-
Notifications
You must be signed in to change notification settings - Fork 98
92 lines (91 loc) · 3.56 KB
/
nightly_version_checks.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
---
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
name: Nightly version checks
on:
schedule:
- cron: '0 1 * * 1-5' # 01:00 AM UTC Monday - Friday
workflow_dispatch: {}
defaults:
run:
shell: nix develop --impure --command bash {0}
jobs:
redpanda-version:
strategy:
matrix:
chart:
- redpanda
- console
# Operator changed it's versioning scheme, so that version checks wrongly open PRs
# - operator
fail-fast: false
runs-on: ubuntu-22.04
permissions:
contents: write
id-token: write
steps:
- uses: aws-actions/configure-aws-credentials@v4
with:
aws-region: ${{ vars.RP_AWS_CRED_REGION }}
role-to-assume: arn:aws:iam::${{ secrets.RP_AWS_CRED_ACCOUNT_ID }}:role/${{ vars.RP_AWS_CRED_BASE_ROLE_NAME }}${{ github.event.repository.name }}
- uses: aws-actions/aws-secretsmanager-get-secrets@v2
with:
secret-ids: |
,sdlc/prod/github/actions_bot_token
parse-json-secrets: true
- uses: cachix/install-nix-action@v30
with:
github_access_token: ${{ secrets.GITHUB_TOKEN }}
# Cache the nix store.
- uses: DeterminateSystems/magic-nix-cache-action@v8
# Try to checkout a branch with the same name as provided in the dispatch
- uses: actions/checkout@v4
id: checkout
with:
ref: main
fetch-depth: 0
token: ${{ env.ACTIONS_BOT_TOKEN }}
continue-on-error: true
# If we couldn't checkout the provided branch, we will checkout the default branch
# instead. We assume that the branch does not yet exist, but we will create it,
# when we commit the updated dependencies.
- uses: actions/checkout@v4
if: ${{ steps.checkout.outcome != 'success' }}
with:
token: ${{ env.ACTIONS_BOT_TOKEN }}
fetch-depth: 0
- run: go install github.com/joejulian/docker-tag-list@latest
- name: Check chart version for ${{ matrix.chart }}
id: chartversion
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: .github/bump_chart_versions.sh ${{ matrix.chart }}
- run: task ci:lint
- name: Debug -- delete me
run: |
echo TITLE
echo steps.chartversion.outputs.TITLE
echo INPUT_BODY
echo "${INPUT_BODY}"
echo CHANGED
echo steps.chartversion.outputs.CHANGED
- name: Create PR
if: steps.chartversion.outputs.CHANGED == 'true'
uses: peter-evans/create-pull-request@5e914681df9dc83aa4e4905692ca88beb2f9e91f # v7.0.5
with:
title: ${{ steps.chartversion.outputs.TITLE }}
commit-message: ${{ steps.chartversion.outputs.TITLE }}
body-path: ${{ steps.chartversion.outputs.BODY_FILE }}
branch: bump-appversion/${{ matrix.chart }}