Merge pull request #271 from coreos/dependabot/github_actions/actions… #196
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Sync to downstream repos | |
on: | |
push: | |
branches: [main] | |
workflow_dispatch: | |
# Prevent multiple workflow runs from racing | |
concurrency: ${{ github.workflow }} | |
permissions: | |
contents: read | |
jobs: | |
init: | |
name: Render | |
runs-on: ubuntu-latest | |
container: registry.fedoraproject.org/fedora:latest | |
outputs: | |
matrix: ${{ steps.get.outputs.matrix }} | |
steps: | |
- name: Check out repository | |
uses: actions/checkout@v4 | |
- name: Install dependencies | |
run: dnf install -y cargo | |
- name: Cache build artifacts | |
uses: Swatinem/rust-cache@v2 | |
with: | |
workspaces: tmpl8 | |
- name: Build tmpl8 binary | |
run: cd tmpl8 && cargo build | |
- name: Render templates | |
run: | | |
tmpl8/target/debug/tmpl8 render output | |
tar cf output.tar output | |
- name: Get matrix | |
id: get | |
run: tmpl8/target/debug/tmpl8 github-matrix >> $GITHUB_OUTPUT | |
- name: Upload rendered output | |
uses: actions/upload-artifact@v4 | |
with: | |
name: rendered | |
path: output.tar | |
sync: | |
name: Sync repo | |
needs: init | |
runs-on: ubuntu-latest | |
container: registry.fedoraproject.org/fedora:latest | |
strategy: | |
fail-fast: false | |
matrix: ${{ fromJSON(needs.init.outputs.matrix) }} | |
steps: | |
- name: Fork target repo | |
uses: actions/github-script@v6 | |
with: | |
github-token: ${{ secrets.COREOSBOT_RELENG_TOKEN }} | |
script: | | |
// unconditionally try to fork the repo; it's a no-op if the | |
// fork exists | |
const repo = "${{ matrix.repo }}".split("/") | |
await github.rest.repos.createFork({ | |
owner: repo[0], | |
repo: repo[1] | |
}) | |
- name: Install dependencies | |
run: dnf install -y git-core | |
- name: Check out target repo | |
uses: actions/checkout@v4 | |
with: | |
repository: ${{ matrix.repo }} | |
path: dest | |
# We need an unbroken commit chain when pushing to the fork. Don't | |
# make assumptions about which commits are already available there. | |
fetch-depth: 0 | |
- name: Move repo into place | |
env: | |
TARGET: ${{ matrix.repo }} | |
run: | | |
set -x | |
reponame="${TARGET#*/}" | |
echo "REPO_NAME=$reponame" >> $GITHUB_ENV | |
mkdir output | |
mv dest "output/$reponame" | |
- name: Download rendered output | |
uses: actions/download-artifact@v4 | |
with: | |
name: rendered | |
- name: Unpack rendered output | |
run: tar xf output.tar | |
- name: Open pull request | |
uses: peter-evans/create-pull-request@v6 | |
with: | |
token: ${{ secrets.COREOSBOT_RELENG_TOKEN }} | |
path: output/${{ env.REPO_NAME }} | |
push-to-fork: coreosbot-releng/${{ env.REPO_NAME }} | |
branch: repo-templates | |
labels: skip-notes | |
commit-message: | | |
Sync repo templates ⚙ | |
Sync with ${{ github.repository }}@${{ github.sha }}. | |
title: Sync repo templates ⚙ | |
body: | | |
Created by [GitHub workflow](${{ github.server_url }}/${{ github.repository }}/actions/workflows/sync.yml) ([source](${{ github.server_url }}/${{ github.repository }}/blob/main/.github/workflows/sync.yml)). | |
Sync with ${{ github.repository }}@${{ github.sha }}. | |
committer: "CoreOS Bot <[email protected]>" | |
author: "CoreOS Bot <[email protected]>" |