Bitnami/containers
2
0
Fork 0
mirror of https://github.com/bitnami/containers.git synced 2026-03-14 06:48:11 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
21833f568e1224cbf3ebc509f72940fea7f1d813
containers/.github/workflows/ci-automated-pipeline.yaml
Fran Mulero d7e65e2456 [bitnami/*] Move failed automated PRs into Support Dashboard (#4693) 
* Set explicitily the issue-number

Signed-off-by: Fran Mulero <fmulero@vmware.com>

* Set explicitily the issue-number

Signed-off-by: Fran Mulero <fmulero@vmware.com>

Signed-off-by: Fran Mulero <fmulero@vmware.com>
2022-08-31 16:57:39 +02:00

153 lines
6.5 KiB
YAML
Raw Blame History

This file contains invisible Unicode characters
This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
name: '[CI/CD] CI Pipeline for automated PRs'
on: # Triggered only on open PR events done by bitnami-bot on containers folders
pull_request_target:
types:
- opened
branches:
- main
- bitnami:main
paths:
- 'bitnami/**'
env:
CSP_API_URL: https://console.cloud.vmware.com
CSP_API_TOKEN: ${{ secrets.CSP_API_TOKEN }}
VIB_PUBLIC_URL: https://cp.bromelia.vmware.com
jobs:
auto-pr-triage:
runs-on: ubuntu-latest
name: Triage for automated PRs
if: |
contains(github.event.pull_request.title, 'Release') &&
github.actor == 'bitnami-bot'
steps:
# Enables auto-merge and adds necessary labels for automated releases' PRs
- id: labeling
name: Label PR
uses: andymckay/labeler@1.0.4
with:
repo-token: "${{ secrets.GITHUB_TOKEN }}"
add-labels: "verify, auto-merge"
- id: auto-merge
name: Enable auto-merge
run: |
curl --request POST \
--url https://api.github.com/graphql \
--header 'authorization: Bearer ${{ secrets.BITNAMI_BOT_TOKEN }}' \
--data '{
"query": "mutation { enablePullRequestAutoMerge(input: {pullRequestId: \"${{ github.event.pull_request.node_id }}\", mergeMethod: SQUASH}) { clientMutationId }}"
}' \
--fail
get-container:
runs-on: ubuntu-latest
name: Get modified containers
needs: auto-pr-triage
outputs:
container: ${{ steps.get-container.outputs.container }}
path: ${{ steps.get-container.outputs.path }}
steps:
- id: get-container
name: Get modified containers
run: |
# Using the Github API to detect the files changed as git merge-base stops working when the branch is behind
# and jitterbit/get-changed-files does not support pull_request_target
URL="https://api.github.com/repos/${{ github.repository }}/pulls/${{ github.event.pull_request.number }}/files"
files_changed_data=$(curl -s --header 'authorization: Bearer ${{ secrets.GITHUB_TOKEN }}' -X GET -G "$URL")
files_changed="$(echo $files_changed_data | jq -r '.[] | .filename')"
# Adding || true to avoid "Process exited with code 1" errors
containers_dirs_changed="$(echo "$files_changed" | xargs dirname | grep -o "^bitnami/[^/]*" | sort | uniq || true)"
flavors=($(echo "$files_changed" | xargs dirname | grep -o "^bitnami/[^/]*/[^/]*/[^/]*" | sort | uniq || true))
container_name=$(echo "$containers_dirs_changed" | sed "s|bitnami/||g")
if [[ "${#flavors[@]}" -eq "1" ]]; then
# Changes done in only one container -> OK
echo "::set-output name=container::${container_name}"
echo "::set-output name=path::${flavors[0]}"
else
# No changes detected or there are changes done in more than one container -> FAIL. It doesn't make sense in automated PRs.
echo -e "No changes detected or there are changes done in more than one container:\n${containers_dirs_changed}\n. The rest of the tests will be skipped."
exit 1
fi
vib-verify:
runs-on: ubuntu-latest
needs: get-container
name: Verify
steps:
- uses: actions/checkout@v3
name: Checkout Repository
with:
# Required to search the latest commit with the tag
fetch-depth: 1
# labeled events trigger the event with the latest commit in main
ref: ${{ github.event.pull_request.head.ref }}
repository: ${{ github.event.pull_request.head.repo.full_name }}
- id: get-tag
name: Get latest image tag
run: |
# Now EAM commits has the following format "[bitnami/<container>] Release <tag>"
tag="$(grep -oE "org.opencontainers.image.ref.name=\".+\"" ${{ needs.get-container.outputs.path }}/Dockerfile | sed -nr "s|org.opencontainers.image.ref.name=\"(.+)\"|\1|p")"
if [[ -z "${tag}" ]]; then
echo "No tag found for: ${{ needs.get-container.outputs.path }}"
exit 1
else
echo "::set-output name=tag::${tag}"
fi
- uses: vmware-labs/vmware-image-builder-action@main
name: Verify
with:
pipeline: vib-verify.json
env:
# Path with docker resources
VIB_ENV_PATH: ${{ needs.get-container.outputs.path }}
# Container name
VIB_ENV_CONTAINER: ${{ needs.get-container.outputs.container }}
VIB_ENV_TAG: ${{ steps.get-tag.outputs.tag }}
auto-pr-review:
runs-on: ubuntu-latest
needs: vib-verify
name: Reviewal for automated PRs
if: |
always() &&
github.actor == 'bitnami-bot'
steps:
# Approves the CI's PR if the 'VIB Verify' job succeeded
# Approved by the 'github-actions' user. A PR can't be approved by its author
- name: Approval
if: ${{ needs.vib-verify.result == 'success' }}
run: |
curl --request POST \
--url https://api.github.com/repos/${{ github.repository }}/pulls/${{ github.event.pull_request.number }}/reviews \
--header 'authorization: Bearer ${{ secrets.GITHUB_TOKEN }}' \
--header 'content-type: application/json' \
--data '{
"event": "APPROVE"
}' \
--fail
- name: Manual review required
if: ${{ needs.vib-verify.result != 'success' }}
run: |
curl --request POST \
--url https://api.github.com/repos/${{ github.repository }}/issues/${{ github.event.pull_request.number }}/comments \
--header 'authorization: Bearer ${{ secrets.GITHUB_TOKEN }}' \
--header 'content-type: application/json' \
--data '{
"body": "There has been an error during the automated release process. Manual revision is now required."
}' \
--fail
- name: Assign to a person to work on it
if: ${{ needs.vib-verify.result != 'success' }}
uses: pozil/auto-assign-issue@v1.9.0
with:
numOfAssignee: 1
removePreviousAssignees: true
teams: build-maintainers
repo-token: "${{ secrets.BITNAMI_BOT_TOKEN }}"
- name: Move into From Bitnami
uses: peter-evans/create-or-update-project-card@v2
if: ${{ needs.vib-verify.result != 'success' }}
with:
project-name: Support
column-name: From Bitnami
token: "${{ secrets.GITHUB_TOKEN }}"
# The action by default uses github.event.issue.number but PRs don't have that field
issue-number: ${{ github.event.number }}
Reference in New Issue View Git Blame Copy Permalink