Skip to content

PR for latest Anchore tools #552

PR for latest Anchore tools

PR for latest Anchore tools #552

name: PR for latest Anchore tools
# 7:04 UTC Mon-Fri; (2:04 am EST)
- cron: '4 7 * * 1-5'
# Allows you to run this workflow manually from the Actions tab
runs-on: ubuntu-latest
- uses: actions/checkout@v2
- name: Trigger Makefile action
run: make upgrade-syft
- name: Create Pull Request
uses: peter-evans/create-pull-request@v3
signoff: true
delete-branch: true
branch: auto/latest-syft
labels: dependencies
commit-message: 'Upgrade to Syft ${{ env.syft_v }}'
title: 'Upgrade to Syft ${{ env.syft_v }}'
body: |
This is an auto-generated pull request to upgrade to [Syft ${{ env.syft_v }}](${{ env.syft_v }}).
**Do not commit to this branch.**
- The GitHub Action will force-push over your commits the next time it runs.
- If the Syft upgrade is safe as-is (manual and automated tests pass), go ahead and approve + merge.
- If production or test code must be updated, do so in a separate branch.
- Run `make upgrade-syft` to apply the same change the GitHub Action is performing.
runs-on: ubuntu-latest
- uses: actions/checkout@v2
- name: Trigger Makefile action
run: make upgrade-grype
- name: Create Pull Request
uses: peter-evans/create-pull-request@v3
signoff: true
delete-branch: true
branch: auto/latest-grype
labels: dependencies
commit-message: 'Upgrade to Grype ${{ env.grype_v }}'
title: 'Upgrade to Grype ${{ env.grype_v }}'
body: |
This is an auto-generated pull request to upgrade to [Grype ${{ env.grype_v }}](${{ env.grype_v }}).
**Do not commit to this branch.**
- The GitHub Action will force-push over your commits the next time it runs.
- If the Grype upgrade is safe as-is (manual and automated tests pass), go ahead and approve + merge.
- If production or test code must be updated, do so in a separate branch.
- Run `make upgrade-grype` to apply the same change the GitHub Action is performing.