Manual backport of CE-654 - TLS Encryption docs + CE-713 - Gossip Encryption key rotation (#21509) into release/1.20.x #9484
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Copyright (c) HashiCorp, Inc. | |
# SPDX-License-Identifier: MPL-2.0 | |
on: | |
pull_request_target: | |
types: [opened, closed, reopened] | |
workflow_dispatch: | |
name: Jira Community PR Sync | |
jobs: | |
sync: | |
runs-on: ubuntu-latest | |
name: Jira sync | |
steps: | |
- name: Login | |
uses: atlassian/gajira-login@45fd029b9f1d6d8926c6f04175aa80c0e42c9026 # v3.0.1 | |
env: | |
JIRA_BASE_URL: ${{ secrets.JIRA_BASE_URL }} | |
JIRA_USER_EMAIL: ${{ secrets.JIRA_USER_EMAIL }} | |
JIRA_API_TOKEN: ${{ secrets.JIRA_API_TOKEN }} | |
- name: Set ticket type | |
id: set-ticket-type | |
run: | | |
echo "TYPE=GH Issue" >> $GITHUB_OUTPUT | |
- name: Set ticket labels | |
if: github.event.action == 'opened' | |
id: set-ticket-labels | |
run: | | |
LABELS="[" | |
if [[ "${{ contains(github.event.issue.labels.*.name, 'type/bug') }}" == "true" ]]; then LABELS+="\"type/bug\", "; fi | |
if [[ "${{ contains(github.event.issue.labels.*.name, 'type/enhancement') }}" == "true" ]]; then LABELS+="\"type/enhancement\", "; fi | |
if [[ ${#LABELS} != 1 ]]; then LABELS=${LABELS::-2}"]"; else LABELS+="]"; fi | |
echo "LABELS=${LABELS}" >> $GITHUB_OUTPUT | |
- name: Check if team member | |
if: github.event.action == 'opened' | |
id: is-team-member | |
run: | | |
TEAM=consul | |
ROLE="$(gh api orgs/hashicorp/teams/${TEAM}/memberships/${{ github.actor }} | jq -r '.role | select(.!=null)')" | |
if [[ -n ${ROLE} ]]; then | |
echo "Actor ${{ github.actor }} is a ${TEAM} team member" | |
echo "MESSAGE=true" >> $GITHUB_OUTPUT | |
elif [[ "${{ contains(github.actor, 'hc-github-team-consul-core') }}" == "true" ]]; then | |
echo "Actor ${{ github.actor }} is a ${TEAM} team member" | |
echo "MESSAGE=true" >> $GITHUB_OUTPUT | |
elif [[ "${{ contains(github.actor, 'dependabot') }}" == "true" ]]; then | |
echo "Actor ${{ github.actor }} is a ${TEAM} team member" | |
echo "MESSAGE=true" >> $GITHUB_OUTPUT | |
else | |
echo "Actor ${{ github.actor }} is NOT a ${TEAM} team member" | |
echo "MESSAGE=false" >> $GITHUB_OUTPUT | |
fi | |
env: | |
GITHUB_TOKEN: ${{ secrets.JIRA_SYNC_GITHUB_TOKEN }} | |
- name: Create ticket if an issue is filed, or if PR not by a team member is opened | |
if: ( github.event.action == 'opened' && steps.is-team-member.outputs.MESSAGE == 'false' ) | |
uses: tomhjp/gh-action-jira-create@3ed1789cad3521292e591a7cfa703215ec1348bf # v0.2.1 | |
with: | |
project: NET | |
issuetype: "${{ steps.set-ticket-type.outputs.TYPE }}" | |
summary: "${{ github.event.repository.name }} [${{ steps.set-ticket-type.outputs.TYPE }} #${{ github.event.pull_request.number }}]: ${{ github.event.pull_request.title }}" | |
description: "${{ github.event.issue.body || github.event.pull_request.body }}\n\n_Created in GitHub by ${{ github.actor }}._" | |
# customfield_10089 is "Issue Link", customfield_10371 is "Source" (use JIRA API to retrieve) | |
extraFields: '{ "customfield_10089": "${{ github.event.pull_request.html_url }}", | |
"customfield_10371": { "value": "GitHub" }, | |
"components": [{ "name": "${{ github.event.repository.name }}" }], | |
"labels": ${{ steps.set-ticket-labels.outputs.LABELS }} }' | |
env: | |
JIRA_BASE_URL: ${{ secrets.JIRA_BASE_URL }} | |
JIRA_USER_EMAIL: ${{ secrets.JIRA_USER_EMAIL }} | |
JIRA_API_TOKEN: ${{ secrets.JIRA_API_TOKEN }} | |
# Education Jira | |
- name: Create ticket in Education board an issue is filed, or if PR not by a team member is opened | |
if: github.event.action == 'opened' && steps.is-team-member.outputs.MESSAGE == 'false' && contains(github.event.issue.labels.*.name, 'type/docs') | |
uses: tomhjp/gh-action-jira-create@3ed1789cad3521292e591a7cfa703215ec1348bf # v0.2.1 | |
with: | |
project: CE | |
issuetype: "${{ steps.set-ticket-type.outputs.TYPE }}" | |
summary: "${{ github.event.repository.name }} [${{ steps.set-ticket-type.outputs.TYPE }} #${{ github.event.pull_request.number }}]: ${{ github.event.pull_request.title }}" | |
description: "GitHub URL: ${{ github.event.issue.html_url || github.event.pull_request.html_url }}\n\n${{ github.event.issue.body || github.event.pull_request.body }}\n\n_Created in GitHub by ${{ github.actor }}._" | |
# customfield_10089 is "Issue Link", customfield_10371 is "Source" (use JIRA API to retrieve) | |
extraFields: '{ "components": [{ "name": "${{ github.event.repository.name }}" }] }' | |
- name: Search | |
if: github.event.action != 'opened' | |
id: search | |
uses: tomhjp/gh-action-jira-search@04700b457f317c3e341ce90da5a3ff4ce058f2fa # v0.2.2 | |
with: | |
# cf[10089] is Issue Link (use JIRA API to retrieve) | |
jql: 'issuetype = "${{ steps.set-ticket-type.outputs.TYPE }}" and cf[10089] = "${{ github.event.issue.html_url || github.event.pull_request.html_url }}"' | |
- name: Sync comment | |
if: github.event.action == 'created' && steps.search.outputs.issue | |
uses: tomhjp/gh-action-jira-comment@6eb6b9ead70221916b6badd118c24535ed220bd9 # v0.2.0 | |
with: | |
issue: ${{ steps.search.outputs.issue }} | |
comment: "${{ github.actor }} ${{ github.event.review.state || 'commented' }}:\n\n${{ github.event.comment.body || github.event.review.body }}\n\n${{ github.event.comment.html_url || github.event.review.html_url }}" | |
- name: Close ticket | |
if: ( github.event.action == 'closed' || github.event.action == 'deleted' ) && steps.search.outputs.issue | |
uses: atlassian/gajira-transition@38fc9cd61b03d6a53dd35fcccda172fe04b36de3 # v3.0.1 | |
with: | |
issue: ${{ steps.search.outputs.issue }} | |
transition: "Closed" | |
- name: Reopen ticket | |
if: github.event.action == 'reopened' && steps.search.outputs.issue | |
uses: atlassian/gajira-transition@38fc9cd61b03d6a53dd35fcccda172fe04b36de3 # v3.0.1 | |
with: | |
issue: ${{ steps.search.outputs.issue }} | |
transition: "To Do" |