-
Notifications
You must be signed in to change notification settings - Fork 1
124 lines (113 loc) · 5.71 KB
/
generate_package_locks.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
# # This workflow generates the JSON representation
# name: Generate Package Locks
# on:
# push:
# branches: ["main"]
# workflow_dispatch:
# env:
# PR_DEST_BRANCH_NAME: gh-pages
# concurrency:
# # Prevent parallel executions of this and related tasks.
# group: updating-chart-locks
# cancel-in-progress: false
# jobs:
# generate-package-locks:
# outputs:
# package_locks_b64: ${{ steps.generate-package-locks.outputs.package_locks_b64 }}
# runs-on: ubuntu-latest
# steps:
# - uses: actions/checkout@v3
# - uses: actions/setup-python@v4
# with:
# python-version: "3.10"
# - run: |
# pip install PyYAML
# - name: Generate lock file JSON from existing charts
# id: generate-package-locks
# run: |
# set -o pipefail
# python scripts/packagemapping/packagemapping.py | tee /tmp/packagelocks.json
# base64 -w 0 /tmp/packagelocks.json | tee /tmp/packagelocks.json.b64
# echo "package_locks_b64=$(cat /tmp/packagelocks.json.b64)" >> $GITHUB_OUTPUT
# - name: Decode and display lockfile JSON (Sanity Check)
# run: |
# set -o pipefail
# test -n "${{ steps.generate-package-locks.outputs.package_locks_b64 }}" \
# || { echo "::error::output package_locks_b64 did not contain base64 content generated from the previous step"; exit 2 ;}
# echo ${{ steps.generate-package-locks.outputs.package_locks_b64 }} | base64 -d | jq \
# || { echo "::error::output package_locks_b64 did not contain valid JSON once decoded" ; exit 3 ;}
# compare-package-lock-manifests:
# needs: generate-package-locks
# outputs:
# needs-updating: ${{ steps.compare-package-locks.outputs.needs-updating }}
# runs-on: ubuntu-latest
# steps:
# - name: Determine if package lock entries need updating
# id: compare-package-locks
# run: |
# needsupdating=false
# wget https://komish.github.io/actions-workflow-call-test/lock.json -O current-locks.json
# set -o pipefail
# test -n "${{ needs.generate-package-locks.outputs.package_locks_b64 }}" \
# || { echo "::error::output package_locks_b64 did not contain base64 content generated from the previous step"; exit 2 ;}
# echo ${{ needs.generate-package-locks.outputs.package_locks_b64 }} | base64 -d | jq > generated-locks.json \
# || { echo "::error::output package_locks_b64 did not contain valid JSON once decoded" ; exit 3 ;}
# jq .packages current-locks.json > current-packages.json
# jq .packages generated-locks.json > generated-packages.json
# diff current-packages.json generated-packages.json || needsupdating=true
# echo needs-updating=${needsupdating} | tee -a $GITHUB_OUTPUT
# craft-pr-to-project:
# # TODO: This needs a token for a user who isn't the CI bot (e.g. GITHUB_TOKEN) but has commit permissions.
# needs:
# - compare-package-lock-manifests
# - generate-package-locks
# if: needs.compare-package-lock-manifests.outputs.needs-updating == true
# runs-on: ubuntu-latest
# steps:
# - name: Clone ${{ env.PR_DEST_BRANCH_NAME }} branch
# uses: actions/checkout@v3
# with:
# ref: ${{ env.PR_DEST_BRANCH_NAME }}
# # token: tbd
# - name: Set Git Config
# # TODO update the user name and email
# run: |
# git config user.name "CI Bot Name"
# git config user.email [email protected]
# - name: Create new branch
# id: create-branch
# run: |
# branchuuid=$(uuidgen)
# branchname=update-locks-${branchuuid}
# git checkout -b $branchname
# echo branchname=$branchname >> $GITHUB_OUTPUT
# - name: Overwrite existing lockfile, Commit, and Push
# id: commit-and-push
# run: |
# set -o pipefail
# cd docs
# test -n "${{ needs.generate-package-locks.outputs.package_locks_b64 }}" \
# || { echo "::error::output package_locks_b64 did not contain base64 content generated from the previous step"; exit 2 ;}
# echo ${{ needs.generate-package-locks.outputs.package_locks_b64 }} | base64 -d | jq > lock.json \
# || { echo "::error::output package_locks_b64 did not contain valid JSON once decoded" ; exit 3 ;}
# md5sum=$(md5sum lock.json | awk '{ print $1 }' )
# echo new_lockfile_md5sum=$md5sum >> $GITHUB_OUTPUT
# git add lock.json
# git commit -m "updating package lock file"
# git push origin ${{ steps.create-branch.outputs.branchname }}
# - name: Create Pull Request
# # If using the GitHub Actions Token, make sure your repository allows
# # for write permissions as well as Creating and Merging Pull Requests in
# # Settings.
# run: |
# body=$(echo -e "${{ env.PR_BODY }}\n\nThe generated lockfile's md5sum is: **${{ steps.commit-and-push.outputs.new_lockfile_md5sum }}**\n")
# gh pr create -B ${{ env.PR_DEST_BRANCH_NAME }} -H ${{ steps.create-branch.outputs.branchname }} --title "${{ env.PR_TITLE }} - ${{ steps.commit-and-push.outputs.new_lockfile_md5sum }}" --body "${body}"
# env:
# GITHUB_TOKEN: ${{ secrets.PROJECT_CI_BOT_TOKEN }}
# PR_TITLE: Updating Chart Locks
# PR_BODY: |
# _This PR was generated by GitHub Actions_
# This PR is updating the Chart Locks. The content of this PR was
# generated based on the current state of the charts directory.
# This PR should be automatically merged by GitHub Actions if there are
# no merge conflicts.