design.plone.contenttypes = 6.3.16 #259
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Create requirements.txt for dependabot | |
| permissions: | |
| contents: write | |
| on: | |
| pull_request: | |
| branches: | |
| - main | |
| jobs: | |
| build: | |
| name: requirements.txt | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout Repository | |
| uses: actions/checkout@v3 | |
| - name: Set up Python | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: "3.11" | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install -r requirements.txt | |
| - name: Build requirements.txt | |
| run: | | |
| cd docker | |
| python create-constraints.py constraints.cfg ../dependabot/requirements.txt | |
| - name: Check for changes | |
| id: git-check | |
| run: | | |
| if [ -n "$(git status --porcelain dependabot/requirements.txt)" ]; then | |
| echo "changed=true" >> $GITHUB_OUTPUT | |
| fi | |
| - name: Build SBOM | |
| if: steps.git-check.outputs.changed == 'true' | |
| run: | | |
| pip install sbom4python==0.12.5 | |
| sbom4python --requirement dependabot/requirements.txt --sbom spdx --format json --output sbom.spdx.json | |
| - name: Commit and push changes | |
| run: | | |
| git config --global user.email "[email protected]" | |
| git config --global user.name "RedTurtle CI BOT" | |
| git add dependabot/requirements.txt sbom.spdx.json | |
| git commit -m "Auto-generate file at $(date)" || exit 0 | |
| # git push https://${{ secrets.GITHUB_TOKEN }}@github.com/${{ github.repository }}.git HEAD:${{ github.ref_name }} | |
| git push https://${{ secrets.GITHUB_TOKEN }}@github.com/${{ github.repository }}.git HEAD:${{ github.head_ref }} | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |