CI: Update workers fleet (COMPOSER-1997) #294
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# inspired by rhinstaller/anaconda | |
name: Trigger GitLab CI | |
on: | |
pull_request_target: | |
push: | |
branches: | |
- main | |
jobs: | |
pr-info: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Query author repository permissions | |
uses: octokit/[email protected] | |
id: user_permission | |
with: | |
route: GET /repos/${{ github.repository }}/collaborators/${{ github.event.sender.login }}/permission | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
# restrict running of tests to users with admin or write permission for the repository | |
# see https://docs.github.com/en/free-pro-team@latest/rest/reference/repos#get-repository-permissions-for-a-user | |
# store output if user is allowed in allowed_user job output so it has to be checked in downstream job | |
- name: Check if user does have correct permissions | |
if: contains('admin write', fromJson(steps.user_permission.outputs.data).permission) | |
id: check_user_perm | |
run: | | |
echo "User '${{ github.event.sender.login }}' has permission '${{ fromJson(steps.user_permission.outputs.data).permission }}' allowed values: 'admin', 'write'" | |
echo "::set-output name=allowed_user::true" | |
outputs: | |
allowed_user: ${{ steps.check_user_perm.outputs.allowed_user }} | |
trigger-gitlab: | |
needs: pr-info | |
if: needs.pr-info.outputs.allowed_user == 'true' | |
runs-on: ubuntu-latest | |
env: | |
IMAGEBUILDER_BOT_GITLAB_SSH_KEY: ${{ secrets.IMAGEBUILDER_BOT_GITLAB_SSH_KEY }} | |
steps: | |
- name: Clone repository | |
uses: actions/checkout@v3 | |
with: | |
# otherwise we are testing target branch instead of the PR branch (see pull_request_target trigger) | |
ref: ${{ github.event.pull_request.head.sha }} | |
fetch-depth: 0 | |
- name: Push to gitlab | |
run: | | |
mkdir -p ~/.ssh | |
echo "${IMAGEBUILDER_BOT_GITLAB_SSH_KEY}" > ~/.ssh/id_rsa | |
chmod 400 ~/.ssh/id_rsa | |
touch ~/.ssh/known_hosts | |
ssh-keyscan -t rsa gitlab.com >> ~/.ssh/known_hosts | |
git remote add ci [email protected]:redhat/services/products/image-builder/ci/koji-osbuild.git | |
if [ ${{ github.event.pull_request.number }} ]; then | |
git checkout -b PR-${{ github.event.pull_request.number }} | |
fi | |
git push -f ci |