ci: new gha to update rules #37
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Update Rules | |
| on: | |
| pull_request: | |
| types: [labeled] | |
| jobs: | |
| update-rules: | |
| if: contains(github.event.label.name, 'Update Rules') | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Check out PR code | |
| uses: actions/checkout@v3 | |
| with: | |
| ref: ${{ github.event.pull_request.head.ref }} | |
| repository: ${{ github.event.pull_request.head.repo.full_name }} | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| fetch-depth: 1 | |
| - name: Set up Python 3.10 | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: "3.10" | |
| - name: Install Python Packages | |
| run: | | |
| pip install firebase-admin | |
| - name: Query Jenkins Build Status | |
| id: query_jenkins | |
| run: | | |
| .github/workflows/jenkins-check-build.sh "${{ github.event.pull_request.number }}" | |
| - name: Execute Python Script Update | |
| env: | |
| CREDS_FILE: ${{ secrets.CREDS_FILE }} | |
| API_BASE_URL: ${{ secrets.API_BASE_URL }} | |
| run: | | |
| set -e | |
| COMMIT_SHA=$(git rev-parse HEAD) | |
| echo "PR has commit sha: $COMMIT_SHA" | |
| COMMIT_SHA=abbc09da7f92f176a669e72d52653b80f074c12e | |
| echo "${CREDS_FILE}" > creds.json | |
| ls -lh creds.json | |
| cat creds.json | |
| if [[ "${{ github.event.label.name }}" == "Update Rules Overwrite" ]]; then | |
| echo "Calling updateRules.py with overwrite." | |
| python flow/util/updateRules.py --keyFile creds.json \ | |
| --apiURL "${API_BASE_URL}" \ | |
| --commitSHA "${COMMIT_SHA}" \ | |
| --overwrite | |
| else | |
| echo "Calling updateRules.py" | |
| python flow/util/updateRules.py --keyFile creds.json \ | |
| --apiURL "${API_BASE_URL}" \ | |
| --commitSHA "${COMMIT_SHA}" | |
| fi | |
| - name: Check for changes and commit | |
| id: check-and-commit | |
| run: | | |
| git config --local user.email "github-actions[bot]@users.noreply.github.com" | |
| git config --local user.name "github-actions[bot]" | |
| if [ -n "$(git status --porcelain)" ]; then | |
| git add . | |
| git commit --signoff -m "flow: update rules" | |
| echo "has_update=true" >> "$GITHUB_ENV" | |
| else | |
| echo "has_update=false" >> "$GITHUB_ENV" | |
| fi | |
| - name: Push changes | |
| if: env.has_update == 'true' | |
| run: | | |
| git push | |
| - name: Remove label from PR | |
| if: always() | |
| uses: actions-ecosystem/action-remove-labels@v1 | |
| env: | |
| LABEL: ${{ github.event.label.name }} | |
| with: | |
| github_token: ${{ secrets.GITHUB_TOKEN }} | |
| labels: "${LABEL}" |