Update component submodules on main branch #2
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Bump component submodules to latest main | |
on: | |
workflow_dispatch: | |
inputs: | |
bump-app: | |
description: Bump the app submodule | |
type: boolean | |
default: false | |
bump-tenant-manager: | |
description: Bump the tenant manager submodule | |
type: boolean | |
default: false | |
jobs: | |
update_submodules: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Sanity check | |
if: github.ref != 'refs/heads/main' | |
run: | | |
echo "This workflow updates only the main branch." | |
exit 1 | |
- name: Checkout repository | |
uses: actions/checkout@v3 | |
with: | |
submodules: false | |
persist-credentials: false | |
- name: Generate a token | |
id: generate_token | |
uses: actions/create-github-app-token@v1 | |
with: | |
app-id: ${{ vars.TENZIR_AUTOBUMPER_APP_ID }} | |
private-key: ${{ secrets.TENZIR_AUTOBUMPER_APP_PRIVATE_KEY }} | |
owner: ${{ github.repository_owner }} | |
- uses: crazy-max/ghaction-import-gpg@v6 | |
with: | |
gpg_private_key: ${{ secrets.TENZIR_BOT_GPG_SIGNING_KEY }} | |
git_user_signingkey: true | |
git_commit_gpgsign: true | |
- name: Prepare git push | |
env: | |
GITHUB_APP_TOKEN: ${{ steps.generate_token.outputs.token }} | |
run: | | |
git config --global user.name 'tenzir-bot' | |
git config --global user.email '[email protected]' | |
git remote set-url origin https://x-access-token:[email protected]/tenzir/platform.git | |
- name: Configure ssh-agent for app submodule | |
uses: webfactory/[email protected] | |
with: | |
ssh-private-key: ${{ secrets.TENZIR_APP_DEPLOY_KEY }} | |
- name: Update app submodule | |
if: ${{ inputs.bump-app }} | |
run: | | |
git submodule update --init components/app | |
current_sha=$(git -C components/app rev-parse HEAD) | |
current_sha_short=$(git -C components/app rev-parse --short HEAD) | |
upstream_sha=$(git -C components/app rev-parse origin/main) | |
upstream_sha_short=$(git -C components/app rev-parse --short origin/main) | |
if [ ${current_sha} != ${upstream_sha} ]; then | |
# Collect all files in the `changelog` directory that | |
# were added since the last bump. | |
names=$(git -C components/app diff --name-status HEAD origin/main -- changelog/ | grep '^A' | awk '{print $2}') | |
echo -e "Bump app component from ${current_sha_short} to ${upstream_sha_short}\n\nChanges:\n" > commitmsg | |
ls -la . | |
ls -la components/app/changelog | |
for name in ${names}; do | |
cat components/app/${name} >> commitmsg | |
done | |
git -C components/app checkout main | |
git add components/app | |
git commit -F commitmsg | |
git push -u origin main:main | |
fi | |
- name: Configure ssh-agent for tenant-manager submodule | |
uses: webfactory/[email protected] | |
with: | |
ssh-private-key: ${{ secrets.TENZIR_EVENT_HORIZON_DEPLOY_KEY }} | |
- name: Update tenant-manager submodule | |
if: ${{ inputs.bump-tenant-manager }} | |
run: | | |
git submodule update --init components/tenant-manager | |
current_sha=$(git -C components/tenant-manager rev-parse main) | |
current_sha_short=$(git -C components/app rev-parse --short HEAD) | |
upstream_sha=$(git -C components/tenant-manager rev-parse origin/main) | |
upstream_sha_short=$(git -C components/app rev-parse --short origin/main) | |
if [ ${current_sha} != ${upstream_sha} ]; then | |
names=$(git -C components/tenant-manager diff --name-status HEAD origin/main -- changelog/ | grep '^A' | awk '{print $2}') | |
echo -e "Bump tenant-manager component from ${current_sha_short} to ${upstream_sha_short}\n\nChanges:\n" > commitmsg | |
for name in ${names}; do | |
cat components/tenant-manager/${name} >> commitmsg | |
done | |
git -C components/tenant-manager rebase origin/main | |
git add components/tenant-manager | |
git commit -F commitmsg | |
git push -u origin main:main | |
fi | |