-
Notifications
You must be signed in to change notification settings - Fork 15
162 lines (144 loc) · 6.26 KB
/
davinci-alpha-package.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
name: Release Alpha Package
on:
issue_comment:
types: [created]
jobs:
triggerPrWorkflow:
name: Trigger PR Workflow
if: >
github.event.issue.pull_request &&
github.event.comment.body == '@toptal-bot run package:alpha-release'
runs-on: ubuntu-latest
permissions:
contents: write
id-token: write
actions: write
issues: write
pull-requests: write
env:
STATUS_CHECK_NAME: Publish Alpha Package
STATUS_TARGET_URL: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}
steps:
- name: GSM Secrets
id: secrets_manager
uses: toptal/davinci-github-actions/[email protected]
with:
workload_identity_provider: ${{ secrets.IDENTITY_POOL }}
service_account: ${{ secrets.SA_IDENTITY_POOL }}
secrets_name: |-
JENKINS_CLIENT_ID:toptal-ci/JENKINS_CLIENT_ID
JENKINS_URL:toptal-ci/JENKINS_URL
JENKINS_SA_CREDENTIALS:toptal-ci/JENKINS_SA_CREDENTIALS
NPM_TOKEN_PUBLISH:toptal-ci/NPM_TOKEN_PUBLISH
TOPTAL_DEVBOT_TOKEN:toptal-ci/TOPTAL_DEVBOT_TOKEN
TOPTAL_REPOACCESSBOT_TOKEN:toptal-ci/TOPTAL_REPOACCESSBOT_TOKEN
TOPTAL_TRIGGERBOT_TOKEN:toptal-ci/TOPTAL_TRIGGERBOT_TOKEN
TOPTAL_TRIGGERBOT_USERNAME:toptal-ci/TOPTAL_TRIGGERBOT_USERNAME
- name: Parse secrets
id: parse_secrets
uses: toptal/davinci-github-actions/[email protected]
with:
json: ${{ steps.secrets_manager.outputs.secrets }}
- name: Set ENV Variables
run: |-
echo "GITHUB_TOKEN=${{ steps.parse_secrets.outputs.TOPTAL_DEVBOT_TOKEN }}" >> $GITHUB_ENV
echo "NPM_TOKEN=${{ steps.parse_secrets.outputs.NPM_TOKEN_PUBLISH }}" >> $GITHUB_ENV
- name: Feedback on action started
uses: actions/github-script@v7
with:
github-token: ${{ env.GITHUB_TOKEN }}
script: |
const { owner, repo } = context.issue;
await github.rest.reactions.createForIssueComment({ owner, repo, comment_id: context.payload.comment.id, content: '+1' });
- id: branch
uses: xt0rted/[email protected]
- name: Specify branch
id: get-branch
run: |
echo "branch=${{ steps.branch.outputs.head_ref }}" >> $GITHUB_OUTPUT
echo "sha=${{ steps.branch.outputs.head_sha }}" >> $GITHUB_OUTPUT
- name: Configure git user
run: |
git config --global user.email "[email protected]"
git config --global user.name "toptal-bot"
- name: Checkout the latest code
uses: actions/checkout@v4
with:
token: ${{ env.GITHUB_TOKEN }}
ref: ${{ steps.get-branch.outputs.branch }}
fetch-depth: 0 # otherwise, you will fail to push refs to dest repo
- name: Set status check - pending
uses: actions/github-script@v7
with:
github-token: ${{ env.GITHUB_TOKEN }}
script: |
const { owner, repo } = context.issue;
await github.rest.repos.createCommitStatus({
repo,
owner,
state: 'pending',
sha: "${{ steps.get-branch.outputs.sha }}",
context: process.env.STATUS_CHECK_NAME,
target_url: process.env.STATUS_TARGET_URL
})
- name: Trigger alpha package
id: alpha-package
uses: toptal/davinci-github-actions/[email protected]
with:
npm-token: ${{ env.NPM_TOKEN }}
branch: ${{ steps.get-branch.outputs.branch }}
root-folder: "."
- name: Alpha package — Handle success
if: ${{ success() }}
uses: actions/github-script@v7
env:
versions: ${{ steps.alpha-package.outputs.versions }}
with:
github-token: ${{ env.GITHUB_TOKEN }}
script: |
const { repo: { owner, repo }, issue } = context
const { versions } = process.env
const body = "Your alpha package is ready 🎉<br/>" + versions.split(' ').reduce((acc, version) => {
acc += `\`yarn add ${version}\`<br/>`
return acc
}, '')
await github.rest.issues.createComment({ issue_number: issue.number, owner, repo, body })
- name: Set status check - success / failure / error
if: ${{ always() }}
uses: actions/github-script@v7
with:
github-token: ${{ env.GITHUB_TOKEN }}
script: |
const { owner, repo } = context.issue;
const status = "${{ job.status }}";
const state = status === 'cancelled' ? 'error' : status;
await github.rest.repos.createCommitStatus({
repo,
owner,
state,
sha: "${{ steps.get-branch.outputs.sha }}",
context: process.env.STATUS_CHECK_NAME,
target_url: process.env.STATUS_TARGET_URL
})
- name: Get toptal/actions
uses: actions/checkout@v4
with:
repository: toptal/actions
token: ${{ steps.parse_secrets.outputs.TOPTAL_REPOACCESSBOT_TOKEN }}
path: ./.github/actions/
- name: Replace toptal/actions/get-job-url@main from trigger-jenkins-job/action.yml
shell: bash
run: |
sed -i 's|toptal/actions/get-job-url@main|./.github/actions/get-job-url|' ./.github/actions/trigger-jenkins-job/action.yml
sed -i 's|toptal/actions/trigger-jenkins-job@main|./.github/actions/trigger-jenkins-job|' ./.github/actions/create-jira-deployment/action.yml
- name: Create Jira deployment
uses: ./.github/actions/create-jira-deployment/
with:
jenkins_url: ${{ steps.parse_secrets.outputs.JENKINS_URL }}
jenkins_user: ${{ steps.parse_secrets.outputs.TOPTAL_TRIGGERBOT_USERNAME }}
jenkins_token: ${{ steps.parse_secrets.outputs.TOPTAL_TRIGGERBOT_TOKEN }}
jenkins_client_id: ${{ steps.parse_secrets.outputs.JENKINS_CLIENT_ID }}
jenkins_sa_credentials: ${{ steps.parse_secrets.outputs.JENKINS_SA_CREDENTIALS }}
token: ${{ env.GITHUB_TOKEN }}
environment: development
environment-url: https://www.npmjs.com/package/@toptal/picasso?activeTab=versions