try GITHUB_TOKEN #16
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Update Workflow Files Across Repos | |
| on: | |
| push: | |
| branches: [main] | |
| workflow_dispatch: | |
| jobs: | |
| changesets: | |
| name: Changesets | |
| runs-on: ubuntu-latest | |
| outputs: | |
| hasChangesets: ${{ steps.changesets.outputs.hasChangesets }} | |
| permissions: | |
| contents: write | |
| pull-requests: write | |
| steps: | |
| - name: Checkout Repo | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Setup PNPM | |
| uses: pnpm/action-setup@v3 | |
| - name: Setup Node | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: 20 | |
| cache: "pnpm" | |
| - name: Install Dependencies | |
| run: pnpm i | |
| - name: Create Release Pull Request | |
| id: changesets | |
| uses: changesets/action@v1 | |
| with: | |
| commit: "[ci] release" | |
| title: "[ci] release" | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.PUBLIC_GITHUB_TOKEN }} | |
| sync-workflows: | |
| runs-on: ubuntu-latest | |
| needs: changesets | |
| if: (needs.changesets.outputs.hasChangesets == 'false' && (contains(github.event.head_commit.message, 'deploy') || contains(github.event.head_commit.message, '[ci] release'))) || github.event_name == 'workflow_dispatch' | |
| steps: | |
| # Step 1: Checkout current repository | |
| - name: Checkout current repository | |
| uses: actions/checkout@v3 | |
| # Step 2: Install jq for JSON parsing | |
| - name: Install jq | |
| run: sudo apt-get install -y jq | |
| # Step 4: Sync workflows to target repositories | |
| - name: Update workflows in target repositories | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| echo "Starting workflow sync..." | |
| git config --global user.name "github-actions[bot]" | |
| git config --global user.email "github-actions[bot]@users.noreply.github.com" | |
| repos=$(jq -c '.repositories[]' repos.json) | |
| for repo_config in $repos; do | |
| repo_name=$(echo "$repo_config" | jq -r '.name') | |
| echo "Processing repository: $repo_name" | |
| # Clone the target repository | |
| echo "Cloning repository $repo_name..." | |
| git clone --depth 1 "https://x-access-token:${GH_TOKEN}@github.com/${repo_name}.git" target-repo | |
| cd target-repo | |
| # Create or switch to the branch | |
| branch_name="update-workflows" | |
| echo "Creating branch $branch_name..." | |
| git checkout -b "$branch_name" || git checkout "$branch_name" | |
| # Sync specified workflow files | |
| for file_config in $(jq -c '.files[]' <<<"$repo_config"); do | |
| src_file=$(echo "$file_config" | jq -r '.path') | |
| dest_file=$(echo "$file_config" | jq -r '.targetPath') | |
| echo "Processing file: $src_file" | |
| # Check if the file exists in the workflow-files directory | |
| if [ ! -f "../$src_file" ]; then | |
| echo "Warning: File $src_file not found in /workflow-files." | |
| continue | |
| fi | |
| # Prepare the destination directory | |
| mkdir -p "$(dirname "$dest_file")" | |
| # Handle dynamic content replacement if "props" is specified | |
| props=$(echo "$file_config" | jq -c '.props // empty') | |
| if [ -n "$props" ]; then | |
| echo "Applying dynamic replacements for $src_file..." | |
| temp_file=$(mktemp) | |
| cp "../$src_file" "$temp_file" | |
| # Replace placeholders with their respective values from props | |
| for key in $(echo "$props" | jq -r 'keys[]'); do | |
| value=$(echo "$props" | jq -r --arg key "$key" '.[$key]') | |
| placeholder="<%= $key %>" | |
| echo "Replacing $placeholder with $value in $src_file..." | |
| sed -i "s|$placeholder|$value|g" "$temp_file" | |
| done | |
| # Move the processed file to the target location | |
| mv "$temp_file" "$dest_file" | |
| else | |
| # If no props, copy the file directly | |
| cp "../$src_file" "$dest_file" | |
| fi | |
| done | |
| # Commit and push changes if any | |
| echo "Checking for changes..." | |
| git add .github/workflows/ | |
| if git diff --cached --quiet; then | |
| echo "No changes detected for $repo_name." | |
| else | |
| echo "Committing and pushing changes for $repo_name..." | |
| git commit -m "Update GitHub workflow files" | |
| git push --force origin "$branch_name" | |
| # Check for existing pull request | |
| echo "Checking for an open PR for branch $branch_name..." | |
| existing_pr=$(gh pr list --base main --head "$branch_name" --json number --jq '.[0].number') | |
| if [ -n "$existing_pr" ]; then | |
| echo "Found existing PR #$existing_pr. Updating it..." | |
| gh pr comment "$existing_pr" --body "The branch has been updated with the latest changes." | |
| else | |
| echo "No existing PR found. Creating a new one..." | |
| gh pr create \ | |
| --base main \ | |
| --head "$branch_name" \ | |
| --title "Sync workflow files" \ | |
| --body "This PR syncs the specified GitHub workflow files from the central repository." | |
| fi | |
| fi | |
| # Cleanup | |
| cd .. | |
| echo "Cleaning up repository clone for $repo_name..." | |
| rm -rf target-repo | |
| done |