generated from ACCESS-NRI/template
-
Notifications
You must be signed in to change notification settings - Fork 1
176 lines (161 loc) · 6.78 KB
/
config-pr-2-confirm.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
# This workflow is used to do a major/minor version bump to the `metadata.yaml` file,
# through a comment on the PR. It also commits and pushes the checksum file,
# as this is the last stage before merging.
# This is not done automatically because users may want to modify their config
# based on the result of the reproducibility check.
name: Confirm
on:
workflow_call:
# Workflows that call this workflow use the following triggers:
# issue_comment:
# types:
# - created
# - edited
env:
RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
jobs:
bump-version:
name: Bump metadata.yaml
# Bump the `metadata.yaml` file if the comment is made on a PR and starts with '!bump'
if: github.event.issue.pull_request && startsWith(github.event.comment.body, '!bump')
runs-on: ubuntu-latest
permissions:
pull-requests: write
outputs:
# metadata.yaml version before being bumped
before: ${{ steps.bump.outputs.before }}
# metadata.yaml version after being bumped
after: ${{ steps.bump.outputs.after }}
# The type of bump - 'major' or 'minor'
type: ${{ steps.type.outputs.bump }}
steps:
- uses: access-nri/actions/.github/actions/react-to-comment@main
with:
reaction: rocket
token: ${{ secrets.GITHUB_TOKEN }}
- uses: actions/checkout@v4
with:
fetch-depth: 0
token: ${{ secrets.GH_COMMIT_CHECK_TOKEN }}
- name: Checkout Associated PR ${{ github.event.issue.number }}
# Since the trigger for this workflow was on.issue_comment, we need
# to do a bit more wrangling to checkout the pull request
id: pr
env:
GH_TOKEN: ${{ github.token }}
run: gh pr checkout ${{ github.event.issue.number }}
- name: Get Type of Bump
id: type
run: |
if [[ "${{ contains(github.event.comment.body, 'minor') }}" == "true" ]]; then
echo "bump=minor" >> $GITHUB_OUTPUT
elif [[ ${{ contains(github.event.comment.body, 'major') }} == "true" ]]; then
echo "bump=major" >> $GITHUB_OUTPUT
else
echo "::error::Comment was not of the form: '!bump [major|minor]'"
exit 1
fi
- name: Bump
# Regarding the regex in the script: `([0-9]+)\.([0-9]+)` is broken down into:
# `([0-9]+)`: Major version (eg. `12`)
# `\.`: Version separator (eg. `.`)
# `([0-9]+)`: Minor version (eg. `1`)
# which would give `12.1`
id: bump
run: |
version=$(yq '.version' metadata.yaml)
if [[ "${version}" == "null" || "${version}" == "" ]]; then
echo "before=null" >> $GITHUB_OUTPUT
echo "after=1.0" >> $GITHUB_OUTPUT
exit 0
fi
regex="([0-9]+)\.([0-9]+)"
if [[ $version =~ $regex ]]; then
major_version="${BASH_REMATCH[1]}"
minor_version="${BASH_REMATCH[2]}"
else
echo "::error::Invalid version format in metadata.yaml file!"
exit 1
fi
if [[ "${{ steps.type.outputs.bump }}" == "minor" ]]; then
minor_version=$((minor_version + 1))
elif [[ "${{ steps.type.outputs.bump }}" == "major" ]]; then
major_version=$((major_version + 1))
minor_version=0
fi
new_version="${major_version}.${minor_version}"
echo "before=$version" >> $GITHUB_OUTPUT
echo "after=$new_version" >> $GITHUB_OUTPUT
commit:
name: Commit metadata.yaml and Checksum
needs:
- bump-version
runs-on: ubuntu-latest
permissions:
contents: write
pull-requests: write
env:
ARTIFACT_LOCAL_LOCATION: /opt/artifact
GH_TOKEN: ${{ github.token }}
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
token: ${{ secrets.GH_COMMIT_CHECK_TOKEN }}
- name: Checkout Associated PR ${{ github.event.issue.number }}
# Since the trigger for this workflow was on.issue_comment, we need
# to do a bit more wrangling to checkout the pull request and get the branch name
id: pr
run: |
gh pr checkout ${{ github.event.issue.number }}
echo "branch=$(git rev-parse --abbrev-ref HEAD)" >> $GITHUB_OUTPUT
- name: Download Newly Created Checksum
# Given the PR branch, we need to find the latest associated workflow run
# on this branch we can then download the associated artifact
run: |
associated_run=$(gh run list \
--json='databaseId,headBranch,updatedAt,status' \
--jq='[.[] | select(.headBranch == "${{ steps.pr.outputs.branch }}" and .status == "completed")] | sort_by(.updatedAt) | last | .databaseId')
gh run download $associated_run -D ${{ env.ARTIFACT_LOCAL_LOCATION }}
- name: Update metadata.yaml and Checksum files
run: |
yq -i '.version = "${{ needs.bump-version.outputs.after }}"' metadata.yaml
cp --recursive --verbose ${{ env.ARTIFACT_LOCAL_LOCATION }}/*/* testing
- name: Import Commit-Signing Key
uses: crazy-max/ghaction-import-gpg@01dd5d3ca463c7f10f7f4f7b4f177225ac661ee4 # v6.1.0
with:
gpg_private_key: ${{ secrets.GH_ACTIONS_BOT_GPG_PRIVATE_KEY }}
passphrase: ${{ secrets.GH_ACTIONS_BOT_GPG_PASSPHRASE }}
git_config_global: true
git_committer_name: ${{ vars.GH_ACTIONS_BOT_GIT_USER_NAME }}
git_committer_email: ${{ vars.GH_ACTIONS_BOT_GIT_USER_EMAIL }}
git_user_signingkey: true
git_commit_gpgsign: true
git_tag_gpgsign: true
- name: Commit and Push Updates
run: |
if [[ "${{ needs.bump-version.outputs.type }}" == "minor" ]]; then
git commit -am "Bumped version to ${{ needs.bump-version.outputs.after }} as part of ${{ env.RUN_URL }}"
elif [[ "${{ needs.bump-version.outputs.type }}" == "major" ]]; then
git commit -am "Updated checksums and bumped version to ${{ needs.bump-version.outputs.after }} as part of ${{ env.RUN_URL }}"
fi
git push
- name: Comment Success
uses: access-nri/actions/.github/actions/pr-comment@main
with:
comment: |
:white_check_mark: Version bumped from `${{ needs.bump-version.outputs.before }}` to `${{ needs.bump-version.outputs.after }}` :white_check_mark:
failure-notifier:
name: Failure Notifier
if: failure()
needs:
- commit
runs-on: ubuntu-latest
permissions:
pull-requests: write
steps:
- name: Comment Failure
uses: access-nri/actions/.github/actions/pr-comment@main
with:
comment: |
:x: Failed to bump VERSION or commit changes, see ${{ env.RUN_URL }} :x: