Skip to content

Add gha to register workflows schemas for cre and platform domains #396

Add gha to register workflows schemas for cre and platform domains

Add gha to register workflows schemas for cre and platform domains #396

name: Lint and breaking check for cre
on:
pull_request:
types: [opened, reopened, synchronize]
repository_dispatch:
types: [cre-recheck]
workflow_dispatch:
permissions:
id-token: write
contents: read
pull-requests: write
jobs:
cre-tests:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
check:
- name: "lint"
cmd: "buf format -d --exit-code cre"
needs_buf: true
needs_go: false
- name: "breaking"
cmd: "buf breaking cre --against \".git#branch=main,subdir=cre\" --exclude-path node_modules"
needs_buf: true
needs_go: false
- name: "gofmt"
cmd: "UNFORMATTED=$(gofmt -l cre); echo \"$UNFORMATTED\"; test -z \"$UNFORMATTED\""
needs_buf: false
needs_go: true
- name: "go-test"
cmd: "cd cre/go && go test ./..."
needs_buf: false
needs_go: true
- name: "verify-run"
cmd: "cd cre/verify && go run ."
needs_buf: false
needs_go: true
- name: "verify-test"
cmd: "cd cre/verify && go test ./..."
needs_buf: false
needs_go: true
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
token: ${{ github.token }}
persist-credentials: true
ref: ${{ github.head_ref || github.ref_name }}
- name: Setup CRE Environment
id: setup
uses: ./.github/actions/setup-cre
with:
install-buf: ${{ matrix.check.needs_buf }}
install-go-tools: ${{ matrix.check.needs_go }}
- name: Run ${{ matrix.check.name }} check
if: steps.setup.outputs.cre_changed == 'true'
run: ${{ matrix.check.cmd }}
fix-cre:
runs-on: ubuntu-latest
outputs:
commit_made: ${{ steps.auto-fix-completed.outputs.commit_made || steps.no-changes.outputs.commit_made }}
steps:
- name: Assume aws gati role
if: github.actor != 'app-token-issuer-engops[bot]'
uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2
with:
role-to-assume: ${{ secrets.AWS_IAM_ROLE_ARN_GATI }}
role-duration-seconds: 900
aws-region: ${{ secrets.AWS_REGION }}
mask-aws-account-id: true
- name: Get github token from gati
id: get-gh-token
if: github.actor != 'app-token-issuer-engops[bot]'
uses: smartcontractkit/chainlink-github-actions/github-app-token-issuer@main
with:
url: ${{ secrets.AWS_LAMBDA_URL_GATI }}
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
if: github.actor != 'app-token-issuer-engops[bot]'
with:
ref: ${{ github.event.pull_request.head.sha }}
token: ${{ steps.get-gh-token.outputs.access-token }}
fetch-depth: 1
- name: Setup Environment
id: setup
if: github.actor != 'app-token-issuer-engops[bot]'
uses: ./.github/actions/setup-cre
with:
install-buf: 'true'
install-go-tools: 'true'
- name: Auto-fix & regenerate
if: github.actor != 'app-token-issuer-engops[bot]' && steps.setup.outputs.cre_changed == 'true'
run: |
buf format -w cre
gofmt -w cre
cd cre/go
go generate ./...
go mod tidy
cd -
cd cre/verify
go generate ./...
go mod tidy
- name: Commit auto-fix changes using ghcommit
if: github.actor != 'app-token-issuer-engops[bot]' && steps.setup.outputs.cre_changed == 'true'
uses: planetscale/[email protected]
with:
commit_message: "Auto-fix: buf format, gofmt, go generate, go mod tidy"
repo: ${{ github.repository }}
branch: ${{ github.head_ref || github.ref_name }}
file_pattern: "."
env:
GITHUB_TOKEN: ${{ steps.get-gh-token.outputs.access-token }}
- name: Auto-fix completed
if: github.actor != 'app-token-issuer-engops[bot]' && steps.setup.outputs.cre_changed == 'true'
id: auto-fix-completed
run: |
# Check if ghcommit made changes
if [[ -n "$(git log --oneline -1 --grep="Auto-fix: buf format, gofmt, go generate, go mod tidy")" ]]; then
echo "commit_made=true" >> "$GITHUB_OUTPUT"
echo "::notice::Auto-fix changes have been committed. The new commit will trigger a fresh workflow run with the fixes applied."
else
echo "commit_made=false" >> "$GITHUB_OUTPUT"
echo "::notice::No formatting or generation changes needed."
fi
- name: No changes needed
if: github.actor == 'app-token-issuer-engops[bot]' || steps.setup.outputs.cre_changed == 'false'
id: no-changes
run: |
echo "commit_made=false" >> "$GITHUB_OUTPUT"
if [[ "${{ github.actor }}" == "app-token-issuer-engops[bot]" ]]; then
echo "::notice::Skipping auto-fix for bot actor to prevent loops."
else
echo "::notice::No CRE files were modified, skipping auto-fix."
fi
buf-cre:
needs: [cre-tests, fix-cre]
if: always()
runs-on: ubuntu-latest
steps:
- name: Check results
run: |
echo "cre-tests result: ${{ needs.cre-tests.result }}"
echo "fix-cre commit made: ${{ needs.fix-cre.outputs.commit_made }}"
if [[ "${{ needs.cre-tests.result }}" == "success" ]]; then
echo "::notice::✅ All CRE tests passed successfully"
exit 0
elif [[ "${{ needs.fix-cre.outputs.commit_made }}" == "true" ]]; then
echo "::notice::🔧 Auto-fix commit was made - workflow will re-run automatically with fixes applied"
exit 1
else
echo "::error::❌ CRE tests failed and no automatic fix is available"
exit 1
fi