Elgato_dark/fleet
1
0
Fork 0
mirror of https://github.com/fleetdm/fleet synced 2026-05-22 08:28:52 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 107
fleet/.github/workflows/ingest-maintained-apps.yml
Allen Houchins 2470366bac
Update ingest-maintained-apps.yml (#35785) 
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [ ] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.

- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] If paths of existing endpoints are modified without backwards
compatibility, checked the frontend/CLI for any necessary changes

## Testing

- [ ] Added/updated automated tests
- [ ] Where appropriate, [automated tests simulate multiple hosts and
test for host
isolation](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/reference/patterns-backend.md#unit-testing)
(updates to one hosts's records do not affect another)

- [ ] QA'd all new/changed functionality manually

For unreleased bug fixes in a release candidate, one of:

- [ ] Confirmed that the fix is not expected to adversely impact load
test results
- [ ] Alerted the release DRI if additional load testing is needed

## Database migrations

- [ ] Checked schema for all modified table for columns that will
auto-update timestamps during migration.
- [ ] Confirmed that updating the timestamps is acceptable, and will not
cause unwanted side effects.
- [ ] Ensured the correct collation is explicitly set for character
columns (`COLLATE utf8mb4_unicode_ci`).

## New Fleet configuration settings

- [ ] Setting(s) is/are explicitly excluded from GitOps

If you didn't check the box above, follow this checklist for
GitOps-enabled settings:

- [ ] Verified that the setting is exported via `fleetctl
generate-gitops`
- [ ] Verified the setting is documented in a separate PR to [the GitOps
documentation](https://github.com/fleetdm/fleet/blob/main/docs/Configuration/yaml-files.md#L485)
- [ ] Verified that the setting is cleared on the server if it is not
supplied in a YAML file (or that it is documented as being optional)
- [ ] Verified that any relevant UI is disabled when GitOps mode is
enabled

## fleetd/orbit/Fleet Desktop

- [ ] Verified compatibility with the latest released version of Fleet
(see [Must
rule](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/workflows/fleetd-development-and-release-strategy.md))
- [ ] If the change applies to only one platform, confirmed that
`runtime.GOOS` is used as needed to isolate changes
- [ ] Verified that fleetd runs on macOS, Linux and Windows
- [ ] Verified auto-update works from the released version of component
to the new version (see [tools/tuf/test](../tools/tuf/test/README.md))
2025-11-17 15:18:02 -06:00

112 lines
3.6 KiB
YAML
Raw Blame History

name: Ingest maintained apps
on:
push:
branches:
- main
paths:
- 'ee/maintained-apps/**'
workflow_dispatch:
schedule:
- cron: '0 14 * * *'
- cron: '0 21 * * *'
permissions:
contents: read
pull-requests: read
jobs:
build:
permissions:
contents: write # Required to push new branch
pull-requests: write # Required to open PRs
runs-on: ubuntu-latest
timeout-minutes: 180
steps:
- name: Harden Runner
uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
with:
egress-policy: audit
- name: Get current date and time
id: date
run: echo "::set-output name=date::$(date +'%y%m%d%H%M')"
- name: Checkout Fleet
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
repository: fleetdm/fleet
fetch-depth: 1
ref: ${{ github.head_ref }}
path: fleet
- name: Setup Go
uses: actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34 # v5.3.0
with:
cache: false
go-version-file: 'fleet/go.mod'
- name: Ingest maintained apps
env:
NETWORK_TEST_GITHUB_TOKEN: ${{ secrets.FLEET_RELEASE_GITHUB_PAT }}
run: |
cd fleet
go mod download
go run cmd/maintained-apps/main.go
- name: Search for Existing PRs
id: search_pr
uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410 # v6.4.1
with:
script: |
const { data: pullRequests } = await github.rest.pulls.list({
owner: context.repo.owner,
repo: context.repo.repo,
state: 'open',
per_page: 100
});
return pullRequests.filter(pr => pr.title.includes('Update Fleet-maintained apps') && pr.user.login === 'fleet-release').map(pr => pr.number);
- name: Log Info
run: |
echo "Will close existing PRs: ${{ steps.search_pr.outputs.result }}"
- name: Create Pull Request
id: create-pr
uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e #v7.0.8
with:
token: ${{ secrets.FLEET_RELEASE_GITHUB_PAT }}
base: main
path: fleet
branch: fma-${{ steps.date.outputs.date }}
delete-branch: true
title: "Update Fleet-maintained apps"
commit-message: |
Update Fleet-maintained apps.
Generated automatically with cmd/maintained-apps.
body: Automated ingestion of latest Fleet-maintained app data.
reviewers: allenhouchins
- name: Close Existing PRs
if: steps.search_pr.outputs.result != '[]'
uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410 # v6.4.1
with:
script: |
const prNumbers = JSON.parse('${{ steps.search_pr.outputs.result }}');
const newPrNumber = '${{ steps.create-pr.outputs.pull-request-number }}';
for (const prNumber of prNumbers) {
await github.rest.issues.createComment({
owner: context.repo.owner,
repo: context.repo.repo,
issue_number: prNumber,
body: `Closing in favor of #${newPrNumber}.`,
});
await github.rest.pulls.update({
owner: context.repo.owner,
repo: context.repo.repo,
pull_number: prNumber,
state: 'closed',
});
}
Reference in a new issue View git blame Copy permalink