Skip to content

[stable] update glibc for CVE-2023-4911 #253

[stable] update glibc for CVE-2023-4911

[stable] update glibc for CVE-2023-4911 #253

---
name: Check promotion diffs
on:
pull_request:
branches: [next, testing, stable]
permissions:
contents: read
jobs:
promotion-diff:
name: Check promotion diffs
runs-on: ubuntu-latest
# Only run if this looks like a promotion PR
if: "contains(github.event.pull_request.title, 'tree: promote changes from')"
steps:
- name: Get base commit hash
env:
COMMIT_TITLE: ${{ github.event.pull_request.title }}
run: |
echo "ORIGIN_COMMIT=$(echo ${COMMIT_TITLE} | awk '{print $NF}')" >> $GITHUB_ENV
- name: Check out origin commit
uses: actions/checkout@v3
with:
path: origin
ref: ${{ env.ORIGIN_COMMIT }}
- name: Check out base branch
uses: actions/checkout@v3
with:
path: base
ref: ${{ github.base_ref }}
- name: Check out PR
uses: actions/checkout@v3
with:
path: new
- name: Ignore manifest files
run: |
# manifest.yaml is per-branch, so we care about changes vs. the
# one in the base, not the one from the origin
cp base/manifest.yaml origin/
- name: Normalize kola-denylist.yaml
run: |
# When we promote to a production branch we strip out the
# snooze and warn lines. Let's do the same here so we don't get warnings.
# See https://github.com/coreos/fedora-coreos-releng-automation/pull/179
sed -E -i 's/^(\s+)((snooze:|warn:)\s+.*)/\1# \2 (disabled on promotion)/' origin/kola-denylist.yaml
- name: Compare trees
uses: coreos/actions-lib/check-diff@main
with:
basedir: origin
patchdir: new