generated from axone-protocol/template-oss
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #15 from axone-protocol/ci/maintainance-maintainer…
…s-dependabot ci(workflow): add maintainance-set-assignees-reviewers workflow
- Loading branch information
Showing
1 changed file
with
116 additions
and
0 deletions.
There are no files selected for viewing
116 changes: 116 additions & 0 deletions
116
.github/workflows/maintenance-set-assignees-reviewers.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,116 @@ | ||
| name: "[Maintenance] Set assignees and reviewers" | ||
|
|
||
| on: | ||
| workflow_dispatch: | ||
|
|
||
| env: | ||
| AUTH_USER: "bot-anik" | ||
|
|
||
| jobs: | ||
| check-permissions: | ||
| runs-on: ubuntu-22.04 | ||
| steps: | ||
| - name: Not authorized | ||
| if: ${{ github.event_name == 'workflow_dispatch' && github.actor != env.AUTH_USER }} | ||
| run: | | ||
| echo "Error: Only $AUTH_USER can trigger this workflow." | ||
| exit 1 | ||
| set-assignees-reviewers: | ||
| runs-on: ubuntu-22.04 | ||
| needs: | ||
| - check-permissions | ||
| steps: | ||
| - name: Check out repository | ||
| uses: actions/checkout@v4 | ||
| with: | ||
| token: ${{ secrets.OPS_TOKEN }} | ||
|
|
||
| - name: Import GPG key | ||
| uses: crazy-max/ghaction-import-gpg@v6 | ||
| with: | ||
| gpg_private_key: ${{ secrets.BOT_GPG_PRIVATE_KEY }} | ||
| passphrase: ${{ secrets.BOT_GPG_PASSPHRASE }} | ||
| git_config_global: true | ||
| git_user_signingkey: true | ||
| git_commit_gpgsign: true | ||
|
|
||
| - name: Set assignees and reviewers | ||
| env: | ||
| ORG: ${{ github.repository_owner }} | ||
| REPO_FILTER: --visibility=public --source --no-archived | ||
| REPO_LIMIT: 100 | ||
| BRANCH_NAME: ci/update-dependabot-assignees-reviewers | ||
| DEPENDABOT_FILE: .github/dependabot.yml | ||
| DEPENDABOT_REVIEWERS: "axone-protocol/maintainers" | ||
| DEPENDABOT_ASSIGNEES: "axone-protocol/maintainers" | ||
| PR_TITLE: "👩🔧 Update Dependabot assignees and reviewers" | ||
| PR_BODY: | | ||
| Hey there 👋! I've updated the assignees and reviewers in the Dependabot configuration. | ||
| Please review the changes and merge this pull request if everything looks good. Thanks! ❤️ | ||
| COMMIT_MESSAGE: "ci(dependabot): update assignees and reviewers" | ||
| GH_TOKEN: ${{ secrets.OPS_TOKEN }} | ||
| run: | | ||
| mkdir -p temp | ||
| cd temp | ||
| repos=$(gh repo list "$ORG" "$REPO_FILTER" --limit "$REPO_LIMIT" --json nameWithOwner --jq '.[].nameWithOwner' | sort) | ||
| for repo in $repos; do | ||
| existing_pr=$(gh pr list --repo "$repo" --head "$BRANCH_NAME" --state open --json number --jq '.[].number') | ||
| if [[ -n $existing_pr ]]; then | ||
| echo "🙅 Existing pull request found for branch $BRANCH_NAME (#$existing_pr). Skipping..." | ||
| continue | ||
| fi | ||
| echo "⬇️ Cloning $repo..." | ||
| gh repo clone "$repo" -- --depth 1 | ||
| repo_name=$(basename "$repo") | ||
| cd "$repo_name" || { echo "❌ Failed to enter $repo_name"; continue; } | ||
| if [[ -f "$DEPENDABOT_FILE" ]]; then | ||
| echo "✅ Dependabot config found. Checking for necessary changes..." | ||
| YQ_REVIEWERS=$(echo $DEPENDABOT_REVIEWERS | sed 's/ /", "/g') | ||
| yq e "(.updates[] | select(.reviewers == null).reviewers) = [\"$YQ_REVIEWERS\"] | (.updates[] | select(has(\"reviewers\")).reviewers) = [\"$YQ_REVIEWERS\"]" -i "$DEPENDABOT_FILE" | ||
| YQ_ASSIGNEES=$(echo $DEPENDABOT_ASSIGNEES | sed 's/ /", "/g') | ||
| yq e "(.updates[] | select(.assignees == null).assignees) = [\"$YQ_ASSIGNEES\"] | (.updates[] | select(has(\"assignees\")).assignees) = [\"$YQ_ASSIGNEES\"]" -i "$DEPENDABOT_FILE" | ||
| if [[ -n $(git status -s) ]]; then | ||
| echo "✅ Changes detected. Updating Dependabot configuration..." | ||
| echo "│" | ||
| echo "├── Checking out $BRANCH_NAME..." | ||
| git checkout -b "$BRANCH_NAME" | ||
| echo "│" | ||
| echo "├── Committing changes..." | ||
| git add "$DEPENDABOT_FILE" | ||
| git commit -S -m "$COMMIT_MESSAGE" | ||
| echo "│" | ||
| echo "└── Pushing changes..." | ||
| git push --set-upstream origin "$BRANCH_NAME" | ||
| echo "🔀 Creating pull request..." | ||
| REVIEWERS=$(echo $DEPENDABOT_REVIEWERS | sed 's/ /,/g') | ||
| ASSIGNEES=$(echo $DEPENDABOT_ASSIGNEES | sed 's/ /,/g') | ||
| gh pr create \ | ||
| --title "$PR_TITLE" \ | ||
| --body "$PR_BODY" \ | ||
| --reviewer "$REVIEWERS" \ | ||
| --assignee "$ASSIGNEES" \ | ||
| --head "$BRANCH_NAME" | ||
| else | ||
| echo "☑️ No changes required in Dependabot configuration for $repo." | ||
| fi | ||
| else | ||
| echo "🙅 No Dependabot config found in $repo." | ||
| fi | ||
| cd .. | ||
| rm -rf "$repo_name" | ||
| done | ||
| cd "$GITHUB_WORKSPACE" | ||
| rm -rf temp | ||
| echo "🎉 Done!" |