-
Notifications
You must be signed in to change notification settings - Fork 26
/
Copy pathupgrade-check.yml.sample
79 lines (70 loc) · 3.28 KB
/
upgrade-check.yml.sample
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
# This workflow compares a downstream ansible-slurm-appliance repository for a specific site with the upstream
# stackhpc/ansible-slurm-appliance repository to check whether there is a new upstream version available. If a
# newer tag is found in the upstream repository then a pull request is created to the downstream repo
# in order to merge in the changes from the new upstream release.
#
# To use this workflow in a downstream ansible-slurm-appliance repository simply copy it into .github/workflows
# and give it an appropriate name, e.g.
# cp .github/workflows/upgrade-check.yml.sample .github/workflows/upgrade-check.yml
#
# Workflow uses https://github.com/peter-evans/create-pull-request to handle the pull request action.
# See the docs for action inputs.
#
# In order for GitHub actions to create pull requests that make changes to workflows in `.github/workflows`,
# a token for each deployment must be provided. Both user PAT and fine-grained tokens should work, but it was tested
# with a PAT. Fine-grained repo-scoped token is preferred if possible but requires organisation admin privileges.
#
# See https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens
# for security considerations around tokens. TREAT YOUR ACCESS TOKENS LIKE PASSWORDS.
#
# The following repository permissions must be set for the PAT:
# - `Workflows: Read and write`
# - `Actions: Read and write`
# - `Pull requests: Read and write`
# The PAT should then be copied into an Actions repository secret in the downstream repo with the title `WORKFLOW_TOKEN`.
name: Check for upstream updates
on:
schedule:
- cron: "0 9 * * *"
workflow_dispatch:
jobs:
check_for_update:
runs-on: ubuntu-22.04
steps:
- name: Checkout the config repo
uses: actions/checkout@v4
with:
fetch-depth: 0
fetch-tags: true
# Based on equivalent azimuth-config job
- name: Check for new release
shell: bash
run: |
set -xe
# Tell git who we are for commits
git config user.email "${{ github.actor }}[email protected]"
git config user.name "${{ github.actor }} CI"
# Create the merge branch and write vars to .mergeenv file
.github/bin/create-merge-branch.sh
- name: Set release tag output
id: release_tag
if: ${{ hashFiles('.mergeenv') }}
run: source .mergeenv && echo value=$RELEASE_TAG >> $GITHUB_OUTPUT
- name: Set branch name output
id: branch_name
if: ${{ hashFiles('.mergeenv') }}
run: source .mergeenv && echo value=$BRANCH_NAME >> $GITHUB_OUTPUT
- name: Remove tmp file
run: rm .mergeenv
if: ${{ hashFiles('.mergeenv') }}
- name: Create Pull Request
if: ${{ steps.release_tag.outputs.value }}
uses: peter-evans/create-pull-request@v6
with:
base: main
branch: ${{ steps.branch_name.outputs.value }}
title: "Upgrade ansible-slurm-appliance to ${{ steps.release_tag.outputs.value }}"
body: This PR was automatically generated by GitHub Actions.
commit-message: "Upgrade ansible-slurm-appliance to ${{ steps.release_tag.outputs.value }}"
delete-branch: true
token: ${{ secrets.WORKFLOW_TOKEN }}