Add gha to register workflows schemas for cre and platform domains #739
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Regenerate Protobuf Files | |
on: | |
pull_request: | |
types: [opened, reopened, synchronize] | |
permissions: | |
id-token: write | |
contents: read | |
pull-requests: write | |
jobs: | |
changes: | |
runs-on: ubuntu-latest | |
outputs: | |
relevant: ${{ steps.filter.outputs.relevant }} | |
steps: | |
- uses: actions/checkout@v4 | |
- id: filter | |
uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2 | |
with: | |
filters: | | |
# "relevant" means *any* change outside cre/** | |
relevant: | |
- '**' | |
- '!cre/**' | |
buf: | |
runs-on: ubuntu-latest | |
needs: changes | |
steps: | |
- name: No-op when only cre/** changed | |
if: ${{ needs.changes.outputs.relevant != 'true' }} | |
run: echo "Only cre/** changed; skipping." | |
- uses: actions/checkout@v4 | |
if: ${{ needs.changes.outputs.relevant == 'true' }} | |
- uses: smartcontractkit/tool-versions-to-env-action@aabd5efbaf28005284e846c5cf3a02f2cba2f4c2 # v1.0.8 | |
if: ${{ needs.changes.outputs.relevant == 'true' }} | |
id: tool-versions | |
- uses: bufbuild/buf-action@c231a1aa9281e5db706c970f468f0744a37561fd # v1 | |
if: ${{ needs.changes.outputs.relevant == 'true' }} | |
with: | |
breaking: false | |
version: ${{ steps.tool-versions.outputs.buf_version }} | |
exclude_paths: node_modules | |
- name: Buf breaking per module (skip new modules) | |
if: ${{ needs.changes.outputs.relevant == 'true' }} | |
continue-on-error: true | |
run: | | |
set -euo pipefail | |
BASE_REF="${{ github.base_ref || 'main' }}" | |
echo "Base ref: ${BASE_REF}" | |
git fetch --depth=1 origin "${BASE_REF}:${BASE_REF}" | |
if ! git show-ref --verify --quiet "refs/heads/${BASE_REF}"; then | |
echo "::error::Local branch ${BASE_REF} not found after fetch" | |
git branch -a | cat | |
exit 1 | |
fi | |
modules=$(buf config ls-modules --format path) | |
echo "Modules detected:" | |
echo "$modules" | |
failures=0 | |
failed_list="" | |
while IFS= read -r module; do | |
# Skip empty lines | |
[ -z "${module}" ] && continue | |
# Check if the module directory exists on the base branch | |
if git ls-tree --name-only "${BASE_REF}" "${module}" | grep -q .; then | |
echo "::group::buf breaking ${module}" | |
if ! buf breaking "${module}" --against ".git#branch=${BASE_REF},subdir=${module}" --exclude-path node_modules --error-format github-actions; then | |
failures=$((failures+1)) | |
failed_list="${failed_list} ${module}" | |
fi | |
echo "::endgroup::" | |
else | |
echo "::notice::Skipping breaking for new module '${module}' (not present on ${BASE_REF})." | |
fi | |
done <<< "${modules}" | |
if [ "${failures}" -gt 0 ]; then | |
echo "::warning::buf breaking failed for modules:${failed_list}" | |
echo "Continuing despite breaking changes..." | |
fi | |
regenerate-protobuf: | |
runs-on: ubuntu-latest | |
needs: [buf, changes] | |
if: ${{ needs.changes.outputs.relevant == 'true' && always() && needs.buf.result != 'cancelled' }} | |
steps: | |
- name: Assume aws gati role | |
if: github.actor != 'app-token-issuer-engops[bot]' | |
uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 | |
with: | |
role-to-assume: ${{ secrets.AWS_IAM_ROLE_ARN_GATI }} | |
role-duration-seconds: 900 | |
aws-region: ${{ secrets.AWS_REGION }} | |
mask-aws-account-id: true | |
- name: Get github token from gati | |
id: get-gh-token | |
if: github.actor != 'app-token-issuer-engops[bot]' | |
uses: smartcontractkit/chainlink-github-actions/github-app-token-issuer@main | |
with: | |
url: ${{ secrets.AWS_LAMBDA_URL_GATI }} | |
- name: Checkout repo | |
if: github.actor != 'app-token-issuer-engops[bot]' | |
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
with: | |
# Include the pull request ref in the checkout action to prevent merge commit | |
# https://github.com/actions/checkout?tab=readme-ov-file#checkout-pull-request-head-commit-instead-of-merge-commit | |
ref: ${{ github.event.pull_request.head.sha }} | |
token: ${{ steps.get-gh-token.outputs.access-token }} | |
fetch-depth: 1 | |
- name: Set tool versions to env vars | |
id: tool-versions | |
if: github.actor != 'app-token-issuer-engops[bot]' | |
uses: smartcontractkit/tool-versions-to-env-action@aabd5efbaf28005284e846c5cf3a02f2cba2f4c2 # v1.0.8 | |
- name: Install asdf and Plugins | |
if: github.actor != 'app-token-issuer-engops[bot]' && steps.cache-deps.outputs.cache-hit != 'true' | |
uses: asdf-vm/actions/plugins-add@05e0d2ed97b598bfce82fd30daf324ae0c4570e6 | |
with: | |
asdf_branch: v0.16.7 | |
- name: Set up Go | |
if: github.actor != 'app-token-issuer-engops[bot]' | |
uses: actions/setup-go@v5 | |
with: | |
go-version: ${{ steps.tool-versions.outputs.golang_version }} | |
- name: Cache Dependencies | |
if: github.actor != 'app-token-issuer-engops[bot]' | |
id: cache-deps | |
uses: actions/cache@v4 | |
with: | |
path: | | |
/usr/local/bin/task | |
~/go/bin | |
key: ${{ runner.os }}-cache-regenerate-protobuf | |
- name: Install task CLI | |
if: github.actor != 'app-token-issuer-engops[bot]' | |
run: | | |
asdf install task | |
- name: Install grpc and wsrpc | |
if: github.actor != 'app-token-issuer-engops[bot]' && steps.cache-deps.outputs.cache-hit != 'true' | |
run: | | |
go install google.golang.org/protobuf/cmd/protoc-gen-go@v${{ steps.tool-versions.outputs.protoc-gen-go_version }} | |
go install google.golang.org/grpc/cmd/[email protected] | |
go install github.com/smartcontractkit/wsrpc/cmd/[email protected] | |
- name: Install protoc | |
if: github.actor != 'app-token-issuer-engops[bot]' | |
run: | | |
asdf install protoc | |
- name: Regenerate protobuf files | |
if: github.actor != 'app-token-issuer-engops[bot]' | |
run: | | |
task proto:all | |
- uses: planetscale/[email protected] | |
if: github.actor != 'app-token-issuer-engops[bot]' | |
with: | |
commit_message: "bot: regenerate protobuf files" | |
repo: ${{ github.repository }} | |
branch: ${{ github.head_ref || github.ref_name }} | |
file_pattern: "*.pb.go" | |
env: | |
GITHUB_TOKEN: ${{ steps.get-gh-token.outputs.access-token }} |