1616
1717permissions :
1818 contents : read
19- pull-requests : read
2019
2120defaults :
2221 run :
2726 runs-on : [self-hosted, Linux, X64, "1ES.Pool=hld-kvm-amd"]
2827 timeout-minutes : 15
2928 steps :
30- # Fetch metadata about the Dependabot PR
31- - name : Dependabot metadata
32- id : metadata
33- uses : dependabot/fetch-metadata@v2
34- with :
35- github-token : " ${{ secrets.GITHUB_TOKEN }}"
36-
37- # Only proceed for cargo ecosystem updates
38- - name : Check if cargo update
39- id : check-ecosystem
40- run : |
41- if [ "${{ steps.metadata.outputs.package-ecosystem }}" = "cargo" ]; then
42- echo "is_cargo=true" >> "$GITHUB_OUTPUT"
43- else
44- echo "is_cargo=false" >> "$GITHUB_OUTPUT"
45- echo "Skipping non-cargo dependency update"
46- fi
47-
4829 # Get GitHub App token for pushing commits back to the PR
4930 # Uses the same app as auto-merge-dependabot.yml
5031 - name : Get GitHub App token
51- if : steps.check-ecosystem.outputs.is_cargo == 'true'
5232 uses : actions/create-github-app-token@v2
5333 id : get-app-token
5434 with :
5737 permission-contents : write
5838
5939 - name : Checkout PR branch
60- if : steps.check-ecosystem.outputs.is_cargo == 'true'
6140 uses : actions/checkout@v6
6241 with :
6342 token : ${{ steps.get-app-token.outputs.token }}
@@ -66,30 +45,25 @@ jobs:
6645 persist-credentials : false
6746
6847 - name : Setup Rust toolchain
69- if : steps.check-ecosystem.outputs.is_cargo == 'true'
7048 uses : hyperlight-dev/ci-setup-workflow@v1.8.0
7149 with :
7250 rust-toolchain : " 1.89"
7351 env :
7452 GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
7553
7654 - name : Fix cargo home permissions
77- if : steps.check-ecosystem.outputs.is_cargo == 'true'
7855 run : |
7956 sudo chown -R $(id -u):$(id -g) /opt/cargo || true
8057
8158name : Update simpleguest Cargo.lock
82- if : steps.check-ecosystem.outputs.is_cargo == 'true'
8359 working-directory : src/tests/rust_guests/simpleguest
8460 run : cargo fetch
8561
8662 - name : Update dummyguest Cargo.lock
87- if : steps.check-ecosystem.outputs.is_cargo == 'true'
8863 working-directory : src/tests/rust_guests/dummyguest
8964 run : cargo fetch
9065
9166 - name : Update witguest Cargo.lock
92- if : steps.check-ecosystem.outputs.is_cargo == 'true'
9367 working-directory : src/tests/rust_guests/witguest
9468 run : cargo fetch
9569
@@ -105,11 +79,10 @@ jobs:
10579 # - Git Data API (Create a commit):
10680 # https://docs.github.com/en/rest/git/commits#create-a-commit
10781 - name : Commit and push changes via API
108- if : steps.check-ecosystem.outputs.is_cargo == 'true'
10982 env :
11083 GH_TOKEN : ${{ steps.get-app-token.outputs.token }}
11184 APP_SLUG : ${{ steps.get-app-token.outputs.app-slug }}
112- DEPENDENCY_NAMES : ${{ steps.metadata.outputs.dependency-names }}
85+ PR_TITLE : ${{ github.event.pull_request.title }}
11386 BRANCH : ${{ github.head_ref }}
11487 REPO : ${{ github.repository }}
11588 run : |
@@ -157,7 +130,7 @@ jobs:
157130 COMMIT_MSG=$(printf '%s\n\n%s\n%s\n\n%s' \
158131 "chore: update guest Cargo.lock files" \
159132 "Automatically updated by dependabot-update-guest-locks workflow." \
160- "Triggered by: ${DEPENDENCY_NAMES }" \
133+ "Triggered by: ${PR_TITLE }" \
161134 "Signed-off-by: ${SIGNOFF}")
162135
163136 # Create commit via API — GitHub signs it automatically since we
0 commit comments