konflux-central/.github/workflows/sync-renovate-configs.yml at main · dryszka/konflux-central · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
name: Sync Renovate Configuration

on:
  workflow_dispatch:
    inputs:
      dry_run:
        type: boolean
        description: 'Dry Run'
        required: true
        default: false
      renovate-config:
        type: choice
        description: Select Renovate Configuration
        options:
          - all
          - default-renovate-distribution.json
          - custom-renovate-distribution.json

jobs:

  setup:
    runs-on: ubuntu-latest
    env:
      CONFIG_FILE: "config.yaml"
      EFFECTIVE_CONFIG_FILE: "effective-config.yaml"
    outputs:
      matrix: ${{ steps.matrix.outputs.config }}
    steps:
      - name: Checkout code
        uses: actions/checkout@v3

      - name: Print Debug Info
        run: |
          ls -R

      - name: Set up Python environment
        uses: actions/setup-python@v4
        with:
          python-version: '3.10.13'

      - name: Install dependencies
        run: |
          python -m pip install --upgrade pip
          pip install pyyaml

      - name: Generate ${{ env.EFFECTIVE_CONFIG_FILE }}
        run: |
          python script/generate-effective-config.py --config-file ${{ env.CONFIG_FILE }} --output ${{ env.EFFECTIVE_CONFIG_FILE }}
          cat ${{ env.EFFECTIVE_CONFIG_FILE }}

      - name: Generate Matrix Config
        id: matrix
        run: |
          config=$(yq -o json ${{ env.EFFECTIVE_CONFIG_FILE }} | jq -c '.')

          if ([[ "${{ github.event_name  }}" == "workflow_dispatch" ]] && [[ "${{ github.event.inputs.renovate-config }}" != "all" ]])
          then
            config=$(echo $config | jq -c 'map(select(.["renovate-config"] == "renovate/${{ github.event.inputs.renovate-config }}"))')
          fi

          echo "config=${config}"
          length=$(echo $config | jq '. | length')
          echo "$length repo(s) will be syned by this workflow"
          if [[ $length -eq 0 ]]
          then
            echo "No valid repos available for the sync"
            exit 1
          fi

          echo "config=$config" >> $GITHUB_OUTPUT

  sync:
    needs: [ setup ]
    runs-on: ubuntu-latest
    strategy:
      fail-fast: false
      matrix:
        config: ${{ fromJSON(needs.setup.outputs.matrix) }}
    steps:
      - uses: actions/create-github-app-token@v1
        id: app-token
        with:
          app-id: ${{ secrets.APP_ID }}
          private-key: ${{ secrets.PRIVATE_KEY }}
          owner: ${{ github.repository_owner }}

      - name: Get GitHub App User ID
        id: get-user-id
        run: echo "user-id=$(gh api "/users/${{ steps.app-token.outputs.app-slug }}[bot]" --jq .id)" >> "$GITHUB_OUTPUT"
        env:
          GH_TOKEN: ${{ steps.app-token.outputs.token }}

      - name: configure git committer string
        run: |
          git config --global user.name '${{ steps.app-token.outputs.app-slug }}[bot]'
          git config --global user.email '${{ steps.get-user-id.outputs.user-id }}+${{ steps.app-token.outputs.app-slug }}[bot]@users.noreply.github.com>'

      - name: Checkout ${{ github.repository }}
        uses: actions/checkout@v3
        with:
          path: renovate-central

      - name: Checkout ${{ matrix.config.repo }}
        uses: actions/checkout@v3
        with:
          repository: "${{ matrix.config.repo }}"
          token: ${{ steps.app-token.outputs.token }}
          path: target-repo

      - name: Print Debug Info
        run: |
          ls -lrt
          ls -lrt renovate-central
          ls -lrt target-repo

      - name: Sync renovate config
        run: mv renovate-central/${{ matrix.config.renovate-config }} target-repo/${{ matrix.config.targetFilePath }}

      - name: Commit Changes
        run: |
          cd target-repo

          set -x
          git status

          # Exit if any file other than the renovate config is modified
          git status --porcelain | egrep -v '^\s?(M|\?\?)\s\${{ matrix.config.targetFilePath }}' && echo "Error: Files other than the renovate config are modified" && exit 1

          # Check if there are any changes to commit
          if [[ $(git status --porcelain | wc -l) -gt 0 ]]; then
            # Add and commit the changes
            git add ${{ matrix.config.targetFilePath }}
            git commit -m "sync config with renovate-central"
          else
            echo "No changes to commit."
          fi

          # Check if dry_run is false and push changes if true
          if [[ "${{ github.event.inputs.dry_run }}" == 'false' ]]; then
            git push origin main
          else
            echo "'dry_run' is enabled. No changes will be pushed."
          fi

      # - name: Slack Notification
      #   if: ${{ failure() }}
      #   uses: rtCamp/action-slack-notify@v2
      #   env:
      #     SLACK_MESSAGE: ':red-warning: Renovate Synchronization Failed for repo: ${{ matrix.config.repo }}!'
      #     SLACK_WEBHOOK: ${{ secrets.RHOAI_DEVOPS_SLACK_WEBHOOK }}