-
Notifications
You must be signed in to change notification settings - Fork 0
179 lines (174 loc) · 5.44 KB
/
repo-creation.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
name: Create New Repo
on:
workflow_call:
inputs:
project_name:
description: "Project Name"
required: true
type: string
team_slug:
description: "Team Slug To Grant Access"
required: false
type: string
repo_name:
description: "Repo Name"
required: true
type: string
visibility:
description: "Repo Visibility"
required: true
type: string
language:
description: "Language Template"
required: true
type: string
topics:
description: "Comma-separated list of topics"
required: false
type: string
outputs:
repo_url:
description: "The URL of the created repo"
value: ${{ jobs.create-repo.outputs.repo_url }}
workflow_dispatch:
inputs:
project_name:
description: "Project Name"
required: true
type: string
default: "TestProject"
team_slug:
description: "Team Slug To Grant Access"
required: false
type: string
repo_name:
description: "Repo Name"
required: true
type: string
default: "TestCompany-TestTeam-TestProject"
visibility:
description: "Repo Visibility"
required: true
type: choice
options:
- public
- internal
- private
default: "public"
# TODO: make type choice and create workflow updating this on changes to the language directory
language:
description: "Language Template"
required: true
type: string
default: "terraform"
topics:
description: "Comma-separated list of topics"
required: false
type: string
permissions:
actions: write
contents: read
issues: write
env:
DEFAULT_BRANCH: main
REPO_NAME: ${{ inputs.repo_name }}
REPO_OWNER: ${{ vars.ORGANIZATION }}
PROJECT_NAME: ${{ inputs.project_name }}
LANGUAGE: ${{ inputs.language }}
VISIBILITY: ${{ inputs.visibility }}
jobs:
cache-templates:
name: "Cache Templates"
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Cache Template Files
id: cache-files
uses: actions/cache@v3
with:
path: |
./.github/actions
./templates
key: ${{ github.run_id }}
create-repo:
needs:
- cache-templates
name: "Create Repo"
runs-on: ubuntu-latest
outputs:
repo_url: ${{ steps.create-repo.outputs.repo_url }}
steps:
- name: Validate Repo Name
run: |
# shall not be empty
if [ -z $REPO_NAME ]; then exit 1; fi
# shall be alphanumeric and minus only
if [[ "$REPO" =~ [^\-a-zA-Z0-9] ]]; then exit 1; fi
# shall not start with minus
if [[ "$REPO" == -* ]]; then exit 1; fi
# shall not end with minus
if [[ "$REPO" == *- ]]; then exit 1; fi
- name: Restore Cached Files
uses: actions/cache@v3
with:
path: |
./.github/actions
./templates
key: ${{ github.run_id }}
- name: Get Token
id: get-workflow-token
uses: peter-murray/workflow-application-token-action@v2
with:
application_id: ${{ vars.GH_APP_ID }}
application_private_key: ${{ secrets.GH_APP_KEY }}
organization: ${{ vars.ORGANIZATION }}
- name: Create Repo
id: create-repo
env:
GH_TOKEN: ${{ steps.get-workflow-token.outputs.token }}
run: |
REPO_URL=$(gh repo create $REPO_OWNER/$REPO_NAME --$VISIBILITY --clone)
echo "repo_url=$REPO_URL" >> "$GITHUB_OUTPUT"
- name: Add Repo Topics
uses: ./.github/actions/add-topics
with:
owner: ${{ vars.ORGANIZATION }}
repository: ${{ inputs.repo_name }}
topics: ${{ inputs.topics }}
token: ${{ steps.get-workflow-token.outputs.token }}
- name: Copy Common Files
working-directory: ./${{ inputs.repo_name }}
run: |
cp -r ../templates/common/* .
- name: Copy Language Files
if: ${{ inputs.language != '' && inputs.language != 'None' }}
working-directory: ./${{ inputs.repo_name }}
run: |
cp -r ../templates/languages/$LANGUAGE/* .
- name: Templating Using Jinja
working-directory: ./${{ inputs.repo_name }}
run: |
pip install jinja-cli
find . -type f -exec sh -c 'jinja -E PROJECT_NAME -o $0 $0' {} \;
- name: Commit & Push Files
working-directory: ./${{ inputs.repo_name }}
env:
GH_TOKEN: ${{ steps.get-workflow-token.outputs.token }}
CI_COMMIT_MESSAGE: "chore(org): Initial commit"
run: |
gh auth setup-git
git config user.name '${{ vars.CI_COMMIT_USER }}'
git config user.email '${{ vars.CI_COMMIT_USER_MAIL }}'
git checkout -b $DEFAULT_BRANCH
git add -A
git commit -m "$CI_COMMIT_MESSAGE"
git push --set-upstream origin $DEFAULT_BRANCH
- name: Grant Admin Access To Team
if: ${{ inputs.team_slug != '' }}
uses: ./.github/actions/grant-permission-team
with:
organization: ${{ vars.ORGANIZATION }}
team: ${{ inputs.team_slug }}
repository: ${{ inputs.repo_name }}
permission: "admin"
token: ${{ steps.get-workflow-token.outputs.token }}