Create pull request to repository #398

Workflow file for this run

.github/workflows/create-pull-request.yml at 4e144c9

	name: Create pull request to repository

	on:
	workflow_dispatch:
	inputs:
	should_create_pr:
	description: "Should create pull request"
	required: true
	type: boolean
	target_repo:
	description: "Repository to create pull request for"
	required: true
	type: string
	file_to_modify_path:
	description: "File to modify"
	required: true
	type: string
	script:
	description: "Script to run"
	required: true
	type: string
	script_params:
	description: "Parameters to use in the script"
	required: false
	step_id:
	description: "The step ID for the current step. Should match what the script does."
	required: true
	type: string
	team_name:
	description: "The team name used to create the data-ingestor repo"
	required: true
	type: string
	project_name:
	description: "The project name used to create the data-ingestor repo"
	required: true
	type: string
	service_account:
	description: "The GCP service account connected to the identity pool that will be used by Terraform for authentication to GCP."
	required: true
	type: string
	auth_project_number:
	description: "The GCP Project Number used for authentication. A 12-digit number used as a unique identifier for the project. Used to find workload identity pool."
	required: true
	type: string

	env:
	GITHUB_TOKEN: ${{ secrets.DASK_ONBOARDING_PAT }}
	SHOULD_CREATE_PR: ${{ inputs.should_create_pr }}
	TARGET_REPO: ${{ inputs.target_repo }}
	FILE_TO_MODIFY_PATH: ${{ inputs.file_to_modify_path }}
	SCRIPT: ${{ inputs.script }}
	SCRIPT_PARAMS: ${{ inputs.script_params }}
	STEP_ID: ${{ inputs.step_id }} # Must match step-id in dask-onboarding-service
	AUTH_PROJECT_NUMBER: ${{ inputs.auth_project_number }}
	SERVICE_ACCOUNT: ${{ inputs.service_account }}
	TEAM_NAME: ${{ inputs.team_name }} # Lowercase-name-for-team
	PROJECT_NAME: ${{ inputs.project_name }}

	jobs:
	create_pull_request:
	runs-on: ubuntu-latest
	permissions:
	id-token: write
	steps:
	- name: Setup Terraform
	uses: hashicorp/[email protected]
	with:
	terraform_wrapper: false

	- name: Set vars
	id: set-output
	run: \|
	PRODUCT_NAME=$(echo $SERVICE_ACCOUNT \| sed 's/-deploy.*//')
	DEFAULT_WORKLOAD_IDENTITY="projects/$AUTH_PROJECT_NUMBER/locations/global/workloadIdentityPools/$PRODUCT_NAME-deploy-pool/providers/github-provider"
	OVERRIDE=$WORKLOAD_IDENTITY_PROVIDER_OVERRIDE
	PROVIDER=${OVERRIDE:-$DEFAULT_WORKLOAD_IDENTITY}
	echo "WORKLOAD_IDENTITY_PROVIDER=$PROVIDER" >> $GITHUB_OUTPUT

	- name: Authenticate with Google Cloud
	uses: google-github-actions/auth@v1
	with:
	workload_identity_provider: ${{ steps.set-output.outputs.WORKLOAD_IDENTITY_PROVIDER }}
	service_account: ${{ env.SERVICE_ACCOUNT }}
	export_environment_variables: true
	create_credentials_file: true

	- name: Checkout current repository
	uses: actions/checkout@v4
	with:
	path: "current-repo"

	- name: Checkout target repository
	uses: actions/checkout@v4
	with:
	repository: kartverket/${{ env.TARGET_REPO }}
	ref: main
	token: ${{ env.GITHUB_TOKEN }}
	path: "target-repo"

	- name: Modify files
	working-directory: current-repo
	run: \|
	python scripts/${{ env.SCRIPT }} '../target-repo/${{ env.FILE_TO_MODIFY_PATH }}' '${{ env.SCRIPT_PARAMS }}'

	- name: Format Terraform Files
	if: env.SHOULD_CREATE_PR == 'true'
	working-directory: target-repo
	run: terraform fmt -recursive

	- name: Commit and Push to target repository
	if: env.SHOULD_CREATE_PR == 'true'
	working-directory: target-repo
	run: \|
	HASH=$(date +%s \| sha256sum \| head -c 4)
	BRANCH_NAME="dask-onboarding-ci-${{ env.PROJECT_NAME }}-${HASH}"
	echo "BRANCH_NAME=$BRANCH_NAME" >> $GITHUB_ENV

	git config --global user.name "DASK CI"
	git config --global user.email "[email protected]"
	git checkout -b $BRANCH_NAME
	git add .
	git commit -m "Update files from DASK CI workflow"
	git push origin $BRANCH_NAME

	- name: Create Pull Request
	id: create_pr
	if: env.SHOULD_CREATE_PR == 'true'
	uses: actions/github-script@v7
	with:
	script: \|
	const payload = {
	method: 'POST',
	headers: {
	'Authorization': `token ${{ env.GITHUB_TOKEN }}`,
	'Accept': 'application/vnd.github.v3+json'
	},
	body: JSON.stringify({
	title: 'Add new team from DASK CI workflow',
	head: '${{ env.BRANCH_NAME }}',
	base: 'main',
	draft: true
	})
	};

	fetch(`https://api.github.com/repos/kartverket/${{ env.TARGET_REPO }}/pulls`, payload)
	.then(response => {
	if (!response.ok) {
	throw new Error('Pull Request creation failed');
	}
	return response.json();
	})
	.then(data => {
	console.log('Pull Request created: ', data.url);
	core.setOutput('pullRequestUrl', data.url);
	})
	.catch(error => {
	console.error(error);
	});
	- name: Publish Pull Request URL to Firestore
	if: env.SHOULD_CREATE_PR == 'true' && steps.create_pr.outputs.pullRequestUrl && env.SCRIPT != 'entra_id_config.py'
	working-directory: current-repo
	run: \|
	echo "Pull request URL: ${{ steps.create_pr.outputs.pullRequestUrl }}"
	pip install google-cloud-firestore
	python scripts/publish_to_firestore.py
	env:
	GCP_PROJECT_ID: ${{ env.GCP_PROJECT_ID }}
	PULL_REQUEST_URL: ${{ steps.create_pr.outputs.pullRequestUrl }}
	TEAM_NAME: ${{ env.TEAM_NAME }}
	STEP_ID: ${{ env.STEP_ID }}

	send_success_message_to_pubsub:
	needs: create_pull_request
	uses: ./.github/workflows/publish-message-pubsub.yml
	permissions:
	id-token: write
	with:
	auth_project_number: ${{ inputs.auth_project_number }}
	service_account: ${{ inputs.service_account }}
	team_name: ${{ inputs.team_name }}
	step_id: ${{ inputs.step_id }}
	params: ${{ inputs.script_params }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Create pull request to repository #398

Workflow file

Create pull request to repository #398

Jobs

Run details

Workflow file for this run