update-checksum-action
https://github.com/aquaproj/update-checksum-action
GitHub Actions to update aqua-checksums.json. If aqua-checksums.json isn't latest, update aqua-checksums.json and push a commit
About aqua's Checksum Verification, please see the document too.
⚠️ Please consider autofix.ci or Securefix Action
We recommend autofix.ci or Securefix Action rather than this action.
Reusable Workflow
Please see update-checksum-workflow.
Requirements
info
As of update-checksum-action v0.2.5, ghcp isn't necessary.
Example
Inputs
working_directory: The working directory whereaqua update-checksumis executed. If this input is not specified, the command is run on the current working directoryprune: If this input istrue,aqua update-checksumis executed with-pruneoption. This option removes unused checksums from the checksum file. If this input is not specified,falseis used.skip_push: If this input istrue, the action checks if the checksum file is up-to-date, but does not push a commit to update it. If this input is not specified,falseis used.read_checksum_token: This token overridesAQUA_GITHUB_TOKENto executesaqua update-checksum. It must havecontents:readpermission about all repositories in tools managed byaqua. This input is useful to fetch checksum from private repositories.securefix_action_server_repository: The GitHub repository for the Securefix Action server. If this is set, this action uses Securefix Action to update aqua-checksums.json.securefix_action_app_id: The GitHub App ID for the Securefix Action client.securefix_action_app_private_key: The GitHub App private key for the Securefix Action client.
Required Environment Variables
GITHUB_TOKEN: GitHub Access Token. This is used to push a commit.
Required permissions: contents: write
info
Unfortunately, fine-grained personal access token is unavailable at the moment because it doesn't support GraphQL API.
https://github.com/cli/cli/issues/6680
2023-04-27 fine-grained access token supports GraphQL API now.
Outputs
Nothing.