-
Notifications
You must be signed in to change notification settings - Fork 11
80 lines (73 loc) · 3.27 KB
/
_update_bundle.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
# Copyright 2023 Canonical Ltd.
# See LICENSE file for licensing details.
# Usage documentation: _update_bundle.md
on:
workflow_call:
inputs:
path-to-bundle-file:
description: Relative path to bundle file from repository directory
required: true
type: string
reviewers:
description: Comma separated list of GitHub usernames to request to review pull request (e.g. "canonical/data-platform-engineers,octocat")
required: false
type: string
secrets:
token:
description: |
GitHub App token or personal access token (not GITHUB_TOKEN)
Permissions needed for App token:
- Access: Read & write for Repository permissions: Pull requests
- Access: Read & write for Repository permissions: Contents
- If GitHub team is requested for pull request review,
Access: Read-only for Organization permissions: Members
Permissions needed for personal access token: write access to repository, read:org
Personal access tokens with fine grained access are not supported (by GraphQL API, which is used by GitHub CLI).
The GITHUB_TOKEN can create a pull request or push a branch, but `on: pull_request` workflows will not be triggered.
Source: https://github.com/peter-evans/create-pull-request/blob/main/docs/concepts-guidelines.md#triggering-further-workflow-runs
required: true
jobs:
update-bundle:
name: Update bundle
runs-on: ubuntu-latest
timeout-minutes: 5
steps:
- name: Get workflow version
id: workflow-version
uses: canonical/get-workflow-version-action@v1
with:
repository-name: canonical/data-platform-workflows
file-name: _update_bundle.yaml
github-token: ${{ secrets.GITHUB_TOKEN }}
- name: Install CLI
run: pipx install git+https://github.com/canonical/data-platform-workflows@'${{ steps.workflow-version.outputs.sha }}'#subdirectory=python/cli
- name: Checkout
uses: actions/checkout@v4
with:
token: ${{ secrets.token }}
- name: Update bundle file
id: update-file
run: update-bundle '${{ inputs.path-to-bundle-file }}'
- name: Push `update-bundle` branch
if: ${{ fromJSON(steps.update-file.outputs.updates_available) }}
run: |
git checkout -b update-bundle
git add .
git config user.name "GitHub Actions"
git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
git commit -m "Update bundle"
# Uses token set in checkout step
git push origin update-bundle -f
- name: Create pull request
if: ${{ fromJSON(steps.update-file.outputs.updates_available) }}
run: |
# Capture output in variable so that step fails if `gh pr list` exits with non-zero code
prs=$(gh pr list --head update-bundle --state open --json number)
if [[ $prs != "[]" ]]
then
echo Open pull request already exists
exit 0
fi
gh pr create --head update-bundle --title "Update bundle" --body "Update charm revisions in bundle YAML file" --reviewer '${{ inputs.reviewers }}'
env:
GH_TOKEN: ${{ secrets.token }}