fix: update Cosign for image #7
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: "Test 'PR' Workflow" | |
on: | |
pull_request: | |
push: | |
branches: | |
- main | |
jobs: | |
# When new code is pushed on destination, create a PR to trigger an E2E test of the PR workflow | |
prepare-test: | |
name: "[Chore] Create Test Pull Request" | |
if: github.repository == 'olivr-test/copybara-action-test' && github.event_name == 'push' | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v2 | |
- name: Get Commit Message | |
id: commit | |
run: | | |
MSG=$(git log --format=%B -n 1 ${{ github.event.after }}) | |
echo "::set-output name=COMMIT_MESSAGE::${MSG}" | |
- name: Toggle test file | |
run: '[ -e "./.test-pr-workflow" ] && rm -rf ./.test-pr-workflow || echo "${{ github.sha }}" > ./.test-pr-workflow' | |
- name: Create Pull Request | |
uses: peter-evans/create-pull-request@v3 | |
env: | |
COMMIT_MESSAGE: ${{ steps.commit.outputs.COMMIT_MESSAGE }} | |
with: | |
commit-message: "[Test PR] ${{env.COMMIT_MESSAGE}}" | |
title: "[Test PR] ${{env.COMMIT_MESSAGE}}" | |
body: "Generated by workflow [${{ github.run_id }}](../actions/runs/${{ github.run_id }})" | |
token: ${{ secrets.GH_TOKEN_BOT }} | |
branch: test-pr-workflow | |
branch-suffix: short-commit-hash | |
# When a new test PR is created on destination (by the job above), copy it to SoT | |
e2e-test: | |
name: "'PR' E2E tests" | |
if: github.repository == 'olivr-test/copybara-action-test' && github.event_name == 'pull_request' && startsWith(github.event.pull_request.title, '[Test PR]') | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v2 | |
- name: "[Test] Basic usage" | |
uses: ./ | |
with: | |
sot_repo: Olivr/copybara-action | |
destination_repo: olivr-test/copybara-action-test | |
access_token: ${{ secrets.GH_TOKEN_BOT }} | |
ssh_key: ${{ secrets.GH_SSH_BOT }} | |
- name: "🧹 Close Pull Request" | |
uses: actions/github-script@v3 | |
with: | |
github-token: ${{ secrets.GH_TOKEN_BOT }} | |
script: | | |
github.pulls.update({ | |
owner: context.repo.owner, | |
repo: context.repo.repo, | |
pull_number: context.payload.pull_request.number, | |
state: 'closed' | |
}); | |
- name: "🧹 Delete PR branch" | |
run: git push origin :${{github.head_ref}} | |
# When a new test PR is created on SoT (by the job above), close it | |
cleanup-test: | |
name: "[Chore] Close Test Pull Request" | |
if: github.repository == 'Olivr/copybara-action' && github.event_name == 'pull_request' && startsWith(github.event.pull_request.title, '[Test PR]') | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v2 | |
- name: "🧹 Close Pull Request" | |
uses: actions/github-script@v3 | |
with: | |
github-token: ${{ secrets.GH_TOKEN_BOT }} | |
script: | | |
github.pulls.update({ | |
owner: context.repo.owner, | |
repo: context.repo.repo, | |
pull_number: context.payload.pull_request.number, | |
state: 'closed' | |
}); | |
- name: "🧹 Delete PR branch" | |
run: git push origin :${{github.head_ref}} | |
# Once the test PR is cleaned up by the job above, it means all the tests have passed and we can release new code | |
release: | |
name: Release new version | |
needs: [cleanup-test] | |
runs-on: ubuntu-18.04 | |
steps: | |
- name: Checkout | |
uses: actions/checkout@master | |
with: | |
ref: main | |
- name: Setup Node.js | |
uses: actions/setup-node@v2 | |
with: | |
node-version: 14 | |
- name: Install dependencies | |
run: yarn install --frozen-lockfile | |
- name: Release | |
env: | |
GITHUB_TOKEN: ${{ secrets.GH_TOKEN_BOT }} | |
# Trick semantic release because releasing from a PR is unusual but necessary in our case | |
run: GITHUB_EVENT_NAME=push GITHUB_REF=main npx semantic-release -e ./.config/release.config.js |