From 24dc7b5f14dd547b87c8dbe277692ec04167001a Mon Sep 17 00:00:00 2001
From: Simon Brandhof <simon.brandhof@sonarsource.com>
Date: Tue, 24 Mar 2020 21:33:36 +0100
Subject: [PATCH] SONAR-13155 schedule listing of available dependency upgrades

---
 .../workflows/suggest-dependency-upgrades.yml | 37 +++++++++++++++++++
 1 file changed, 37 insertions(+)
 create mode 100644 .github/workflows/suggest-dependency-upgrades.yml

diff --git a/.github/workflows/suggest-dependency-upgrades.yml b/.github/workflows/suggest-dependency-upgrades.yml
new file mode 100644
index 00000000000..99937a62c3d
--- /dev/null
+++ b/.github/workflows/suggest-dependency-upgrades.yml
@@ -0,0 +1,37 @@
+name: Suggest dependency upgrades
+on:
+# use push to test the bot
+#  push:
+#    branches-ignore:
+#      - 'bot/upgrade_plugins**'
+  schedule:
+    # at 5:00 every Monday
+    - cron:  '0 5 * * MON'
+
+jobs:
+  suggest-upgrades-job:
+    # prevent job to run on public repository sonarsource/sonarqube (on which GitHub Actions are disabled)
+    if: github.repository == 'sonarsource/sonar-enterprise'
+    runs-on: ubuntu-latest
+    name: List available upgrades
+    steps:
+      - uses: actions/checkout@v2
+        with:
+          fetch-depth: 1
+          ref: master
+      - name: Set up JDK
+        uses: actions/setup-java@v1
+        with:
+          java-version: 11
+      - name: Cache Gradle Wrapper
+        uses: actions/cache@v1
+        with:
+          path: ~/.gradle/wrapper
+          key: ${{ runner.os }}-gradlew-${{ hashFiles('**/*.zip') }}
+          restore-keys: ${{ runner.os }}-gradlew
+      - name: Find upgrades
+        env:
+          ARTIFACTORY_PRIVATE_USERNAME: ${{ secrets.REPOX_LOGIN }}
+          ARTIFACTORY_PRIVATE_PASSWORD: ${{ secrets.REPOX_API_KEY }}
+        run: |
+          ./gradlew dependencyUpdates yarn_audit -Drevision=release
-- 
2.39.5