Skip to content

Bump ch.qos.logback:logback-classic from 1.4.11 to 1.4.12 in /data-plane #356

Bump ch.qos.logback:logback-classic from 1.4.11 to 1.4.12 in /data-plane

Bump ch.qos.logback:logback-classic from 1.4.11 to 1.4.12 in /data-plane #356

# This workflow runs with a READ-ONLY GITHUB_TOKEN
# https://github.blog/changelog/2021-02-19-github-actions-workflows-triggered-by-dependabot-prs-will-run-with-read-only-permissions/
# This action will run a `mvn license:aggregate-add-third-party` without write access to the repository
# The completion of this workflow triggers the `Update Dependabot Maven PR`
# workflow which has a read-write GITHUB_TOKEN, extracting the changes to
# license files and pushing these to back to the Dependabot PR branch.
name: Build Dependabot Maven PR
on:
push:
branches:
- "dependabot/maven**"
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Setup java
uses: actions/setup-java@v1
with:
java-version: 17
- run: mvn --no-transfer-progress -B --file data-plane/pom.xml -Dlicense.outputDirectory=. license:aggregate-add-third-party
- run: mkdir ./dependabot-pr
- name: Save branch ref
run: echo ${{ github.ref }} | sed 's/refs\/heads\///' > ./dependabot-pr/BRANCH_REF
- name: Configure git
run: |
git config --local user.email "automation@knative.team"
git config --local user.name "Knative Automation"
# NOTE: Prefixing/appending commit messages with `[dependabot skip]` allows
# dependabot to rebase/update the pull request, force-pushing over any changes
- name: Commit and copy license changes
run: |
if [[ $(git status | grep 'data-plane/THIRD-PARTY.txt') ]]; then
git add data-plane/THIRD-PARTY.txt
git commit --signoff -m "[dependabot skip] Update data-plane/THIRD-PARTY.txt"
git format-patch -n HEAD^ --binary --stdout > ./dependabot-pr/changes.patch
else
echo "Licenses were not changed"
fi
# NOTE: Use actions/upload-artifact instead of actions/cache as the
# workflow triggered on the default branch doesn't have access to caches
# created on feature branches
- uses: actions/upload-artifact@v2
with:
name: dependabot-pr
path: dependabot-pr/