Check Upstream Releases #833
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # check-upstream-releases.yml — Automatically detects new upstream framework | |
| # releases and creates PRs to update version configurations. | |
| # | |
| # Runs on a cron schedule (every 60 minutes) or via manual dispatch. | |
| # Reads .github/config/autocurrency-tracker.yml for framework definitions. | |
| # Main logic lives in scripts/check-upstream-releases.sh. | |
| name: Check Upstream Releases | |
| on: | |
| # Uncomment to test in PR | |
| # pull_request: | |
| # types: [opened, synchronize] | |
| schedule: | |
| - cron: '0 * * * *' | |
| workflow_dispatch: | |
| inputs: | |
| framework: | |
| description: "Specific framework to check (leave empty for all)" | |
| required: false | |
| type: string | |
| dry-run: | |
| description: "If true, detect but don't create PRs" | |
| required: false | |
| type: boolean | |
| default: false | |
| permissions: | |
| actions: write | |
| jobs: | |
| check-releases: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Decode the GitHub App Private Key | |
| id: decode | |
| run: | | |
| private_key=$(echo "${{ secrets.ASIMOVBOT_APP_PRIVATE_KEY }}" | base64 -d | awk 'BEGIN {ORS="\\n"} {print}' | head -c -2) &> /dev/null | |
| echo "::add-mask::$private_key" | |
| echo "private-key=$private_key" >> "$GITHUB_OUTPUT" | |
| - name: Generate GitHub App Token | |
| id: app-token | |
| uses: actions/create-github-app-token@v1 | |
| with: | |
| app-id: ${{ vars.ASIMOVBOT_APP_ID }} | |
| private-key: ${{ steps.decode.outputs.private-key }} | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: main | |
| fetch-depth: 0 | |
| token: ${{ steps.app-token.outputs.token }} | |
| - name: Install yq | |
| run: | | |
| sudo wget -qO /usr/local/bin/yq \ | |
| https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64 | |
| sudo chmod +x /usr/local/bin/yq | |
| - name: Check upstream releases | |
| env: | |
| GITHUB_TOKEN: ${{ steps.app-token.outputs.token }} | |
| SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} | |
| DRY_RUN: ${{ inputs.dry-run || false }} | |
| FRAMEWORK_FILTER: ${{ inputs.framework || '' }} | |
| run: bash scripts/autocurrency/check-upstream-releases.sh | |
| notify-on-failure: | |
| runs-on: ubuntu-latest | |
| needs: check-releases | |
| if: failure() | |
| steps: | |
| - name: Check if already notified | |
| id: cache | |
| uses: actions/cache/restore@v4 | |
| with: | |
| path: .failure-marker | |
| key: check-releases-failure-notified | |
| - name: Send Slack notification | |
| if: steps.cache.outputs.cache-hit != 'true' | |
| env: | |
| SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} | |
| run: | | |
| curl -s -o /dev/null -w "%{http_code}" \ | |
| --max-time 10 \ | |
| -X POST "$SLACK_WEBHOOK_URL" \ | |
| -H 'Content-Type: application/json' \ | |
| -d '{ | |
| "workflow_name": "autocurrency_failure", | |
| "run_url": "${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}" | |
| }' | |
| - name: Create and cache failure marker | |
| if: steps.cache.outputs.cache-hit != 'true' | |
| run: echo "notified" > .failure-marker | |
| - name: Save failure marker | |
| if: steps.cache.outputs.cache-hit != 'true' | |
| uses: actions/cache/save@v4 | |
| with: | |
| path: .failure-marker | |
| key: check-releases-failure-notified | |
| clear-failure-marker: | |
| runs-on: ubuntu-latest | |
| needs: check-releases | |
| if: success() | |
| steps: | |
| - name: Delete failure marker cache | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| run: | | |
| gh cache delete check-releases-failure-notified \ | |
| -R "${{ github.repository }}" 2>/dev/null || true |