From b7ed0a2dd69b920edde6981f26b951d6da1337cd Mon Sep 17 00:00:00 2001 From: Sagar Paul Date: Thu, 11 May 2023 15:37:56 +0530 Subject: [PATCH] enable push action (#256) * enable push action * add token refresh --- .github/workflows/push.yml | 107 ++++++++++++++++++++++++++++ .github/workflows/token_refresh.yml | 17 +++++ 2 files changed, 124 insertions(+) create mode 100644 .github/workflows/push.yml create mode 100644 .github/workflows/token_refresh.yml diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml new file mode 100644 index 0000000..5a5cec6 --- /dev/null +++ b/.github/workflows/push.yml @@ -0,0 +1,107 @@ +# push workflow is shared and expected to perform actions after a merge happens +# on a maintenance branch (default or release). For example updating the +# draft release-notes. +# based on great work from +# https://github.com/T-Systems-MMS/ansible-collection-icinga-director +name: push + +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} + cancel-in-progress: true + +on: + push: + # branches to consider in the event; optional, defaults to all + branches: + - main + - 'releases/**' + - 'stable/**' + # Prevent a 2nd run after the changelog is updated + paths-ignore: + - CHANGELOG.rst + - changelogs/changelog.yaml + +env: + NAMESPACE: ansible + COLLECTION_NAME: utils + ANSIBLE_COLLECTIONS_PATHS: ./ + +jobs: + update_release_draft: + runs-on: ubuntu-22.04 + environment: push + steps: + - uses: actions/checkout@v3.5.0 + with: + repository: ansible-collections/ansible.utils + fetch-depth: 0 + token: ${{ secrets.BOT_PAT }} + + - name: Set up Python + uses: actions/setup-python@v4 + with: + python-version: "3.10" + + - name: Install antsibull-changelog, antsichaut + run: > + python -m pip install + antsibull-changelog + git+https://github.com/ansible-community/antsichaut.git + pre-commit + --disable-pip-version-check + + - name: Run release drafter + id: release_drafter + uses: release-drafter/release-drafter@v5 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + - name: Remove the v prefix from the release drafter version + run: | + VERSION=${{ steps.release_drafter.outputs.tag_name }} + echo "VERSION=${VERSION#v}" >> $GITHUB_ENV + + - name: Generate new version in changelog.yaml + run: antsibull-changelog release -v --version "${{ env.VERSION }}" + + - name: 'Get Previous tag' + id: previoustag + uses: "WyriHaximus/github-action-get-previous-tag@master" + env: + GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" + + - name: Generate changelog.yaml + run: antsichaut + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + SINCE_VERSION: "${{ steps.previoustag.outputs.tag }}" + + - name: Update Changelog.rst + run: antsibull-changelog generate -v + + - name: Cleanup as needed using prettier + run: pre-commit run prettier --all-files + continue-on-error: true + + - name: Update the glaxay.yml version if needed + run: pre-commit run autoversion --all-files + continue-on-error: true + + - name: Determine if a PR is necessary + run: git diff --no-ext-diff --quiet --exit-code + continue-on-error: true + id: pr_check + + - name: Create PR for changelog + run: | + git config user.name "Ansible Bot" + git config user.email devtools@ansible.com + git checkout -t -b ${{ env.BRANCH_NAME }} + git add . + git commit -m "Changelog updated" + git push origin ${{ env.BRANCH_NAME }} + gh pr create --title "Changelog updated" --body "Changelog updated" --base main + if: steps.pr_check.outcome == 'failure' + env: + GH_TOKEN: ${{ secrets.BOT_PAT }} + BRANCH_NAME: chore-${{ github.workflow }}-${{ github.run_number }} diff --git a/.github/workflows/token_refresh.yml b/.github/workflows/token_refresh.yml new file mode 100644 index 0000000..7a818d1 --- /dev/null +++ b/.github/workflows/token_refresh.yml @@ -0,0 +1,17 @@ +on: + schedule: + - cron: '0 0 * * *' + workflow_dispatch: + +jobs: + refresh: + runs-on: ubuntu-latest + environment: ah + steps: + - name: Refresh to AH token + run: >- + curl https://sso.redhat.com/auth/realms/redhat-external/protocol/openid-connect/token + -d grant_type=refresh_token + -d client_id=cloud-services + -d refresh_token="${{ secrets.AH_TOKEN }}" + --fail --silent --show-error --output /dev/null