Skip to content

Poll Starter Workflows #3470

Poll Starter Workflows

Poll Starter Workflows #3470

name: Poll Starter Workflows
on:
schedule:
- cron: "0 */6 * * *"
workflow_dispatch:
env:
STARTER_WORKFLOW_PATH: "./resources/yaml/"
STARTER_WORKFLOW_REPO_BRANCH: "main"
permissions:
contents: read
jobs:
poll:
permissions:
contents: write # for peter-evans/create-pull-request to create branch
pull-requests: write # for peter-evans/create-pull-request to create a PR
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
with:
egress-policy: audit
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- name: Download starter workflows
run: |
# get deployment workflows
echo "Calling GitHub API for starter workflows"
curl \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/repos/actions/starter-workflows/contents/deployments?ref=$STARTER_WORKFLOW_REPO_BRANCH \
| jq -c '.[]' | while read -r workflow;
do
# extract fields
name=$(echo $workflow | jq '.name' -r)
downloadUrl=$(echo $workflow | jq '.download_url' -r)
sha=$(echo $workflow | jq '.sha' -r)
# download workflow if it's an AKS workflow
echo "Checking workflow $name"
if [[ ( $name == azure-kubernetes-service* ) ]] ;
then
echo "Downloading starter workflow $name"
mkdir -p $STARTER_WORKFLOW_PATH && touch $STARTER_WORKFLOW_PATH$name
wget -O $STARTER_WORKFLOW_PATH$name $downloadUrl
fi
done
- name: Create Pull Request
uses: peter-evans/create-pull-request@c5a7806660adbe173f04e3e038b0ccdcd758773c # v6.1.0
with:
commit-message: update starter workflows
title: Automated Update Starter Workflows
body: This is an auto-generated PR. The starter workflow repo has changes not in this repository. Closing this PR stops all future alerts for these particular file changes.
branch: starter-workflow-updates