name: Check Vendor Updates on: schedule: # Run daily at 2 AM UTC - cron: '0 2 * * *' workflow_dispatch: # Allow manual triggering jobs: check-vendor: runs-on: ubuntu-latest steps: - name: Checkout repository uses: actions/checkout@v4 with: token: ${{ secrets.GITHUB_TOKEN }} - name: Set up Python uses: actions/setup-python@v5 with: python-version: '3.11' cache: 'pip' - name: Install dependencies run: | cd scripts pip install -r requirements.txt - name: Generate manifest from site data run: | python scripts/vendor_update.py --scan-only - name: Check for updates id: check-updates env: GITHUB_API_TOKEN: ${{ secrets.GITHUB_API_TOKEN }} run: | python scripts/check_updates.py \ --manifest manifest/vendor_manifest.json \ --output report.json || true continue-on-error: true - name: Read update report id: read-report if: always() run: | if [ -f report.json ]; then OUT_OF_DATE=$(python -c "import json; r=json.load(open('report.json')); print(r.get('out_of_date', 0))") echo "out_of_date=$OUT_OF_DATE" >> $GITHUB_OUTPUT echo "has_updates=$([ $OUT_OF_DATE -gt 0 ] && echo 'true' || echo 'false')" >> $GITHUB_OUTPUT else echo "out_of_date=0" >> $GITHUB_OUTPUT echo "has_updates=false" >> $GITHUB_OUTPUT fi - name: Get out-of-date entry IDs id: get-entries if: steps.read-report.outputs.has_updates == 'true' run: | python -c " import json with open('report.json') as f: report = json.load(f) entries = [e['id'] for e in report['entries'] if e.get('status') == 'out-of-date'] entry_ids = ','.join(entries) print(f'entry_ids={entry_ids}') " >> $GITHUB_OUTPUT || echo "entry_ids=" >> $GITHUB_OUTPUT - name: Create update branch if: steps.read-report.outputs.has_updates == 'true' run: | TIMESTAMP=$(date +%Y%m%d-%H%M%S) ENTRY_IDS=$(echo "${{ steps.get-entries.outputs.entry_ids }}" | tr ',' '-' | cut -c1-50) BRANCH_NAME="vendor-update/${TIMESTAMP}-${ENTRY_IDS}" git config user.name "github-actions[bot]" git config user.email "github-actions[bot]@users.noreply.github.com" git checkout -b "$BRANCH_NAME" echo "BRANCH_NAME=$BRANCH_NAME" >> $GITHUB_ENV - name: Update vendored files if: steps.read-report.outputs.has_updates == 'true' env: GITHUB_API_TOKEN: ${{ secrets.GITHUB_API_TOKEN }} run: | ENTRY_IDS="${{ steps.get-entries.outputs.entry_ids }}" for entry_id in $(echo "$ENTRY_IDS" | tr ',' ' '); do echo "Updating entry: $entry_id" python scripts/vendor_update.py \ --manifest manifest/vendor_manifest.json \ --entry "$entry_id" \ --sync-site done - name: Run site build (if available) if: steps.read-report.outputs.has_updates == 'true' run: | if [ -f website/package.json ]; then cd website npm ci || npm install npm run build || echo "Build failed but continuing..." else echo "No website build step found, skipping..." fi - name: Commit and push changes if: steps.read-report.outputs.has_updates == 'true' run: | git add manifest/vendor_manifest.json vendor/ website/src/data/components/ if git diff --staged --quiet; then echo "No changes to commit" exit 0 fi git commit -m "chore: update vendored files Updated $(echo "${{ steps.get-entries.outputs.entry_ids }}" | tr ',' ' ' | wc -w) vendored file(s): $(echo "${{ steps.get-entries.outputs.entry_ids }}" | tr ',' '\n' | sed 's/^/ - /') Auto-generated by check-vendor workflow" git push origin "$BRANCH_NAME" - name: Create Pull Request if: steps.read-report.outputs.has_updates == 'true' uses: peter-evans/create-pull-request@v5 with: token: ${{ secrets.GITHUB_TOKEN }} branch: ${{ env.BRANCH_NAME }} title: "chore: Update vendored files" body: | ## Vendor Update This PR updates vendored files that have changed upstream. **Updated entries:** ${{ steps.get-entries.outputs.entry_ids }} **Report:** - Total entries checked: ${{ steps.read-report.outputs.out_of_date }} - Out-of-date entries: ${{ steps.read-report.outputs.out_of_date }} ### Changes - Updated manifest with new commit SHAs - Downloaded latest versions of changed files - Synced vendor metadata to site component JSON files ### Verification - [ ] Manifest updated correctly - [ ] Files downloaded and checksums verified - [ ] Site JSON files updated with vendor metadata - [ ] Site build passes (if applicable) --- *This PR was automatically created by the check-vendor workflow.* labels: | automated vendor-update draft: false - name: Summary if: always() run: | if [ "${{ steps.read-report.outputs.has_updates }}" == "true" ]; then echo "## ✅ Updates Available" >> $GITHUB_STEP_SUMMARY echo "" >> $GITHUB_STEP_SUMMARY echo "Found ${{ steps.read-report.outputs.out_of_date }} out-of-date entries." >> $GITHUB_STEP_SUMMARY echo "Created PR: vendor-update/${{ env.BRANCH_NAME }}" >> $GITHUB_STEP_SUMMARY else echo "## ✅ All Up-to-Date" >> $GITHUB_STEP_SUMMARY echo "" >> $GITHUB_STEP_SUMMARY echo "All vendored files are up-to-date with upstream." >> $GITHUB_STEP_SUMMARY fi