-
Notifications
You must be signed in to change notification settings - Fork 3
152 lines (139 loc) · 5.29 KB
/
bootstrap.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
---
name: "♻️ Update shared DevOps tooling"
# yamllint disable-line rule:truthy
on:
workflow_dispatch:
schedule:
- cron: "0 8 * * MON"
jobs:
update-actions:
name: "Update DevOps tooling"
runs-on: ubuntu-latest
permissions:
# IMPORTANT: mandatory to update content/actions/PRs
contents: write
actions: write
pull-requests: write
steps:
- name: "Checkout primary repository"
uses: actions/checkout@v4
with:
# Note: Requires a specific/defined Personal Access Token
token: ${{ secrets.ACTIONS_WORKFLOW }}
- name: "Pull workflows from central repository"
uses: actions/checkout@v4
with:
repository: "os-climate/devops-toolkit"
path: ".devops"
- name: "Update repository workflows and create PR"
id: update-repository
env:
GH_TOKEN: ${{ github.token }}
# yamllint disable rule:line-length
run: |
### SHELL CODE START ###
REPO_DIR=$(git rev-parse --show-toplevel)
# Ensure working from top-level of GIT repository
CURRENT_DIR=$(pwd)
if [ "$REPO_DIR" != "$CURRENT_DIR" ]; then
echo "Changing directory to: $REPO_DIR"
if ! (cd "$REPO_DIR"); then
echo "Error: unable to change directory"; exit 1
fi
fi
# Define a function to allow selective opt-out of devops tooling
OPT_OUT=".devops-exclusions"
perform_operation() {
ELEMENT="$1"
if [ ! -f "$OPT_OUT" ]; then
# Opt-out file does not exist; all operations will be performed
return 1
else
if grep -Fxq "$ELEMENT" "$OPT_OUT"
then
# Element is excluded from processing
return 0
else
# Element should be processed
return 1
fi
fi
}
echo "Removing remote branch if it exists: update-devops-tooling"
git push origin --delete update-devops-tooling || :
STRING=$(dd if=/dev/urandom bs=1k count=1 2>/dev/null | tr -dc 'a-zA-Z0-9' | head -c 10)
git checkout -b "update-$STRING"
# Configure GIT
TEST=$(git config -l)
if [ -n "$TEST" ]; then
git config user.name "github-actions[bot]"
git config user.email \
"41898282+github-actions[bot]@users.noreply.github.com"
fi
FOLDERS=".github .github/workflows scripts"
for FOLDER in ${FOLDERS}; do
# Check to see if operation should be skipped
if (perform_operation "$FOLDER"); then
echo "Opted out of DevOps folder: $FOLDER"
continue
else
# If necessary, create target folder
if [ ! -d "$FOLDER" ]; then
echo "Creating target folder: $FOLDER"
mkdir "$FOLDER"
fi
# Update folder contents
echo "Updating folder contents: $FOLDER"
cp -a .devops/"$FOLDER"/. "$FOLDER"
fi
done
# Copy specified files into repository root
FILES=".pre-commit-config.yaml .prettierignore .gitignore"
for FILE in ${FILES}; do
if (perform_operation "$FILE"); then
echo "Opted out of DevOps file: $FILE"
else
echo "Copying file: $FILE"
cp .devops/"$FILE" "$FILE"
fi
done
# If no changes required, do not throw an error
if [ -z "$(git status --porcelain)" ]; then
echo "No updates/changes to commit"; exit 0
else
# Set a flag for use by the next action/step
echo "changed=true" >> "$GITHUB_OUTPUT"
fi
if [ -n "$GITHUB_TOKEN" ]; then
git add .
if ! (git commit -as -S -m "Chore: Update DevOps tooling from central repository [skip-ci]" \
-m "This commit created by automation/scripting" --no-verify); then
echo "Commit failed; aborting"; exit 1
else
git push --set-upstream origin update-devops-tooling
# ToDo: need to verify if we are running in a GHA
gh pr create --title \
"Chore: Pull DevOps tooling from upstream repository" \
--body 'Automated by a GitHub workflow: bootstrap.yaml'
fi
else
echo "Script running in GitHub Actions workflow; proceeding to next step"
fi
### SHELL CODE END ###
- name: Create Pull Request
if: steps.update-repository.outputs.changed == 'true'
uses: peter-evans/create-pull-request@v5
env:
GITHUB_TOKEN: ${{ github.token }}
with:
token: ${{ github.token }}
commit-message: "Chore: Update DevOps tooling from central repository [skip-ci]"
signoff: "true"
branch: update-devops-tooling
delete-branch: true
title: "Chore: Update DevOps tooling from central repository [skip-ci]"
body: |
Update repository with content from upstream: os-climate/devops-toolkit
labels: |
automated pr
draft: false