Update runtime ImageStreams SHA digests #48
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| # The aim of this GitHub workflow is to update the runtimes ImageStreams | |
| name: Update runtime ImageStreams SHA digests | |
| on: # yamllint disable-line rule:truthy | |
| workflow_dispatch: | |
| inputs: | |
| branch: | |
| required: true | |
| description: "Which branch do you want to update?" | |
| tag_version: | |
| required: true | |
| description: "Provide tag version: main or YYYYx" | |
| user-hash: | |
| required: false | |
| description: "Optional: Specify a Git hash (it should exist in the provided branch's history)" | |
| env: | |
| TMP_BRANCH: tmp-branch-${{ github.run_id }} | |
| BRANCH_NAME: ${{ github.event.inputs.branch || 'main' }} | |
| TAG_VERSION: ${{ github.event.inputs.tag_version || 'main' }} | |
| USER_HASH: ${{ github.event.inputs.user-hash }} | |
| jobs: | |
| initialize: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: write | |
| steps: | |
| - name: Install Skopeo CLI | |
| shell: bash | |
| run: | | |
| sudo apt-get -y update | |
| sudo apt-get -y install skopeo yq jq | |
| - name: Checkout branch | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ env.BRANCH_NAME }} | |
| - name: Create a new branch | |
| run: | | |
| echo ${{ env.TMP_BRANCH }} | |
| git checkout -b ${{ env.TMP_BRANCH }} | |
| git push --set-upstream origin ${{ env.TMP_BRANCH }} | |
| update-runtimes: | |
| needs: [initialize] | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: write | |
| steps: | |
| - name: Configure Git | |
| run: | | |
| git config --global user.email "github-actions[bot]@users.noreply.github.com" | |
| git config --global user.name "GitHub Actions" | |
| - name: Checkout release branch | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ env.TMP_BRANCH }} | |
| fetch-depth: 0 | |
| - name: Invoke script to handle the update | |
| shell: bash | |
| run: | | |
| chmod +x "${GITHUB_WORKSPACE}/ci/runtimes-digest-updater.sh" | |
| bash ${GITHUB_WORKSPACE}/ci/runtimes-digest-updater.sh ${{ env.TAG_VERSION }} ${{ env.USER_HASH }} | |
| - name: Commit the changes | |
| run: | | |
| if [[ $(git status --porcelain | wc -l) -gt 0 ]]; then | |
| git fetch origin "${{ env.TMP_BRANCH }}" && \ | |
| git pull origin "${{ env.TMP_BRANCH }}" && \ | |
| git add "manifests/base/runtime-*" && \ | |
| git commit -m "Update file via ${{ env.TMP_BRANCH }} GitHub action" && \ | |
| git push origin "${{ env.TMP_BRANCH }}" | |
| else | |
| echo "There were no changes detected in the images for the ${{ env.BRANCH_NAME }}" | |
| fi | |
| open-pull-request: | |
| needs: [update-runtimes] | |
| runs-on: ubuntu-latest | |
| permissions: | |
| pull-requests: write | |
| steps: | |
| - name: Checkout repo | |
| uses: actions/checkout@v4 | |
| - name: Read skipped files (if any) | |
| id: skipped-files | |
| run: | | |
| if [[ -f "${GITHUB_WORKSPACE}/skipped_files.txt" && -s "${GITHUB_WORKSPACE}/skipped_files.txt" ]]; then | |
| echo "### Skipped Files" >> pr_body.txt | |
| echo "Some files were skipped during the update process due to missing tags in the registry:" >> pr_body.txt | |
| cat ${GITHUB_WORKSPACE}/skipped_files.txt >> pr_body.txt | |
| echo "" >> pr_body.txt | |
| fi | |
| - name: Generate PR Body | |
| run: | | |
| echo ":rocket: This is an automated Pull Request." > full_pr_body.txt | |
| echo "Created by \`/.github/workflows/runtimes-digest-updater-upstream.yaml\`" >> full_pr_body.txt | |
| echo "" >> full_pr_body.txt | |
| if [[ -f "pr_body.txt" ]]; then cat pr_body.txt >> full_pr_body.txt; fi | |
| echo ":exclamation: **IMPORTANT NOTE**: Remember to delete the \`${{ env.TMP_BRANCH }}\` branch after merging the changes" >> full_pr_body.txt | |
| - name: pull-request | |
| uses: repo-sync/pull-request@v2 | |
| with: | |
| source_branch: ${{ env.TMP_BRANCH }} | |
| destination_branch: ${{ env.BRANCH_NAME }} | |
| github_token: ${{ secrets.GITHUB_TOKEN }} | |
| pr_label: "automated pr" | |
| pr_title: "[Digest Updater Action] Update Runtime ImageStreams" | |
| pr_body_path: full_pr_body.txt |