diff --git a/.github/workflows/wc-test.yaml b/.github/workflows/wc-test.yaml
index d2a7ebab..c2b8a9cc 100644
--- a/.github/workflows/wc-test.yaml
+++ b/.github/workflows/wc-test.yaml
@@ -30,3 +30,6 @@ jobs:
env:
GITHUB_TOKEN: ${{github.token}}
- run: diff testdata/foo.yaml testdata/foo.yaml.after
+ - run: pinact run -u
+ env:
+ GITHUB_TOKEN: ${{github.token}}
diff --git a/.golangci.yml b/.golangci.yml
index 89ff9161..afc38701 100644
--- a/.golangci.yml
+++ b/.golangci.yml
@@ -2,10 +2,8 @@
linters:
enable-all: true
disable:
- - execinquery # WARN The linter 'execinquery' is deprecated (since v1.58.0) due to: The repository of the linter has been archived by the owner.
- exportloopref # WARN The linter 'exportloopref' is deprecated (since v1.60.2) due to: Since Go1.22 (loopvar) this linter is no longer relevant. Replaced by copyloopvar.
- wsl
- - gomnd
- err113
- lll
- godot
diff --git a/INSTALL.md b/INSTALL.md
new file mode 100644
index 00000000..7f5082fb
--- /dev/null
+++ b/INSTALL.md
@@ -0,0 +1,117 @@
+# Install
+
+pinact is written in Go. So you only have to install a binary in your `PATH`.
+
+There are some ways to install pinact.
+
+1. [Homebrew](#homebrew)
+1. [Scoop](#scoop)
+1. [aqua](#aqua)
+1. [GitHub Releases](#github-releases)
+1. [Build an executable binary from source code yourself using Go](#build-an-executable-binary-from-source-code-yourself-using-go)
+
+## Homebrew
+
+You can install pinact using [Homebrew](https://brew.sh/).
+
+```sh
+brew install suzuki-shunsuke/pinact/pinact
+```
+
+## Scoop
+
+You can install pinact using [Scoop](https://scoop.sh/).
+
+```sh
+scoop bucket add suzuki-shunsuke https://github.com/suzuki-shunsuke/scoop-bucket
+scoop install pinact
+```
+
+## aqua
+
+You can install pinact using [aqua](https://aquaproj.github.io/).
+
+```sh
+aqua g -i suzuki-shunsuke/pinact
+```
+
+## Build an executable binary from source code yourself using Go
+
+```sh
+go install github.com/suzuki-shunsuke/pinact/cmd/pinact@latest
+```
+
+## GitHub Releases
+
+You can download an asset from [GitHub Releases](https://github.com/suzuki-shunsuke/pinact/releases).
+Please unarchive it and install a pre built binary into `$PATH`.
+
+### Verify downloaded assets from GitHub Releases
+
+You can verify downloaded assets using some tools.
+
+1. [GitHub CLI](https://cli.github.com/)
+1. [slsa-verifier](https://github.com/slsa-framework/slsa-verifier)
+1. [Cosign](https://github.com/sigstore/cosign)
+
+### 1. GitHub CLI
+
+You can install GitHub CLI by aqua.
+
+```sh
+aqua g -i cli/cli
+```
+
+```sh
+version=v1.0.0
+asset=pinact_darwin_arm64.tar.gz
+gh release download -R suzuki-shunsuke/pinact "$version" -p "$asset"
+gh attestation verify "$asset" \
+ -R suzuki-shunsuke/pinact \
+ --signer-workflow suzuki-shunsuke/go-release-workflow/.github/workflows/release.yaml
+```
+
+### 2. slsa-verifier
+
+You can install slsa-verifier by aqua.
+
+```sh
+aqua g -i slsa-framework/slsa-verifier
+```
+
+```sh
+version=v1.0.0
+asset=pinact_darwin_arm64.tar.gz
+gh release download -R suzuki-shunsuke/pinact "$version" -p "$asset" -p multiple.intoto.jsonl
+slsa-verifier verify-artifact "$asset" \
+ --provenance-path multiple.intoto.jsonl \
+ --source-uri github.com/suzuki-shunsuke/pinact \
+ --source-tag "$version"
+```
+
+### 3. Cosign
+
+You can install Cosign by aqua.
+
+```sh
+aqua g -i sigstore/cosign
+```
+
+```sh
+version=v1.0.0
+checksum_file="pinact_${version#v}_checksums.txt"
+asset=pinact_darwin_arm64.tar.gz
+gh release download "$version" \
+ -R suzuki-shunsuke/pinact \
+ -p "$asset" \
+ -p "$checksum_file" \
+ -p "${checksum_file}.pem" \
+ -p "${checksum_file}.sig"
+cosign verify-blob \
+ --signature "${checksum_file}.sig" \
+ --certificate "${checksum_file}.pem" \
+ --certificate-identity-regexp 'https://github\.com/suzuki-shunsuke/go-release-workflow/\.github/workflows/release\.yaml@.*' \
+ --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
+ "$checksum_file"
+cat "$checksum_file" | sha256sum -c --ignore-missing
+```
diff --git a/README.md b/README.md
index 249bb75a..4208e4e0 100644
--- a/README.md
+++ b/README.md
@@ -1,6 +1,6 @@
# pinact
-[Motivation](#motivation) | [Install](#install) | [How to use](#how-to-use) | [GitHub Actions](https://github.com/suzuki-shunsuke/pinact-action) | [Configuration](#configuration) | [LICENSE](LICENSE)
+[Motivation](#motivation) | [Install](INSTALL.md) | [How to use](#how-to-use) | [GitHub Actions](https://github.com/suzuki-shunsuke/pinact-action) | [Configuration](#configuration) | [LICENSE](LICENSE)
Pin GitHub Actions versions
@@ -40,7 +40,7 @@ index 84bd67a..5d92e44 100644
permissions:
```
-[pinact also supports verifying version annotations](docs/codes/001.md).
+pinact also supports [verifying version annotations](docs/codes/001.md) and [updating actions](#update-actions).
## Motivation
@@ -79,142 +79,6 @@ If you use linters such as [ghalint](https://github.com/suzuki-shunsuke/ghalint)
3. pinact is useful for non Renovate users
4. [pinact supports verifying version annotations](https://github.com/suzuki-shunsuke/pinact/blob/main/docs/codes/001.md)
-## Install
-
-pinact is written in Go. So you only have to install a binary in your `PATH`.
-
-There are some ways to install pinact.
-
-1. [Homebrew](#homebrew)
-1. [aqua](#aqua)
-1. [GitHub Releases](#github-releases)
-1. [Build an executable binary from source code yourself using Go](#build)
-
-### Homebrew
-
-You can install pinact using [Homebrew](https://brew.sh/).
-
-```console
-$ brew install suzuki-shunsuke/pinact/pinact
-```
-
-### aqua
-
-`aqua-registry >= v3.154.0`
-
-You can install pinact using [aqua](https://aquaproj.github.io/).
-
-```console
-$ aqua g -i suzuki-shunsuke/pinact
-```
-
-### GitHub Releases
-
-You can download an asset from [GitHub Reelases](https://github.com/suzuki-shunsuke/pinact/releases).
-Please unarchive it and install a pre built binary into `$PATH`.
-
-
-Verify downloaded assets from GitHub Releases
-
-You can verify downloaded assets using some tools.
-
-1. [GitHub CLI](https://cli.github.com/)
-1. [slsa-verifier](https://github.com/slsa-framework/slsa-verifier)
-1. [Cosign](https://github.com/sigstore/cosign)
-
-#### 1. GitHub CLI
-
-pinact >= v1.0.0
-
-You can install GitHub CLI by aqua.
-
-```sh
-aqua g -i cli/cli
-```
-
-```sh
-gh release download -R suzuki-shunsuke/pinact v1.0.0 -p pinact_darwin_arm64.tar.gz
-gh attestation verify pinact_darwin_arm64.tar.gz \
- -R suzuki-shunsuke/pinact \
- --signer-workflow suzuki-shunsuke/go-release-workflow/.github/workflows/release.yaml
-```
-
-Output:
-
-```
-Loaded digest sha256:73d06ea7c7be9965c47863b2d9c04f298ae1d37edc18e162c540acb4ac030314 for file://pinact_darwin_arm64.tar.gz
-Loaded 1 attestation from GitHub API
-✓ Verification succeeded!
-
-sha256:73d06ea7c7be9965c47863b2d9c04f298ae1d37edc18e162c540acb4ac030314 was attested by:
-REPO PREDICATE_TYPE WORKFLOW
-suzuki-shunsuke/go-release-workflow https://slsa.dev/provenance/v1 .github/workflows/release.yaml@7f97a226912ee2978126019b1e95311d7d15c97a
-```
-
-#### 2. slsa-verifier
-
-You can install slsa-verifier by aqua.
-
-```sh
-aqua g -i slsa-framework/slsa-verifier
-```
-
-```sh
-gh release download -R suzuki-shunsuke/pinact v1.0.0
-slsa-verifier verify-artifact pinact_darwin_arm64.tar.gz \
- --provenance-path multiple.intoto.jsonl \
- --source-uri github.com/suzuki-shunsuke/pinact \
- --source-tag v1.0.0
-```
-
-Output:
-
-```
-Verified signature against tlog entry index 136997022 at URL: https://rekor.sigstore.dev/api/v1/log/entries/108e9186e8c5677ae52579043db716d86ec00ccb03b2032503dc3a5a88d9e8b60c48c3d1cf62c5d1
-Verified build using builder "https://github.com/slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@refs/tags/v2.0.0" at commit 664dfa3048ab7e48a581538740ea9698002703cd
-Verifying artifact pinact_darwin_arm64.tar.gz: PASSED
-
-PASSED: SLSA verification passed
-```
-
-#### 3. Cosign
-
-You can install Cosign by aqua.
-
-```sh
-aqua g -i sigstore/cosign
-```
-
-```sh
-gh release download -R suzuki-shunsuke/pinact v1.0.0
-cosign verify-blob \
- --signature pinact_1.0.0_checksums.txt.sig \
- --certificate pinact_1.0.0_checksums.txt.pem \
- --certificate-identity-regexp 'https://github\.com/suzuki-shunsuke/go-release-workflow/\.github/workflows/release\.yaml@.*' \
- --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
- pinact_1.0.0_checksums.txt
-```
-
-Output:
-
-```
-Verified OK
-```
-
-After verifying the checksum, verify the artifact.
-
-```sh
-cat pinact_1.0.0_checksums.txt | sha256sum -c --ignore-missing
-```
-
-
-
-### Build an executable binary from source code yourself using Go
-
-```sh
-go install github.com/suzuki-shunsuke/pinact/cmd/pinact@latest
-```
-
## GitHub Access token
pinact calls GitHub REST API to get commit hashes and tags.
@@ -256,6 +120,16 @@ $ pinact init '.github/pinact.yaml'
About the configuration, please see [Configuration](#Configuration).
+## Update actions
+
+[#663](https://github.com/suzuki-shunsuke/pinact/pull/663) pinact >= v1.1.0
+
+You can update actions using the `-update (-u)` option:
+
+```sh
+pinact run -u
+```
+
## Verify version annotations
Please see [the document](docs/codes/001.md).
diff --git a/go.mod b/go.mod
index f48a686a..e17695fb 100644
--- a/go.mod
+++ b/go.mod
@@ -5,6 +5,7 @@ go 1.23.2
require (
github.com/google/go-cmp v0.6.0
github.com/google/go-github/v68 v68.0.0
+ github.com/hashicorp/go-version v1.7.0
github.com/mattn/go-colorable v0.1.13
github.com/sirupsen/logrus v1.9.3
github.com/spf13/afero v1.11.0
diff --git a/go.sum b/go.sum
index ae2c10e1..9ededcaf 100644
--- a/go.sum
+++ b/go.sum
@@ -10,6 +10,8 @@ github.com/google/go-github/v68 v68.0.0 h1:ZW57zeNZiXTdQ16qrDiZ0k6XucrxZ2CGmoTvc
github.com/google/go-github/v68 v68.0.0/go.mod h1:K9HAUBovM2sLwM408A18h+wd9vqdLOEqTUCbnRIcx68=
github.com/google/go-querystring v1.1.0 h1:AnCroh3fv4ZBgVIf1Iwtovgjaw/GiKJo8M8yD/fhyJ8=
github.com/google/go-querystring v1.1.0/go.mod h1:Kcdr2DB4koayq7X8pmAG4sNG59So17icRSOU623lUBU=
+github.com/hashicorp/go-version v1.7.0 h1:5tqGy27NaOTB8yJKUZELlFAS/LTKJkrmONwQKeRZfjY=
+github.com/hashicorp/go-version v1.7.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA=
github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA=
github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg=
github.com/mattn/go-isatty v0.0.16 h1:bq3VjFmv/sOjHtdEhmkEV4x1AJtvUvOJ2PFAZ5+peKQ=
diff --git a/pkg/cli/init.go b/pkg/cli/init.go
index 997be682..c749b89f 100644
--- a/pkg/cli/init.go
+++ b/pkg/cli/init.go
@@ -25,7 +25,7 @@ $ pinact init .github/pinact.yaml
}
func (r *Runner) initAction(c *cli.Context) error {
- ctrl := run.New(c.Context)
+ ctrl := run.New(c.Context, &run.InputNew{})
log.SetLevel(c.String("log-level"), r.LogE)
configFilePath := c.Args().First()
if configFilePath == "" {
diff --git a/pkg/cli/run.go b/pkg/cli/run.go
index 1ca3a53d..7d64c43a 100644
--- a/pkg/cli/run.go
+++ b/pkg/cli/run.go
@@ -28,14 +28,21 @@ $ pinact run .github/actions/foo/action.yaml .github/actions/bar/action.yaml
&cli.BoolFlag{
Name: "verify",
Aliases: []string{"v"},
- Usage: "verify if pairs of commit SHA and version are correct",
+ Usage: "Verify if pairs of commit SHA and version are correct",
+ },
+ &cli.BoolFlag{
+ Name: "update",
+ Aliases: []string{"u"},
+ Usage: "Update actions to latest versions",
},
},
}
}
func (r *Runner) runAction(c *cli.Context) error {
- ctrl := run.New(c.Context)
+ ctrl := run.New(c.Context, &run.InputNew{
+ Update: c.Bool("update"),
+ })
log.SetLevel(c.String("log-level"), r.LogE)
pwd, err := os.Getwd()
if err != nil {
diff --git a/pkg/controller/run/controller.go b/pkg/controller/run/controller.go
index dc378c10..bb3d1517 100644
--- a/pkg/controller/run/controller.go
+++ b/pkg/controller/run/controller.go
@@ -10,9 +10,14 @@ import (
type Controller struct {
repositoriesService RepositoriesService
fs afero.Fs
+ update bool
}
-func New(ctx context.Context) *Controller {
+type InputNew struct {
+ Update bool
+}
+
+func New(ctx context.Context, input *InputNew) *Controller {
gh := github.New(ctx)
return &Controller{
repositoriesService: &RepositoriesServiceImpl{
@@ -20,7 +25,8 @@ func New(ctx context.Context) *Controller {
commits: map[string]*GetCommitSHA1Result{},
RepositoriesService: gh.Repositories,
},
- fs: afero.NewOsFs(),
+ fs: afero.NewOsFs(),
+ update: input.Update,
}
}
diff --git a/pkg/controller/run/github.go b/pkg/controller/run/github.go
index d20ad00a..8d229d4e 100644
--- a/pkg/controller/run/github.go
+++ b/pkg/controller/run/github.go
@@ -3,7 +3,9 @@ package run
import (
"context"
"fmt"
+ "sort"
+ "github.com/hashicorp/go-version"
"github.com/suzuki-shunsuke/pinact/pkg/github"
)
@@ -12,14 +14,14 @@ type RepositoriesService interface {
GetCommitSHA1(ctx context.Context, owner, repo, ref, lastSHA string) (string, *github.Response, error)
}
-func (repositoriesService *RepositoriesServiceImpl) GetCommitSHA1(ctx context.Context, owner, repo, ref, lastSHA string) (string, *github.Response, error) {
+func (r *RepositoriesServiceImpl) GetCommitSHA1(ctx context.Context, owner, repo, ref, lastSHA string) (string, *github.Response, error) {
key := fmt.Sprintf("%s/%s/%s", owner, repo, ref)
- a, ok := repositoriesService.commits[key]
+ a, ok := r.commits[key]
if ok {
return a.SHA, a.Response, a.err
}
- sha, resp, err := repositoriesService.RepositoriesService.GetCommitSHA1(ctx, owner, repo, ref, lastSHA)
- repositoriesService.commits[key] = &GetCommitSHA1Result{
+ sha, resp, err := r.RepositoriesService.GetCommitSHA1(ctx, owner, repo, ref, lastSHA)
+ r.commits[key] = &GetCommitSHA1Result{
SHA: sha,
Response: resp,
err: err,
@@ -45,17 +47,39 @@ type GetCommitSHA1Result struct {
err error
}
-func (repositoriesService *RepositoriesServiceImpl) ListTags(ctx context.Context, owner string, repo string, opts *github.ListOptions) ([]*github.RepositoryTag, *github.Response, error) {
+func (r *RepositoriesServiceImpl) ListTags(ctx context.Context, owner string, repo string, opts *github.ListOptions) ([]*github.RepositoryTag, *github.Response, error) {
key := fmt.Sprintf("%s/%s/%v", owner, repo, opts.Page)
- a, ok := repositoriesService.tags[key]
+ a, ok := r.tags[key]
if ok {
return a.Tags, a.Response, a.err
}
- tags, resp, err := repositoriesService.RepositoriesService.ListTags(ctx, owner, repo, opts)
- repositoriesService.tags[key] = &ListTagsResult{
+ tags, resp, err := r.RepositoriesService.ListTags(ctx, owner, repo, opts)
+ r.tags[key] = &ListTagsResult{
Tags: tags,
Response: resp,
err: err,
}
return tags, resp, err //nolint:wrapcheck
}
+
+func (c *Controller) GetLatestVersion(ctx context.Context, owner string, repo string) (string, *github.Response, error) {
+ opts := &github.ListOptions{
+ PerPage: 30, //nolint:mnd
+ }
+ tags, resp, err := c.repositoriesService.ListTags(ctx, owner, repo, opts)
+ if err != nil {
+ return "", resp, fmt.Errorf("list tags: %w", err)
+ }
+ arr := make([]*version.Version, len(tags))
+ for i, tag := range tags {
+ v, err := version.NewVersion(tag.GetName())
+ if err != nil {
+ return "", nil, fmt.Errorf("parse a version: %w", err)
+ }
+ arr[i] = v
+ }
+ sort.Slice(arr, func(i, j int) bool {
+ return arr[i].GreaterThan(arr[j])
+ })
+ return arr[0].Original(), resp, nil
+}
diff --git a/pkg/controller/run/parse_line.go b/pkg/controller/run/parse_line.go
index b709ab58..e8a20b80 100644
--- a/pkg/controller/run/parse_line.go
+++ b/pkg/controller/run/parse_line.go
@@ -73,7 +73,7 @@ func parseAction(line string) *Action {
}
}
-func (c *Controller) parseLine(ctx context.Context, logE *logrus.Entry, line string, cfg *Config) (string, error) { //nolint:cyclop,funlen
+func (c *Controller) parseLine(ctx context.Context, logE *logrus.Entry, line string, cfg *Config) (string, error) {
action := parseAction(line)
if action == nil {
// Ignore a line if the line doesn't use an action.
@@ -98,66 +98,126 @@ func (c *Controller) parseLine(ctx context.Context, logE *logrus.Entry, line str
switch getVersionType(action.Tag) {
case Empty:
- typ := getVersionType(action.Version)
- switch typ {
- case Shortsemver, Semver:
- default:
+ return c.parseNoTagLine(ctx, logE, line, action)
+ case Semver:
+ // @xxx # v3.0.0
+ return c.parseSemverTagLine(ctx, logE, line, cfg, action)
+ case Shortsemver:
+ // @xxx # v3
+ // @ # v3
+ return c.parseShortSemverTagLine(ctx, logE, line, action)
+ default:
+ return line, nil
+ }
+}
+
+func (c *Controller) parseNoTagLine(ctx context.Context, logE *logrus.Entry, line string, action *Action) (string, error) {
+ typ := getVersionType(action.Version)
+ switch typ {
+ case Shortsemver, Semver:
+ default:
+ return line, nil
+ }
+ // @xxx
+ if c.update {
+ // get the latest version
+ lv, _, err := c.GetLatestVersion(ctx, action.RepoOwner, action.RepoName)
+ if err != nil {
+ logerr.WithError(logE, err).Warn("get the latest version")
return line, nil
}
- // @xxx
- // Get commit hash from tag
- // https://docs.github.com/en/rest/git/refs?apiVersion=2022-11-28#get-a-reference
- // > The :ref in the URL must be formatted as heads/ for branches and tags/ for tags. If the :ref doesn't match an existing ref, a 404 is returned.
- sha, _, err := c.repositoriesService.GetCommitSHA1(ctx, action.RepoOwner, action.RepoName, action.Version, "")
+ sha, _, err := c.repositoriesService.GetCommitSHA1(ctx, action.RepoOwner, action.RepoName, lv, "")
if err != nil {
logerr.WithError(logE, err).Warn("get a reference")
return line, nil
}
- longVersion := action.Version
- if typ == Shortsemver {
- v, err := c.getLongVersionFromSHA(ctx, action, sha)
- if err != nil {
- return "", err
- }
- if v != "" {
- longVersion = v
- }
+ return patchLine(action, sha, lv), nil
+ }
+
+ // Get commit hash from tag
+ // https://docs.github.com/en/rest/git/refs?apiVersion=2022-11-28#get-a-reference
+ // > The :ref in the URL must be formatted as heads/ for branches and tags/ for tags. If the :ref doesn't match an existing ref, a 404 is returned.
+ sha, _, err := c.repositoriesService.GetCommitSHA1(ctx, action.RepoOwner, action.RepoName, action.Version, "")
+ if err != nil {
+ logerr.WithError(logE, err).Warn("get a reference")
+ return line, nil
+ }
+ longVersion := action.Version
+ if typ == Shortsemver {
+ v, err := c.getLongVersionFromSHA(ctx, action, sha)
+ if err != nil {
+ return "", err
}
- // @yyy # longVersion
- return patchLine(action, sha, longVersion), nil
- case Semver:
- // verify commit hash
- if !cfg.IsVerify {
- return line, nil
+ if v != "" {
+ longVersion = v
}
- // @xxx # v3.0.0
- // @ # v3.0.0
- if FullCommitSHA != getVersionType(action.Version) {
+ }
+ // @yyy # longVersion
+ return patchLine(action, sha, longVersion), nil
+}
+
+func (c *Controller) parseSemverTagLine(ctx context.Context, logE *logrus.Entry, line string, cfg *Config, action *Action) (string, error) {
+ // @xxx # v3.0.0
+ if c.update {
+ // get the latest version
+ lv, _, err := c.GetLatestVersion(ctx, action.RepoOwner, action.RepoName)
+ if err != nil {
+ logerr.WithError(logE, err).Warn("get the latest version")
return line, nil
}
- if err := c.verify(ctx, action); err != nil {
- return "", fmt.Errorf("verify the version annotation: %w", err)
+ if action.Tag != lv {
+ sha, _, err := c.repositoriesService.GetCommitSHA1(ctx, action.RepoOwner, action.RepoName, lv, "")
+ if err != nil {
+ logerr.WithError(logE, err).Warn("get a reference")
+ return line, nil
+ }
+ return patchLine(action, sha, lv), nil
}
+ }
+ // verify commit hash
+ if !cfg.IsVerify {
return line, nil
- case Shortsemver:
- // @xxx # v3
- // @ # v3
- if FullCommitSHA != getVersionType(action.Version) {
+ }
+ // @xxx # v3.0.0
+ // @ # v3.0.0
+ if FullCommitSHA != getVersionType(action.Version) {
+ return line, nil
+ }
+ if err := c.verify(ctx, action); err != nil {
+ return "", fmt.Errorf("verify the version annotation: %w", err)
+ }
+ return line, nil
+}
+
+func (c *Controller) parseShortSemverTagLine(ctx context.Context, logE *logrus.Entry, line string, action *Action) (string, error) {
+ // @xxx # v3
+ // @ # v3
+ if FullCommitSHA != getVersionType(action.Version) {
+ return line, nil
+ }
+ if c.update {
+ lv, _, err := c.GetLatestVersion(ctx, action.RepoOwner, action.RepoName)
+ if err != nil {
+ logerr.WithError(logE, err).Warn("get the latest version")
return line, nil
}
- // replace Shortsemer to Semver
- longVersion, err := c.getLongVersionFromSHA(ctx, action, action.Version)
+ sha, _, err := c.repositoriesService.GetCommitSHA1(ctx, action.RepoOwner, action.RepoName, lv, "")
if err != nil {
- return "", err
- }
- if longVersion == "" {
- logE.Debug("failed to get a long tag")
+ logerr.WithError(logE, err).Warn("get a reference")
return line, nil
}
- return patchLine(action, action.Version, longVersion), nil
- default:
+ return patchLine(action, sha, lv), nil
+ }
+ // replace Shortsemer to Semver
+ longVersion, err := c.getLongVersionFromSHA(ctx, action, action.Version)
+ if err != nil {
+ return "", err
+ }
+ if longVersion == "" {
+ logE.Debug("failed to get a long tag")
return line, nil
}
+ return patchLine(action, action.Version, longVersion), nil
}
func patchLine(action *Action, version, tag string) string {
diff --git a/pkg/controller/run/run.go b/pkg/controller/run/run.go
index d7962157..c6a7ecd4 100644
--- a/pkg/controller/run/run.go
+++ b/pkg/controller/run/run.go
@@ -16,6 +16,7 @@ type ParamRun struct {
ConfigFilePath string
PWD string
IsVerify bool
+ Update bool
}
func (c *Controller) Run(ctx context.Context, logE *logrus.Entry, param *ParamRun) error {