From a044aeba3c1064d27be1a91788c598e39c37d7a8 Mon Sep 17 00:00:00 2001 From: Ryan Northey Date: Tue, 31 Oct 2023 15:58:16 +0000 Subject: [PATCH] ci: Test Envoy sync in PRs Signed-off-by: Ryan Northey --- .github/workflows/_sync.yml | 39 +++++++++++++++++++++++++++++++ .github/workflows/ci.yaml | 9 +++++-- .github/workflows/envoy-sync.yaml | 39 ++++++------------------------- ci/sync_envoy.sh | 4 +++- 4 files changed, 56 insertions(+), 35 deletions(-) create mode 100644 .github/workflows/_sync.yml diff --git a/.github/workflows/_sync.yml b/.github/workflows/_sync.yml new file mode 100644 index 0000000000..9364b43918 --- /dev/null +++ b/.github/workflows/_sync.yml @@ -0,0 +1,39 @@ +name: CI Build and Test + +on: + workflow_call: + secrets: + app-id: + app-key: + inputs: + sync: + type: boolean + default: true + +jobs: + sync: + runs-on: ubuntu-22.04 + steps: + - id: appauth + if: ${{ inputs.sync }} + uses: envoyproxy/toolshed/gh-actions/appauth@actions-v0.1.2 + with: + key: ${{ secrets.app-key }} + app_id: ${{ secrets.app-id }} + - name: 'Checkout go-control-plane repository' + uses: actions/checkout@v4 + with: + path: go-control-plane + fetch-depth: ${{ ! inputs.sync && 1 || 0 }} + token: ${{ steps.appauth.outputs.token || secrets.GITHUB_TOKEN }} + - name: 'Checkout Envoy repository' + uses: actions/checkout@v4 + with: + repository: envoyproxy/envoy + fetch-depth: ${{ ! inputs.sync && 1 || 0 }} + path: envoy + - run: ci/sync_envoy.sh + env: + ENVOY_SRC_DIR: ../envoy + NO_COMMIT_CHANGES: ${{ ! inputs.sync && '1' || '' }} + working-directory: go-control-plane diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 9cddfa1954..7a3ee3d154 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -8,8 +8,13 @@ on: jobs: build: - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - uses: actions/checkout@v4 - name: build and test - run: make docker_tests \ No newline at end of file + run: make docker_tests + + sync: + uses: ./.github/workflows/_sync.yml + with: + sync: false diff --git a/.github/workflows/envoy-sync.yaml b/.github/workflows/envoy-sync.yaml index c6edccdc8e..bcb8643a36 100644 --- a/.github/workflows/envoy-sync.yaml +++ b/.github/workflows/envoy-sync.yaml @@ -1,5 +1,8 @@ name: Sync Envoy +permissions: + contents: read + on: workflow_dispatch: @@ -7,44 +10,16 @@ concurrency: group: ${{ github.workflow }} cancel-in-progress: true -permissions: - contents: read jobs: sync: runs-on: ubuntu-22.04 - permissions: - contents: write if: | ${{ !contains(github.actor, '[bot]') || github.actor == 'sync-envoy[bot]' }} - steps: - - id: appauth - uses: envoyproxy/toolshed/gh-actions/appauth@actions-v0.1.2 - with: - key: ${{ secrets.ENVOY_CI_UPDATE_BOT_KEY }} - app_id: ${{ secrets.ENVOY_CI_UPDATE_APP_ID }} - - # Checkout the repo - - name: 'Checkout Repository' - uses: actions/checkout@v4 - with: - ref: main - fetch-depth: 0 - token: ${{ steps.appauth.outputs.token }} - - # Checkout the Envoy repo - - name: 'Checkout Repository' - uses: actions/checkout@v4 - with: - repository: envoyproxy/envoy - ref: main - fetch-depth: 0 - path: upstream - - - run: mv upstream ../envoy - - run: ci/sync_envoy.sh - env: - ENVOY_SRC_DIR: ../envoy + uses: ./.github/workflows/_sync.yml + secrets: + app-id: ${{ secrets.ENVOY_CI_UPDATE_APP_ID }} + app-key: ${{ secrets.ENVOY_CI_UPDATE_BOT_KEY }} diff --git a/ci/sync_envoy.sh b/ci/sync_envoy.sh index eaa064ebca..ae2b9bfd86 100755 --- a/ci/sync_envoy.sh +++ b/ci/sync_envoy.sh @@ -73,4 +73,6 @@ commit_changes () { build_protos sync_protos -commit_changes +if [[ -z "$NO_COMMIT_CHANGES" ]]; then + commit_changes +fi