From 3c734e03ac3b52a82ffe2023e6a64fcc30519503 Mon Sep 17 00:00:00 2001
From: Jelle van der Waa <jvanderwaa@redhat.com>
Date: Tue, 19 Mar 2024 10:37:34 +0100
Subject: [PATCH] workflows: add tasks-container-update workflow

This workflow tries to update our cockpit CI container on a weekly
interval.
---
 .github/workflows/tasks-container-update.yml | 34 ++++++++++++++++++++
 1 file changed, 34 insertions(+)
 create mode 100644 .github/workflows/tasks-container-update.yml

diff --git a/.github/workflows/tasks-container-update.yml b/.github/workflows/tasks-container-update.yml
new file mode 100644
index 0000000..d0498bd
--- /dev/null
+++ b/.github/workflows/tasks-container-update.yml
@@ -0,0 +1,34 @@
+name: tasks-container-update
+on:
+  schedule:
+    - cron: '0 2 * * 4'
+  # can be run manually on https://github.com/cockpit-project/starter-kit/actions
+  workflow_dispatch:
+jobs:
+  tasks-container-update:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      pull-requests: write
+      statuses: write
+    container:
+      image: quay.io/cockpit/tasks
+      options: --user root
+    steps:
+      - name: Set up configuration and secrets
+        run: |
+          printf '[user]\n\tname = Cockpit Project\n\temail=cockpituous@gmail.com\n' > ~/.gitconfig
+          mkdir -p ~/.config
+          echo '${{ secrets.GITHUB_TOKEN }}' > ~/.config/github-token
+
+      - name: Clone repository
+        uses: actions/checkout@v4
+
+      # https://github.blog/2022-04-12-git-security-vulnerability-announced/
+      - name: Pacify git's permission check
+        run: git config --global --add safe.directory /__w/starter-kit/starter-kit
+
+      - name: Run tasks-container-update
+        run: |
+          make bots
+          bots/tasks-container-update