name: Dependabot on: schedule: - cron: "0 8 * * 1" workflow_dispatch: # Allow manual triggering permissions: id-token: write contents: write jobs: get-release-branch-names: runs-on: ubuntu-latest environment: nemo-ci outputs: mcore: ${{ steps.get-branch.outputs.mcore_release_branch }} steps: - name: Get release branch names id: get-branch env: PAT: ${{ secrets.PAT }} run: | latest_branch=$(git ls-remote --heads https://token:${PAT}@github.com/NVIDIA-NeMo/Eval.git 'refs/heads/r*' | grep -o 'core_r[0-9]\+\.[0-9]\+\.[0-9]\+' | sort -V | tail -n1) echo "mcore_release_branch=$latest_branch" >> $GITHUB_OUTPUT bump-tags: needs: [get-release-branch-names] strategy: fail-fast: false matrix: include: - target-branch: ${{ needs.get-release-branch-names.outputs.mcore }} - target-branch: main uses: ./.github/workflows/_update_dependencies.yml with: target-branch: ${{ matrix.target-branch }} secrets: PAT: ${{ secrets.PAT }} AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }} SSH_KEY: ${{ secrets.SSH_KEY }} SSH_PWD: ${{ secrets.SSH_PWD }} notify: if: failure() runs-on: ubuntu-latest needs: [bump-tags] steps: - name: Notify env: SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} SLACK_WEBHOOK_ADMIN: GITHUB_RUN_ID: ${{ github.run_id }} GITHUB_REPOSITORY: ${{ github.repository }} run: | curl -X POST \ -H 'Content-type: application/json' \ --data "{\"text\":\":robot_joy: failed. Please fix manually.\n\ncc ${SLACK_WEBHOOK_ADMIN}\"}" \ $SLACK_WEBHOOK