--- /dev/null
+name: Suggest dependency upgrades
+on:
+# use push to test the bot
+# push:
+# branches-ignore:
+# - 'bot/upgrade_plugins**'
+ schedule:
+ # at 5:00 every Monday
+ - cron: '0 5 * * MON'
+
+jobs:
+ suggest-upgrades-job:
+ # prevent job to run on public repository sonarsource/sonarqube (on which GitHub Actions are disabled)
+ if: github.repository == 'sonarsource/sonar-enterprise'
+ runs-on: ubuntu-latest
+ name: List available upgrades
+ steps:
+ - uses: actions/checkout@v2
+ with:
+ fetch-depth: 1
+ ref: master
+ - name: Set up JDK
+ uses: actions/setup-java@v1
+ with:
+ java-version: 11
+ - name: Cache Gradle Wrapper
+ uses: actions/cache@v1
+ with:
+ path: ~/.gradle/wrapper
+ key: ${{ runner.os }}-gradlew-${{ hashFiles('**/*.zip') }}
+ restore-keys: ${{ runner.os }}-gradlew
+ - name: Find upgrades
+ env:
+ ARTIFACTORY_PRIVATE_USERNAME: ${{ secrets.REPOX_LOGIN }}
+ ARTIFACTORY_PRIVATE_PASSWORD: ${{ secrets.REPOX_API_KEY }}
+ run: |
+ ./gradlew dependencyUpdates yarn_audit -Drevision=release
projects / sonarqube.git / commitdiff