forked from better0332/aws-privateca-issuer
-
Notifications
You must be signed in to change notification settings - Fork 0
130 lines (115 loc) · 5.38 KB
/
sync.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
# workflows to sync certain files when changes are pushed to the main branch
name: Sync
on:
push:
branches:
- 'main'
paths:
- 'README.md'
pull_request_target:
branches:
- 'main'
paths:
- 'config/crd/bases/**.yaml'
- 'charts/aws-pca-issuer/crds/**.yaml'
env:
GITHUB_USER_NAME: github-actions
GITHUB_USER_EMAIL: [email protected]
GH_PAGES_BRANCH: gh-pages
CONFIG_DIR: config/crd/bases
CHARTS_DIR: charts/aws-pca-issuer/crds
jobs:
sync-readme:
if: ${{ github.event_name == 'push' }}
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v2
with:
ref: ${{ env.GH_PAGES_BRANCH }}
- name: Push README to gh-pages branch
run: |
git config user.name "$GITHUB_USER_NAME"
git config user.email "$GITHUB_USER_EMAIL"
git fetch -a
git checkout $GITHUB_SHA -- README.md
mv README.md index.md
git add index.md README.md
if git commit -m "Sync readme from commit $GITHUB_SHA" --signoff; then
git push origin $GH_PAGES_BRANCH
else
echo "Nothing committed, not pushing."
fi
sync-crds:
if: ${{ github.event_name == 'pull_request_target' }}
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v2
with:
repository: ${{ github.event.pull_request.head.repo.full_name }}
ref: ${{ github.head_ref }}
- name: Check which CRDs are modified
id: which-crd-modified
run: |
URL="https://api.github.com/repos/${GITHUB_REPOSITORY}/pulls/${{ github.event.pull_request.number }}/files"
FILES=$(curl -s -X GET -G $URL --header 'authorization: Bearer ${{ secrets.GITHUB_TOKEN }}' | jq -r '.[] | .filename')
# Check if CRDs are modified in charts or config or both.
# Unfortunately we cannot overwrite contributor's changes
# using the update-pull-request-action, so if
# both CRDs are changed and not equal, we fail the workflow
# and post a comment on the PR informing the contributor
# that the CRDs must be identical.
changed_config=$( (echo $FILES | grep -q -E "${CONFIG_DIR}/[[:graph:]]*\.yaml" && echo true) || echo false )
changed_charts=$( (echo $FILES | grep -q -E "${CHARTS_DIR}/[[:graph:]]*\.yaml" && echo true) || echo false )
if $changed_config && ! $changed_charts; then
echo "::set-output name=result::config"
elif $changed_charts && ! $changed_config; then
echo "::set-output name=result::charts"
else
echo "::set-output name=result::both"
fi
- name: Copy changed config CRDs to chart
if: ${{ steps.which-crd-modified.outputs.result == 'config' && !github.event.pull_request.head.repo.fork }}
run: |
cp ${CONFIG_DIR}/*.yaml ${CHARTS_DIR}
- name: Copy changed chart CRDs to config
if: ${{ steps.which-crd-modified.outputs.result == 'charts' && !github.event.pull_request.head.repo.fork }}
run: |
cp ${CHARTS_DIR}/*.yaml ${CONFIG_DIR}
- name: Verify both CRDs are the same
if: ${{ steps.which-crd-modified.outputs.result == 'both' || github.event.pull_request.head.repo.fork }}
run: |
for config_file in $CONFIG_DIR/*.yaml; do
chart_file=$CHARTS_DIR/$(basename $config_file)
if ! diff $config_file $chart_file; then
echo "${config_file} and ${chart_file} are different"
exit 1
fi
done
- name: Update pull request with synced CRDs
if: ${{ steps.which-crd-modified.outputs.result != 'both' && !github.event.pull_request.head.repo.fork }}
uses: divyansh-gupta/create-or-update-pull-request-action@65a6b01b19b69d7865fcf484340b06548fc02e64
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
branch: ${{ github.head_ref }}
path: "."
commit-message: |
Sync CRDs in pull-request ${{ github.event.pull_request.number }}
Signed-off-by: ${{ env.GITHUB_USER_NAME }} <${{ env.GITHUB_USER_EMAIL }}>
author: "${{ env.GITHUB_USER_NAME }} <${{ env.GITHUB_USER_EMAIL }}>"
- name: Comment on pull request that CRDs were synced
if: ${{ steps.which-crd-modified.outputs.result != 'both' && !github.event.pull_request.head.repo.fork }}
uses: divyansh-gupta/actions-comment-pull-request@675cdfe1695d33e816e060460a72feafee079d3f
with:
message: 'Detected different CRDs in the `config/crd/bases` directory and `charts/aws-pca-issuer/crds` directory. These CRDs have been synced and the commit has been added to this PR for review.'
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Comment on pull request that CRDs were unable to be synced
if: ${{ failure() }}
uses: divyansh-gupta/actions-comment-pull-request@675cdfe1695d33e816e060460a72feafee079d3f
with:
message: |
Detected different CRDs in the `config/crd/bases` directory and `charts/aws-pca-issuer/crds` directory.
Since both CRDs were modified in this commit(s), they were unable to be automatically synced. Please update the pull request with identical CRDs for this workflow to pass.
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}