OLM test submit v1.2.8 #6
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Submit release OLM bundle | |
| on: | |
| release: | |
| types: | |
| - published | |
| issues: | |
| types: | |
| - opened | |
| - reopened | |
| env: | |
| HUB_REPO: k8s-operatorhub/community-operators | |
| BOT_REPO: nri-plugins-bot/community-operators | |
| jobs: | |
| trigger: | |
| runs-on: ubuntu-22.04 | |
| outputs: | |
| repo: ${{ steps.check.outputs.repo }} | |
| fork: ${{ steps.check.outputs.fork }} | |
| tag: ${{ steps.check.outputs.tag }} | |
| skip: ${{ steps.check.outputs.skip }} | |
| env: | |
| BOT_PAT: ${{ secrets.BOT_PAT }} | |
| BOT_GPG_PRIVATE_KEY: ${{ secrets.BOT_GPG_PRIVATE_KEY }} | |
| BOT_GPG_PASSPHRASE: ${{ secrets.BOT_GPG_PASSPHRASE }} | |
| steps: | |
| - name: Debug dump workflow | |
| uses: raven-actions/debug@v1 | |
| - name: Determine target tepository and tag | |
| id: check | |
| run: | | |
| # If trigger was a published release, file PR against operator hub repo. | |
| if [ "${{ github.event_name }}_${{ github.event.action }}" = "release_published" ]; then | |
| echo "repo=$HUB_REPO" >> $GITHUB_OUTPUT | |
| echo "fork=$BOT_REPO" >> $GITHUB_OUTPUT | |
| echo "tag=${{github.event.release.tag_name}}" >> $GITHUB_OUTPUT | |
| exit 0 | |
| fi | |
| # If trigger was a matching issue, file PR against the filer's fork which we | |
| # implicitly assume to exist. | |
| title="${{ github.event.issue.title }}" | |
| if [[ "$title" =~ ^'OLM test submit v' ]]; then | |
| USER_REPO="${{ github.event.issue.user.login }}/community-operators" | |
| echo "repo=$USER_REPO" >> $GITHUB_OUTPUT | |
| echo "fork=$BOT_REPO" >> $GITHUB_OUTPUT | |
| echo "tag=${title#OLM test submit }" >> $GITHUB_OUTPUT | |
| exit 0 | |
| fi | |
| # Otherwise skip. | |
| echo "skip=true" >> $GITHUB_OUTPUT | |
| - name: Fail if BOT_PAT is unset | |
| if: ${{ steps.check.outputs.skip != 'true' && env.BOT_PAT == '' }} | |
| run: | | |
| echo "Bot personal access token (BOT_PAT) not set." | |
| exit 1 | |
| - name: Fail if BOT_GPG_PRIVATE_KEY is unset | |
| if: ${{ steps.check.outputs.skip != 'true' && env.BOT_GPG_PRIVATE_KEY == '' }} | |
| run: | | |
| echo "Bot personal access token (BOT_GPG_PRIVATE_KEY) not set." | |
| exit 1 | |
| - name: Fail is BOT_GPG_PASSPHRASE is unset | |
| if: ${{ steps.check.outputs.skip != 'true' && env.BOT_GPG_PASSPHRASE == '' }} | |
| run: | | |
| echo "Bot personal access token (BOT_GPG_PASSPHRASE) not set." | |
| exit 1 | |
| - name: Check PR target repository exists | |
| if: ${{ steps.check.outputs.skip != 'true' }} | |
| run: | | |
| # Check that the PR target repository exists | |
| repo="${{ steps.check.outputs.repo }}" | |
| repo_status=$(curl -s -o /dev/null -I -w "%{http_code}" "https://github.com/$repo") | |
| echo "repo: $repo, repo HTTP access status: $repo_status" | |
| if [ "$repo_status" != "200" ]; then | |
| echo "Target repo ($repo) does not exist (HTTP status $repo_status)." | |
| exit 1 | |
| fi | |
| createPullRequest: | |
| name: Publish new OperatorHub release | |
| runs-on: ubuntu-22.04 | |
| needs: trigger | |
| if: ${{ needs.trigger.outputs.skip != 'true' }} | |
| env: | |
| REPO: ${{ needs.trigger.outputs.repo }} | |
| FORK: ${{ needs.trigger.outputs.fork }} | |
| TAG: ${{ needs.trigger.outputs.tag }} | |
| steps: | |
| - name: Show REPO, FORK, and TAG being used | |
| run: | | |
| echo "REPO: ${{ env.REPO }}" | |
| echo "FORK: ${{ env.FORK }}" | |
| echo "TAG: ${{ env.TAG }}" | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Build the bundle | |
| run: | | |
| version="${{ env.TAG }}" | |
| version="${version#v}" | |
| pushd deployment/operator && VERSION=${version} make bundle && popd | |
| - name: Checkout upstream community-operators repo | |
| uses: actions/checkout@v4 | |
| with: | |
| repository: ${{ env.REPO }} | |
| path: community-operators | |
| ref: main | |
| token: ${{ secrets.BOT_PAT }} | |
| - name: Import GPG key | |
| uses: crazy-max/ghaction-import-gpg@v6 | |
| id: import-gpg | |
| with: | |
| gpg_private_key: ${{ secrets.BOT_GPG_PRIVATE_KEY }} | |
| passphrase: ${{ secrets.BOT_GPG_PASSPHRASE }} | |
| git_user_signingkey: true | |
| git_commit_gpgsign: true | |
| workdir: community-operators | |
| - name: Copy the bundle to the community-operators repo | |
| run: | | |
| mkdir -p community-operators/operators/nri-plugins-operator/${{ env.TAG }} | |
| cp -r deployment/operator/bundle/ community-operators/operators/nri-plugins-operator/${{ env.TAG }} | |
| - name: Create Pull Request | |
| uses: peter-evans/create-pull-request@v6 | |
| with: | |
| signoff: true | |
| author: "NRI Plugins Bot <${{ steps.import-gpg.outputs.email }}>" | |
| committer: "Github Actions <${{ steps.import-gpg.outputs.email }}>" | |
| add-paths: | | |
| operators/nri-plugins-operator/** | |
| path: community-operators | |
| push-to-fork: ${{ env.FORK }} | |
| branch: olm-${{ env.TAG }} | |
| token: ${{ secrets.BOT_PAT }} | |
| delete-branch: false | |
| title: 'nri-plugins-operator ${{ env.TAG }}' | |
| commit-message: 'Submit operator nri-plugins-operator ${{ env.TAG }}' | |
| body: | | |
| Added OLM bundle for [nri-plugins operator ${{ env.TAG }}](https://github.com/containers/nri-plugins/releases/tag/${{ env.TAG }}) | |
| > Auto-generated by `Github Actions Bot` | |
| - name: Close triggering issue on success | |
| if: ${{ github.event_name == 'issues' }} | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| run: | | |
| gh issue close --comment "Test PR filed successfully." ${{ github.event.issue.number }} |