Skip to content

tools: Update packages with vulnerabilities #113

tools: Update packages with vulnerabilities

tools: Update packages with vulnerabilities #113

name: Validate pip requirements-fixed.txt
on:
pull_request_target:
types: [opened, synchronize, reopened]
branches:
- main
- 'v*-branch'
paths:
- 'scripts/requirements*.txt'
env:
REACT_EMOTE: 'eyes'
jobs:
check-requirements:
runs-on: ubuntu-20.04
steps:
- name: Checkout PR target branch
uses: actions/checkout@v4
with:
token: ${{ secrets.NCS_GITHUB_TOKEN }}
path: ncs/nrf
fetch-depth: 1
- name: Switch to PR source branch
working-directory: ncs/nrf
env:
GITHUB_TOKEN: ${{ secrets.NCS_GITHUB_TOKEN }}
run: gh pr checkout ${{ github.event.pull_request.number }}
- name: Get python version
id: pyv
run: |
sudo snap install --channel=v4 yq
PYTHON_VERSION=$(yq '.python.version' ./ncs/nrf/scripts/tools-versions-linux.yml)
echo "python_version=$PYTHON_VERSION" >> $GITHUB_OUTPUT
- name: Setup python version
uses: actions/setup-python@v4
with:
python-version: '${{ steps.pyv.outputs.python_version }}'
- name: Setup environment
working-directory: ncs
run: |
pip3 install --user -U setuptools wheel pip virtualenv virtualenvwrapper
pip3 install -r nrf/scripts/requirements-base.txt
west init -l nrf
west update --narrow mcuboot zephyr
- name: Execute script diff action
uses: nordicbuilder/action-script-diff@main
with:
github-token: ${{ secrets.NCS_GITHUB_TOKEN }}
message_diff: |
This pr introduces changes to requirements files.
The compiled requirements-fixed.txt has changed.
To automatically add the changed file to this pr react with the :$REACT_EMOTE: emote to this comment and re-run the check.
[Check Run]($GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID)
<details>
<summary>requirements-fixed.txt diff</summary>
\`\`\` diff
$GITDIFF
\`\`\`
</details>
message_success: |
The changes to the 'requirements-fixed.txt' have been added to this PR.
All further changes to any of the requirements file will automatically be applied as long an :$REACT_EMOTE: is present.
script_call: scripts/compile-requirements.sh scripts/requirements-fixed.txt
git_diff_root: ncs/nrf
diff_path: scripts
diff_file: requirements-fixed.txt
reaction_emote: "${{ env.REACT_EMOTE }}"
git_user_name: "Nordic Builder"
git_user_email: "pylon@nordicsemi.no"