELOX_DESCRIPTION }}
branch: bump-velox-${{ github.run_number }}
sign-commits: true
- name: Enable Pull Request Auto-Merge
if: steps.cpr.outputs.pull-request-operation == 'created'
uses: peter-evans/enable-pull-request-automerge@v3
with:
token: ${{ steps.generate-token.outputs.token }}
pull-request-number: ${{ steps.cpr.outputs.pull-request-number }}
merge-method: squash