-
Notifications
You must be signed in to change notification settings - Fork 116
131 lines (118 loc) · 4.65 KB
/
update-backports.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
name: "Update backports"
# Runs quarterly on the second day to update meta-balena's master branch backports
on:
# Run at 00:00 the second day every 3rd month (quarterly)
schedule:
- cron: "0 0 2 */3 *"
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
env:
# get the user id of the GitHub App
# gh api /users/balenaos-esr%5Bbot%5D
GIT_AUTHOR_NAME: balenaos-esr-bot[bot]
GIT_AUTHOR_EMAIL: 146746583+balenaos-esr-bot[bot]@users.noreply.github.com
GIT_COMMITTER_NAME: balenaos-esr-bot[bot]
GIT_COMMITTER_EMAIL: 146746583+balenaos-esr-bot[bot]@users.noreply.github.com
jobs:
fetch:
runs-on: ubuntu-latest
strategy:
matrix:
python-version: ["3.10"]
outputs:
status: ${{ join(steps.*.conclusion) }}
steps:
- name: Generate GitHub App installation token
uses: tibdex/github-app-token@3beb63f4bd073e61482598c45c71c1019b59b73a # v2.1.0
id: gh_app_token
with:
app_id: ${{ vars.ESR_BOT_APP_ID || '400859' }}
installation_retrieval_mode: organization
installation_retrieval_payload: ${{ github.event.repository.owner.login }}
private_key: ${{ secrets.ESR_BOT_PRIVATE_KEY }}
repositories: >
["${{ github.event.repository.name }}"]
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
# The default GITHUB_TOKEN does not have workflow scope
# This is needed to push a new branch with workflow files
token: ${{ steps.gh_app_token.outputs.token }}
persist-credentials: true
- name: "Only run for meta-balena repository"
id: assert-meta-balena-repository
run: |
if [ -f "$(pwd)/repo.yml" ]; then
if grep -q "yocto layer" repo.yml; then
exit 0
fi
fi
exit 1
- name: Setup Python
uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5
with:
python-version: ${{ matrix.python-version }}
- name: Install python dependencies
run: |
python -m pip install --upgrade pip
pip install pyyaml
- name: "Update backports"
id: update-backports
run: |
git fetch origin > /dev/null 2>&1
esr_branches=$(git branch -r --sort=v:refname --list "origin/*.*.x")
esr_branches=$(echo "${esr_branches}" | tr '\n' ' ')
if [ -z "${esr_branches}" ]; then
echo "[ERROR] No ESR branches available"
exit 1
fi
# Modify repo.yml
python3 <<-EOF
import sys
import yaml
import re
import os
esr_branches=[str(v).replace('origin/', '') for v in "${esr_branches}".split()]
next = esr_branches[-1]
current = esr_branches[-2]
sunset = esr_branches[-3]
print("Identified ESR branches as:\n\n" +
"next: %s\ncurrent: %s\nsunset: %s\n" %
(next, current, sunset))
for esr in [current, sunset, next]:
if esr is not None and not re.compile("^[0-9]+\.[0-9]+\.x$").match(esr):
print("Invalid ESR branch " + esr)
sys.exit(1)
filePath = './repo.yml'
with open(filePath, 'r') as original:
ydata = yaml.safe_load(original)
if 'esr' in ydata:
print("Refusing to set backport on ESR branch")
sys.exit(1)
if 'backports' not in ydata:
print("No backports found on branch")
sys.exit(1)
if ydata['backports']['current'] is current:
print("Current backport is already %s, nothing to do" % (current) )
sys.exit(1)
ydata['backports'] = {'current': current, 'sunset': sunset, 'next': next}
with open(filePath, 'w') as modified:
yaml.dump(ydata, modified)
with open(os.environ['GITHUB_ENV'], 'a') as e:
for name,value in { "ESR_CURRENT": current, "ESR_NEXT": next, "ESR_SUNSET": sunset}.items():
print(f'{name}={value}', file=e)
EOF
- name: "Push backports"
id: push-backports
env:
GH_TOKEN: ${{ steps.gh_app_token.outputs.token }}
run: |
branch_name="balenaci/update-backports"
git checkout -b ${branch_name} HEAD
git add repo.yml
git commit -F- <<-EOF
Update backports with current ${ESR_CURRENT}
Set current to ${ESR_CURRENT}, next to ${ESR_NEXT} and sunset to ${ESR_SUNSET}
Change-type: patch
EOF
git push origin ${branch_name}
gh pr create --fill