diff --git a/.github/workflows/build_ci_container.yaml b/.github/workflows/build_ci_container.yaml new file mode 100644 index 0000000..c849fcf --- /dev/null +++ b/.github/workflows/build_ci_container.yaml @@ -0,0 +1,23 @@ +on: + push: + branches: + - main + pull_request: + +jobs: + containerize: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + + - name: Login to Quay + if: github.event.name == 'push' + run: docker login quay.io -u ${{ secrets.QUAY_UNAME }} -p ${{ secrets.QUAY_PASSWD }} + + - name: Build container + run: docker build -t quay.io/zathras/jira-issue-tagging-ci:latest -f Containerfile . + working-directory: ci/issue-tagging-container + + - name: Push container + if: github.event_name == 'push' + run: docker push quay.io/zathras/jira-issue-tagging-ci:latest diff --git a/.github/workflows/issue_tagging.yaml b/.github/workflows/issue_tagging.yaml index e05ce17..cb0dd41 100644 --- a/.github/workflows/issue_tagging.yaml +++ b/.github/workflows/issue_tagging.yaml @@ -10,7 +10,7 @@ env: on: workflow_call: - pull_request_target: + pull_request: types: - review_requested pull_request_review: @@ -19,6 +19,7 @@ on: jobs: update_parent_issue: runs-on: ubuntu-latest + container: quay.io/zathras/jira-issue-tagging-ci:latest steps: - uses: actions/checkout@v4 @@ -27,33 +28,33 @@ jobs: run: echo "PR_NUMBER=${{ github.event.pull_request.number }}" >> "$GITHUB_ENV" - name: Get PR number on PR event - if: github.event_name == 'pull_request_target' + if: github.event_name == 'pull_request' run: echo "PR_NUMBER=${{ github.event.number }}" >> "$GITHUB_ENV" - name: Get parent issues shell: bash - run: > + run: | echo PARENT_ISSUES=$( - ./ci/get_parent_issue.sh - $PR_NUMBER - ) >> $GITHUB_ENV + /opt/tools/get_parent_issue.sh ${{ github.repository }} $PR_NUMBER + ) >> "$GITHUB_ENV" + - name: Fail when unable to find a parent issue if: env.PARENT_ISSUES == '' run: echo "Could not find a parent issue" && exit 1 - - name: Get PR states + - name: Get PR Status run: > - echo PR_STATUS=pr_$( - gh pr view $PR_NUMBER --json reviewRequests,latestReviews | - python ./ci/determine_status.py - ) >> $GITHUB_ENV - + echo PR_STATUS=$( + gh -R ${{ github.repository }} pr view $PR_NUMBER --json reviewRequests,latestReviews | + python /opt/tools/determine_status.py + ) >> "$GITHUB_ENV" + - name: Set parent issues state run: > for issue in $PARENT_ISSUES; do echo "Updating $issue to $PR_STATUS" && - gh issue edit $issue $REMOVE_ISSUES && - gh issue edit $issue --add-label=$PR_STATUS + gh -R ${{ github.repository }} issue edit $issue $REMOVE_ISSUES && + gh -R ${{ github.repository }} issue edit $issue --add-label=pr_$PR_STATUS done diff --git a/ci/README.md b/ci/README.md index b77bdea..f20d3d6 100644 --- a/ci/README.md +++ b/ci/README.md @@ -17,3 +17,27 @@ The idea behind this workflow is to keep Jira tickets in sync with the current s ![flow chart for PR labelling workflow](images/pr_labelling.jpg) This workflow does not work with forked repositories, since the `GITHUB_TOKEN` provided by GitHub runner will not have write access to the base repository unless the pull request originated from the base repository. + +# Container +The container image build in [issue-tagging-container] is meant to provide CI helper scripts around to other repositories that +reuse the workflows in this repository. All scripts are kept in the `/opt/tools` directory within the container. + +## get_parent_issue.sh +This script fetches any parent issues mentioned in a PR. It will output a space separated list of issue numbers. + +### Usage +`./get_parent_issue.sh ` + +## determine_status.py +This script will determine the target status of a PR by +looking at the review state. If any reviews request +changes, it will return "in progress", then if any +reviews are pending, it will return "review", if all +reviews approve the PR, it will return "approved". + +### Usage +`python3 determine_status.py ` + +OR + +`gh pr view --json reviewRequests,latestReviews | python3 determine_status.py` diff --git a/ci/get_parent_issue.sh b/ci/get_parent_issue.sh deleted file mode 100755 index a07e199..0000000 --- a/ci/get_parent_issue.sh +++ /dev/null @@ -1,9 +0,0 @@ -#!/bin/bash - -mentioned_issues=$(gh pr view "$1" --json body | jq -r .body | grep -Eo '#[0-9]+' | sed -e 's/#//g') - -for issue in $mentioned_issues; do - if gh issue view "$issue" --json id > /dev/null; then - echo -n "$issue " - fi -done diff --git a/ci/issue-tagging-container/Containerfile b/ci/issue-tagging-container/Containerfile new file mode 100644 index 0000000..3c6f7ab --- /dev/null +++ b/ci/issue-tagging-container/Containerfile @@ -0,0 +1,12 @@ +FROM registry.access.redhat.com/ubi9-minimal:9.5 AS builder + +RUN microdnf -y install wget +RUN wget https://cli.github.com/packages/rpm/gh-cli.repo -O /gh-cli.repo + +FROM registry.access.redhat.com/ubi9-minimal:9.5 + +COPY --from=builder /gh-cli.repo /etc/yum.repos.d/gh-cli.repo +RUN microdnf -y install gh python3 jq +WORKDIR /opt/tools + +COPY . /opt/tools/ diff --git a/ci/determine_status.py b/ci/issue-tagging-container/determine_status.py similarity index 96% rename from ci/determine_status.py rename to ci/issue-tagging-container/determine_status.py index 0640c07..04dd7e5 100644 --- a/ci/determine_status.py +++ b/ci/issue-tagging-container/determine_status.py @@ -23,4 +23,4 @@ def _main(file): if len(sys.argv) > 1: in_file = open(sys.argv[1], 'r') print(_main(in_file)) - in_file.close() \ No newline at end of file + in_file.close() diff --git a/ci/issue-tagging-container/get_parent_issue.sh b/ci/issue-tagging-container/get_parent_issue.sh new file mode 100644 index 0000000..5e4ec73 --- /dev/null +++ b/ci/issue-tagging-container/get_parent_issue.sh @@ -0,0 +1,9 @@ +#!/bin/bash + +mentioned_issues=$(gh -R "$1" pr view "$2" --json body | jq -r .body | grep -Eo '#[0-9]+' | sed -e 's/#//g') + +for issue in $mentioned_issues; do + if gh -R "$1" issue view "$issue" --json id > /dev/null; then + echo -n "$issue " + fi +done