From d7a0b3775201873ce3ef0f9b7b16155abd8f5de3 Mon Sep 17 00:00:00 2001 From: Charles Coggins Date: Fri, 5 Jan 2024 15:05:47 -0600 Subject: [PATCH 1/4] ci: add trigger workflow for updating git submodules This workflow is meant to be triggered by each of the phylum-dev repositories that are included in the documentation repository as git submodules. The trigger will happen during the release process for the external repo and will include the tag for the release. --- .github/workflows/trigger.yml | 73 +++++++++++++++++++++++++++++++++++ 1 file changed, 73 insertions(+) create mode 100644 .github/workflows/trigger.yml diff --git a/.github/workflows/trigger.yml b/.github/workflows/trigger.yml new file mode 100644 index 00000000..87b92c78 --- /dev/null +++ b/.github/workflows/trigger.yml @@ -0,0 +1,73 @@ +# This is a workflow for updating the external repositories contained in this repository as git submodules. +# +# It is configured to be triggered by repository dispatch events which come from outside of this repository. +# It requires write access to the repository by providing a personal access token (PAT) with `repo` scope. +# +# The `event_type` parameter is expected to be `trigger-update-submodule`. +# The `client_payload` parameter is expected to contain the following data: +# * `repo_name`: a string containing the `phylum-dev` repository name to update +# * `tag_name`: a string containing the release tag to use for updating the git submodule +# +# Here is an example repository dispatch event, triggered with `curl` from the command line: +# +# curl \ +# -X POST \ +# --fail-with-body \ +# -H "Accept: application/vnd.github+json" \ +# -H "X-GitHub-Api-Version: 2022-11-28" \ +# -H "Authorization: token " \ +# -d '{"event_type":"trigger-update-submodule","client_payload":{"repo_name":"cli","tag_name":"v6.0.1"}}' \ +# https://api.github.com/repos/phylum-dev/documentation/dispatches +# +# References: +# https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#repository_dispatch +# https://docs.github.com/en/rest/repos/repos#create-a-repository-dispatch-event +--- +name: Update Submodules + +on: + repository_dispatch: + types: [trigger-update-submodule] + +jobs: + bump: + name: Update submodules and create PR + runs-on: ubuntu-latest + env: + REPO_NAME: ${{ github.event.client_payload.repo_name }} + TAG_NAME: ${{ github.event.client_payload.tag_name }} + steps: + - name: Checkout the repo + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + + - name: Update submodule + run: git -C "ext/${REPO_NAME}" checkout "${TAG_NAME}" + + - name: Commit changes + id: commit + continue-on-error: true + run: | + git config user.name 'phylum-bot' + git config user.email '69485888+phylum-bot@users.noreply.github.com' + git add "ext/${REPO_NAME}" + git commit -m "build: update \`${REPO_NAME}\` submodule to \`${TAG_NAME}\`" + git push --force origin "HEAD:update-${REPO_NAME}-submodule" + + - name: Create Pull Request + if: ${{ steps.commit.outcome == 'success' }} + uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 + with: + github-token: ${{ secrets.GH_RELEASE_PAT }} + script: | + var repo = process.env.REPO_NAME; + var tag = process.env.TAG_NAME; + const response = await github.rest.pulls.create({ + owner: context.repo.owner, + repo: context.repo.repo, + head: "update-" + repo + "-submodule", + base: context.ref, + title: "build: update `" + repo + "` submodule to `" + tag + "`", + body: "This submodule update was triggered by a " + repo + " release " + + "and ensures the documentation stays current.", + }); + console.log(response); From 6c31232224e720272551aabc629bf0e6d41ffb47 Mon Sep 17 00:00:00 2001 From: Charles Coggins Date: Fri, 5 Jan 2024 15:14:08 -0600 Subject: [PATCH 2/4] ci: add a CODEOWNERS file --- .github/CODEOWNERS | 1 + 1 file changed, 1 insertion(+) create mode 100644 .github/CODEOWNERS diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS new file mode 100644 index 00000000..aed30b76 --- /dev/null +++ b/.github/CODEOWNERS @@ -0,0 +1 @@ +* @phylum-dev/engineering From 71e31d199443b5d079a152709db1c62eb7d6f641 Mon Sep 17 00:00:00 2001 From: Charles Coggins Date: Fri, 5 Jan 2024 15:53:56 -0600 Subject: [PATCH 3/4] refactor: apply PR suggestions --- .github/workflows/trigger.yml | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/.github/workflows/trigger.yml b/.github/workflows/trigger.yml index 87b92c78..329bfef9 100644 --- a/.github/workflows/trigger.yml +++ b/.github/workflows/trigger.yml @@ -44,8 +44,6 @@ jobs: run: git -C "ext/${REPO_NAME}" checkout "${TAG_NAME}" - name: Commit changes - id: commit - continue-on-error: true run: | git config user.name 'phylum-bot' git config user.email '69485888+phylum-bot@users.noreply.github.com' @@ -54,13 +52,12 @@ jobs: git push --force origin "HEAD:update-${REPO_NAME}-submodule" - name: Create Pull Request - if: ${{ steps.commit.outcome == 'success' }} uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 with: github-token: ${{ secrets.GH_RELEASE_PAT }} script: | - var repo = process.env.REPO_NAME; - var tag = process.env.TAG_NAME; + const repo = process.env.REPO_NAME; + const tag = process.env.TAG_NAME; const response = await github.rest.pulls.create({ owner: context.repo.owner, repo: context.repo.repo, From 67d313eac1c494f3d7251367e86026964651b3aa Mon Sep 17 00:00:00 2001 From: Charles Coggins Date: Fri, 5 Jan 2024 15:57:43 -0600 Subject: [PATCH 4/4] refactor: rename trigger.yml to update_submodule.yml --- .github/workflows/{trigger.yml => update_submodule.yml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename .github/workflows/{trigger.yml => update_submodule.yml} (100%) diff --git a/.github/workflows/trigger.yml b/.github/workflows/update_submodule.yml similarity index 100% rename from .github/workflows/trigger.yml rename to .github/workflows/update_submodule.yml