[bitnami/*] Fix issues in automated PRs modified by readme generator (#12654)

* Fix issues in automated PRs modifed by readme generator
* Add missing permissions

Signed-off-by: Fran Mulero <fmulero@vmware.com>
This commit is contained in:
Fran Mulero
2022-10-06 10:15:28 +02:00
committed by GitHub
parent 23320a4427
commit 008115ccf5
3 changed files with 29 additions and 22 deletions

View File

@@ -9,6 +9,9 @@ on: # rebuild any PRs and main branch changes
branches:
- master
- bitnami:master
permissions:
issues: write
pull-requests: write
env:
CSP_API_URL: https://console.cloud.vmware.com
CSP_API_TOKEN: ${{ secrets.CSP_API_TOKEN }}
@@ -28,12 +31,6 @@ jobs:
- id: get-chart
name: Get modified charts
run: |
# Check latest commit to skip pipeline if it contains changes from 'update-readme-metadata' action
# TODO: remove logic and related conditional once the readme generator logic is included in the CI
COMMIT_URL="https://api.github.com/repos/${{ github.repository }}/commits/${{ github.event.pull_request.head.ref }}"
latest_commit_data=$(curl -s --header 'authorization: Bearer ${{ secrets.GITHUB_TOKEN }}' -X GET -G "$COMMIT_URL")
latest_commit_message=$(echo $latest_commit_data | jq -r '.commit | .message')
# Using the Github API to detect the files changed as git merge-base stops working when the branch is behind
# and jitterbit/get-changed-files does not support pull_request_target
PR_URL="https://api.github.com/repos/${{ github.repository }}/pulls/${{ github.event.pull_request.number }}/files"
@@ -53,9 +50,6 @@ jobs:
# Changes done in charts but version not bumped -> ERROR
echo "::set-output name=error::Detected changes in charts without version bump in Chart.yaml.\nCharts changed: ${num_charts_changed}\n${charts_dirs_changed}\nVersion bumps detected: ${num_version_bumps}"
echo "::set-output name=result::fail"
elif [[ ${{ github.actor }} == "bitnami-bot" && ${{ github.event.action }} == "synchronize" && "$latest_commit_message" == *"readme-generator-for-helm"* ]]; then
# The CI was launched by the readme generator workflow
echo "::set-output name=result::skip"
elif [[ "$num_charts_changed" -eq "1" ]]; then
# Changes done in only one chart -> OK
chart_name=$(echo "$charts_dirs_changed" | sed "s|bitnami/||g")
@@ -73,7 +67,7 @@ jobs:
echo "::set-output name=result::skip"
else
# Changes done in more than chart -> SKIP
echo -e "::set-output name=error::Changes detected in more than one chart directory:\n${charts_dirs_changed}\nIt is strongly advised to change only one chart in a PR. The rest of the tests will be skipped."
echo "::set-output name=error::Changes detected in more than one chart directory:\n${charts_dirs_changed}\nIt is strongly advised to change only one chart in a PR. The rest of the tests will be skipped."
echo "::set-output name=result::skip"
fi
# Using actions/github-scripts because using exit 1 in the script above would not provide any output
@@ -91,14 +85,11 @@ jobs:
# Given performance issues of the action feature on GH's side, we need to be very restrictive in the job's triggers:
# -> The 'Get modified charts' job suceededs AND
# ( ---> The pipeline was triggered due to a label addition and said label was the 'verify' one OR
# ---> The pipeline was NOT triggered due to a label addition but the PR already contains the 'verify' one OR
# ---> The pipeline was triggered for a new automated PR )
# ---> the PR already contains the 'verify' label )
if: |
needs.get-chart.outputs.result == 'ok' &&
(
(github.event.action == 'labeled' && github.event.label.name == 'verify') ||
(github.event.action != 'labeled' && contains(github.event.pull_request.labels.*.name, 'verify')) ||
(contains(github.event.pull_request.title, 'Release') && github.event.action == 'opened' && github.actor == 'bitnami-bot')
contains(github.event.pull_request.labels.*.name, 'verify') || (github.event.action == 'labeled' && github.event.label.name == 'verify')
)
name: VIB Verify
steps:
@@ -123,7 +114,7 @@ jobs:
# Job to be run only when the triage for automated PRs did as well,
# not taking into account whether 'VIB Verify' succeeded
if: |
always() && github.event.action == 'labeled' &&
always() &&
contains(github.event.pull_request.labels.*.name, 'auto-merge') &&
github.event.pull_request.user.login == 'bitnami-bot'
steps:

View File

@@ -6,7 +6,8 @@ on:
- master
paths:
- 'bitnami/*/values.yaml'
permissions:
contents: write
jobs:
update-readme-metadata:
runs-on: ubuntu-latest
@@ -39,8 +40,7 @@ jobs:
ref: ${{github.event.pull_request.head.ref}}
repository: ${{github.event.pull_request.head.repo.full_name}}
path: charts
token: ${{ secrets.BITNAMI_BOT_TOKEN }}
token: ${{ github.actor == 'bitnami-bot' && secrets.GITHUB_TOKEN || secrets.BITNAMI_BOT_TOKEN }}
- name: Execute readme-generator-for-helm
run: |
# Using the Github API to detect the files changed as git merge-base stops working when the branch is behind

View File

@@ -17,6 +17,7 @@ jobs:
author: ${{ steps.get-issue-step.outputs.author }}
type: ${{ steps.get-issue-step.outputs.type }}
draft: ${{ steps.get-issue-step.outputs.draft }}
number: ${{ steps.get-issue-step.outputs.number }}
steps:
- name: Get issue info
id: get-issue-step
@@ -26,6 +27,7 @@ jobs:
author="$(echo $issue_info | jq -r '.user.login')"
pull_request="$(echo $issue_info | jq -r '.pull_request')"
draft="$(echo $issue_info | jq -r '.draft' | sed -r "s|null|false|g")"
number="$(echo $issue_info | jq -r '.number')"
type="pull_request"
if [[ "${pull_request}" == "null" ]]; then
type="issue"
@@ -34,6 +36,7 @@ jobs:
echo "::set-output name=author::${author}"
echo "::set-output name=type::${type}"
echo "::set-output name=draft::${draft}"
echo "::set-output name=number::${number}"
label-card:
runs-on: ubuntu-latest
needs:
@@ -63,14 +66,27 @@ jobs:
remove-labels: on-hold, in-progress, triage, solved
- name: Verify labeling
# Only if moved into bitnami column and the PR is ready for review
# This step uses a github-script to add the label intentionally.
# Consecutive calls to andymckay/labeler@1.0.4 can remove previous assigned labels, see https://github.com/andymckay/labeler/issues/40
if: |
github.event.project_card.column_id == env.BITNAMI_COLUMN_ID &&
needs.get-issue.outputs.type == 'pull_request' && needs.get-issue.outputs.draft == 'false'
uses: andymckay/labeler@1.0.4
uses: actions/github-script@v6
with:
add-labels: verify
# Required to trigger CI workflow
repo-token: ${{ secrets.BITNAMI_BOT_TOKEN }}
github-token: ${{ secrets.BITNAMI_BOT_TOKEN }}
script: |
try {
await github.rest.issues.addLabels({
owner: context.payload.repository.owner.login,
repo: context.payload.repository.name,
issue_number: ${{ needs.get-issue.outputs.number }},
labels: ['verify']
})
core.info(`Updated labels in ${{ needs.get-issue.outputs.number }}. Added: 'verify'`)
} catch (error) {
core.setFailed(error.message)
}
- name: Build Maintenance labeling
if: ${{ github.event.project_card.column_id == env.BUILD_MAINTENANCE_COLUMN_ID }}
uses: andymckay/labeler@1.0.4