mirror of
https://github.com/rosenpass/rosenpass.git
synced 2026-02-28 06:23:08 -08:00
59 lines
1.8 KiB
YAML
59 lines
1.8 KiB
YAML
name: Dependabot Vet Exemptions
|
|
on:
|
|
pull_request:
|
|
branches:
|
|
- main
|
|
paths:
|
|
- "Cargo.toml"
|
|
- "Cargo.lock"
|
|
|
|
jobs:
|
|
dependabot-cargo-crev-exceptions:
|
|
if: github.actor == 'dependabot[bot]' # Run only for Dependabot PRs
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v4
|
|
with:
|
|
ref: ${{ github.head_ref }}
|
|
token: ${{ secrets.GITHUB_TOKEN }} # Ensure push access
|
|
|
|
- uses: actions/cache@v4
|
|
with:
|
|
path: |
|
|
~/.cargo/bin/
|
|
~/.cargo/registry/index/
|
|
~/.cargo/registry/cache/
|
|
key: cargo-vet-cache
|
|
|
|
- name: Install stable toolchain # Since we are running/compiling cargo-vet, we should rely on the stable toolchain.
|
|
run: |
|
|
rustup toolchain install stable
|
|
rustup default stable
|
|
|
|
- uses: actions/cache@v4
|
|
with:
|
|
path: ${{ runner.tool_cache }}/cargo-vet
|
|
key: cargo-vet-bin
|
|
|
|
- name: Add the tool cache directory to the search path
|
|
run: echo "${{ runner.tool_cache }}/cargo-vet/bin" >> $GITHUB_PATH
|
|
|
|
- name: Ensure that the tool cache is populated with the cargo-vet binary
|
|
run: cargo install --root ${{ runner.tool_cache }}/cargo-vet cargo-vet
|
|
|
|
- name: Regenerate vet exemptions
|
|
run: cargo vet regenerate exemptions
|
|
|
|
- name: Check for changes
|
|
run: git diff --exit-code || echo "Changes detected, committing..."
|
|
|
|
- name: Commit and push changes
|
|
if: success()
|
|
run: |
|
|
git config --global user.name "github-actions[bot]"
|
|
git config --global user.email "github-actions@github.com"
|
|
git add supply-chain./*
|
|
git commit -m "Regenerate cargo vet exemptions"
|
|
git push origin ${{ github.head_ref }}
|