Skip to content

Commit

Permalink
github-actions: use github secrets for updatecli (#411)
Browse files Browse the repository at this point in the history
  • Loading branch information
v1v authored May 22, 2024
1 parent ccced79 commit 8d5547d
Show file tree
Hide file tree
Showing 3 changed files with 52 additions and 31 deletions.
67 changes: 42 additions & 25 deletions .github/actions/bump-golang/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -7,44 +7,61 @@ inputs:
go-minor:
description: 'What Go minor version ([0-9]+.[0.9]+)'
required: true
messageIfFailure:
description: 'Vault secret ID'
command:
description: 'What updatecli command'
default: 'apply'
required: false
slack-message:
description: 'Slack message if failure'
required: false
default: ":traffic_cone: updatecli failed for `${{ github.repository }}@${{ github.ref_name }}`, @agent-team please look what's going on <${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}|here>"
notifySlackChannel:
description: 'Vault secret ID'
slack-channel-id:
description: 'Slack channel ID'
required: false
default: "#ingest-notifications"
vaultUrl:
description: 'Vault URL'
slack-bot-token:
description: 'Specify the slack bot token.'
required: true
vaultRoleId:
description: 'Vault role ID'
github-token:
description: "The GitHub access token."
required: true
vaultSecretId:
description: 'Vault secret ID'
required: true
command:
description: 'What updatecli command'
default: 'apply'
required: false

runs:
using: "composite"
steps:
- uses: actions/checkout@v4
with:
ref: ${{ inputs.branch }}

- uses: elastic/apm-pipeline-library/.github/actions/updatecli@current
with:
vaultUrl: ${{ inputs.vaultUrl }}
vaultRoleId: ${{ inputs.vaultRoleId }}
vaultSecretId: ${{ inputs.vaultSecretId }}
command: ${{ inputs.command }}
pipeline: ./.github/updatecli.d/bump-golang.yml
notifySlackChannel: ${{ inputs.notifySlackChannel }}
messageIfFailure: ${{ inputs.messageIfFailure }}
- name: Install Updatecli in the runner
uses: updatecli/updatecli-action@9a37c7e35598d7b37d8e7568b40ed9538112be01 # v0.76.1

- name: Run Updatecli in Apply mode
run: updatecli ${{ env.COMMAND }} --config ./.github/updatecli.d/bump-golang.yml
env:
COMMAND: ${{ inputs.command }}
BRANCH: ${{ inputs.branch }}
GO_MINOR: ${{ inputs.go-minor }}
GITHUB_TOKEN: ${{ inputs.github-token }}
GIT_USER: "github-actions[bot]"
shell: bash

- if: ${{ failure() }}
uses: slackapi/slack-github-action@70cd7be8e40a46e8b0eced40b0de447bdb42f68e # v1.26.0
with:
channel-id: ${{ inputs.slack-channel-id }}
payload: |
{
"text": "${{ env.SLACK_MESSAGE }}",
"blocks": [
{
"type": "section",
"text": {
"type": "mrkdwn",
"text": "${{ env.SLACK_MESSAGE }}"
}
}
]
}
env:
SLACK_BOT_TOKEN: ${{ inputs.slack-bot-token }}
SLACK_MESSAGE: ${{ inputs.slack-message }}
8 changes: 5 additions & 3 deletions .github/workflows/bump-golang-previous.yml
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,9 @@ permissions:
jobs:
bump:
runs-on: ubuntu-latest
permissions:
contents: write
pull-requests: write
steps:
- uses: actions/checkout@v4
- uses: ./.github/actions/bump-golang
Expand All @@ -20,7 +23,6 @@ jobs:
branch: '1.21'
# NOTE: when a new golang version please update me with 1.<go-version-1>
go-minor: '1.21'
vaultUrl: ${{ secrets.VAULT_ADDR }}
vaultRoleId: ${{ secrets.VAULT_ROLE_ID }}
vaultSecretId: ${{ secrets.VAULT_SECRET_ID }}
command: '--experimental apply'
slack-bot-token: ${{ secrets.SLACK_BOT_TOKEN }}
github-token: ${{ secrets.GITHUB_TOKEN }}
8 changes: 5 additions & 3 deletions .github/workflows/bump-golang.yml
Original file line number Diff line number Diff line change
Expand Up @@ -12,14 +12,16 @@ permissions:
jobs:
bump:
runs-on: ubuntu-latest
permissions:
contents: write
pull-requests: write
steps:
- uses: actions/checkout@v4
- uses: ./.github/actions/bump-golang
with:
branch: 'main'
# NOTE: when a new golang version please update me with 1.<go-version>
go-minor: '1.22'
vaultUrl: ${{ secrets.VAULT_ADDR }}
vaultRoleId: ${{ secrets.VAULT_ROLE_ID }}
vaultSecretId: ${{ secrets.VAULT_SECRET_ID }}
command: '--experimental apply'
slack-bot-token: ${{ secrets.SLACK_BOT_TOKEN }}
github-token: ${{ secrets.GITHUB_TOKEN }}

0 comments on commit 8d5547d

Please sign in to comment.