forked from rancher/rancher
-
Notifications
You must be signed in to change notification settings - Fork 0
109 lines (95 loc) · 4.13 KB
/
Copy pathci-testing-create-pr.yml
File metadata and controls
109 lines (95 loc) · 4.13 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
name: Create CI Testing PR
on:
workflow_dispatch:
inputs:
base_branch:
description: 'Base branch for the PR (leave empty for default branch)'
required: false
default: ''
max_ci_attempts:
description: 'Maximum number of CI attempts per workflow'
required: false
default: 20
type: number
include_patterns:
description: 'Patterns to include in failure detection (URL encode special chars: %2C for comma, %27 for single quote)'
required: false
default: 'FAIL,Fail,failed,ERROR:,Error:,error:,##[error],Error Trace:'
exclude_patterns:
description: 'Patterns to exclude from failure detection (URL encode special chars: %2C for comma, %27 for single quote)'
required: false
default: 'Failed to save: Unable to reserve cache with key docker.io,Failed to restore: "/usr/bin/tar" failed with error: The process,echo "Error: Failed to load image from tarball!",H4sIAAAAAAAA'
permissions:
contents: write
pull-requests: write
id-token: write # Vault access
jobs:
create-test-pr:
runs-on: ubuntu-latest
steps:
- name: "Read some Secrets"
uses: rancher-eio/read-vault-secrets@0da85151ad1f19ed7986c41587e45aac1ace74b6 # v3
with:
secrets: |
secret/data/github/repo/${{ github.repository }}/github/pr-actions-write-app/credentials appId | APP_ID;
secret/data/github/repo/${{ github.repository }}/github/pr-actions-write-app/credentials privateKey | PRIVATE_KEY
- name: "Create temporary token"
uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
id: app-token
with:
app-id: ${{ env.APP_ID }}
private-key: ${{ env.PRIVATE_KEY }}
permission-pull-requests: write
- name: Clear sensitive variables
run: |
echo "PRIVATE_KEY=" >> $GITHUB_ENV
echo "APP_ID=" >> $GITHUB_ENV
- name: Checkout repository
uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
- name: Setup and create branch
id: branch-setup
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
if [[ -n "${{ inputs.base_branch }}" ]]; then
BASE_BRANCH="${{ inputs.base_branch }}"
else
BASE_BRANCH=$(gh repo view --json defaultBranchRef --jq '.defaultBranchRef.name')
fi
git config user.name "GitHub Actions"
git config user.email "actions@github.com"
git fetch origin "$BASE_BRANCH"
git checkout "$BASE_BRANCH"
BRANCH_NAME="ci_testing_$(date +'%Y%m%d_%H%M%S')"
git checkout -b "$BRANCH_NAME"
echo "base_branch=$BASE_BRANCH" >> $GITHUB_OUTPUT
echo "branch=$BRANCH_NAME" >> $GITHUB_OUTPUT
- name: Create and push empty commit
run: |
touch trigger_ci
git add trigger_ci
git commit -m "Add trigger_ci file for CI testing"
git push origin ${{ steps.branch-setup.outputs.branch }}
- name: Create draft PR
env:
# Needs write permissions to Pull requests (CI does not trigger on prs created by GITHUB_TOKEN)
GH_TOKEN: ${{ steps.app-token.outputs.token }}
INCLUDE_PATTERNS: ${{ inputs.include_patterns }}
EXCLUDE_PATTERNS: ${{ inputs.exclude_patterns }}
MAX_ATTEMPTS: ${{ inputs.max_ci_attempts }}
run: |
echo "This PR is for CI testing purposes only and can be ignored." > pr_body.txt
echo "" >> pr_body.txt
echo "MAX_CI_ATTEMPTS: \`$MAX_ATTEMPTS\`" >> pr_body.txt
if [[ -n "$INCLUDE_PATTERNS" ]]; then
echo "INCLUDE_PATTERNS: \`$INCLUDE_PATTERNS\`" >> pr_body.txt
fi
if [[ -n "$EXCLUDE_PATTERNS" ]]; then
echo "EXCLUDE_PATTERNS: \`$EXCLUDE_PATTERNS\`" >> pr_body.txt
fi
gh pr create \
--base "${{ steps.branch-setup.outputs.base_branch }}" \
--head "${{ steps.branch-setup.outputs.branch }}" \
--title "CI Testing" \
--body-file pr_body.txt \
--draft