Skip to content

chore(ci): add workflow to automate Go version updates #1924

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 7 commits into from
Nov 20, 2025
Merged

chore(ci): add workflow to automate Go version updates #1924

merged 7 commits into from
Nov 20, 2025

Conversation

@Bishibop
Copy link
Contributor

@Bishibop Bishibop commented Nov 19, 2025

Add automated Go version updates workflow using StefMa/Upgrade-Go-Action.

Problem: Dependabot cannot update the Go version in go.mod (dependabot/dependabot-core#9527).

Solution: Weekly workflow checks for new Go releases and creates PRs.

Related: https://github.com/replicated-collab/git-guardian-kots/issues/287

@Bishibop
chore(ci): add workflow to automate Go version updates
da22a45 
Add GitHub Actions workflow using StefMa/Upgrade-Go-Action to
automatically check for new Go releases and create PRs to update
the go directive in go.mod.

This addresses the limitation that Dependabot cannot update the
Go version itself (only module dependencies), which means stdlib
CVEs that are fixed in newer Go patch releases are not automatically
detected.

Workflow runs:
- Weekly on Mondays at 8am UTC
- Manually via workflow_dispatch

When a new Go version is available, the action will:
1. Update the go directive in go.mod
2. Run go mod tidy
3. Create a pull request with the changes

Related: replicated-collab/git-guardian-kots#287
Dependabot limitation: dependabot/dependabot-core#9527
@Bishibop Bishibop self-assigned this Nov 19, 2025
@Bishibop Bishibop marked this pull request as ready for review November 20, 2025 16:15
laverya
laverya reviewed Nov 20, 2025
View reviewed changes
.github/workflows/upgrade-go.yaml
Comment on lines +20 to +23
- name: Check for Go updates
uses: StefMa/Upgrade-Go-Action@v1
with:
base-branch: 'main'
Copy link
Member

@laverya laverya Nov 20, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this will need a github token or else CI won't run in the generated PRs

Copy link
Contributor Author

@Bishibop Bishibop Nov 20, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Added

@Bishibop Bishibop merged commit aa13c2e into main Nov 20, 2025
17 checks passed
@Bishibop Bishibop deleted the add-upgrade-go-action branch November 20, 2025 23:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@laverya laverya laverya approved these changes

Assignees

@Bishibop Bishibop

Labels

type::chore

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@Bishibop @laverya