Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore: add secrets to actions that use the bot #556

Merged
merged 9 commits into from
Sep 13, 2024
42 changes: 23 additions & 19 deletions doc-changelog/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,18 @@ inputs:
required: true
type: string

bot-user:
description: |
Use the PYANSYS_CI_BOT_USERNAME as the user for a git commit & push.
required: true
type: string

bot-email:
description: |
Use the PYANSYS_CI_BOT_EMAIL as the email for a git commit & push.
required: true
type: string

# Optional inputs

python-version:
Expand Down Expand Up @@ -99,13 +111,10 @@ runs:
token: ${{ inputs.token }}

- name: "Set up Python ${{ inputs.python-version }}"
env:
PYTHON_VERSION: ${{ inputs.python-version }}
PYTHON_CACHE: ${{ inputs.use-python-cache }}
uses: ansys/actions/_setup-python@main
with:
python-version: ${{ env.PYTHON_VERSION }}
use-cache: ${{ env.PYTHON_CACHE }}
python-version: ${{ inputs.python-version }}
use-cache: ${{ inputs.use-python-cache }}

- name: "Install towncrier"
shell: bash
Expand Down Expand Up @@ -156,14 +165,12 @@ runs:
- name: "Get labels in the pull request"
if: ${{ inputs.use-conventional-commits == 'false' }}
env:
OWNER: ${{ github.repository_owner }}
REPO_NAME: ${{ github.event.repository.name }}
PR_NUMBER: ${{ github.event.number }}
GH_TOKEN: ${{ inputs.token }}
REPO_NAME: ${{ github.event.repository.name }}
shell: bash
run: |
# Get the labels in the pull request
pr_labels=$(gh api repos/${{ env.OWNER }}/${{ env.REPO_NAME }}/pulls/${{ env.PR_NUMBER }} --jq '.labels.[].name')
pr_labels=$(gh api repos/${{ github.repository_owner }}/${{ env.REPO_NAME }}/pulls/${{ github.event.number }} --jq '.labels.[].name')
RobPasMue marked this conversation as resolved.
Show resolved Hide resolved

# Save the labels to an environment variable
# For example, LABELS="enhancement maintenance"
Expand Down Expand Up @@ -194,13 +201,11 @@ runs:
changelog_cateogry_labels(labels)

- name: "Remove PR fragment file if it already exists"
env:
PR_NUMBER: ${{ github.event.number }}
shell: bash
run: |
# Find files containing the PR number
# For example, 20.*.md
file=`find . -type f -name "${{ env.PR_NUMBER }}.*.md"`
file=`find . -type f -name "${{ github.event.number }}.*.md"`
klmcadams marked this conversation as resolved.
Show resolved Hide resolved

# If the fragment file exists, then delete the file
if [ ! -z "$file" ]; then
Expand All @@ -224,37 +229,36 @@ runs:
clean_pr_title(pr_title, use_cc)

- name: "Append towncrier categories to pyproject.toml"
env:
REPO_NAME: ${{ github.event.repository.name }}
shell: python
run: |
import sys
sys.path.insert(1, '${{ github.action_path }}/../doc-changelog/')

from parse_pr_title import add_towncrier_config

repo_name = "${{ github.event.repository.name }}"
repo_name = "${{ env.REPO_NAME }}"
org_name = "${{ github.repository_owner }}"

default_config = True if "${{ inputs.use-default-towncrier-config }}" == "true" else False

add_towncrier_config(org_name, repo_name, default_config)

- name: "Create and commit towncrier fragment"
env:
PR_BRANCH: ${{ github.event.pull_request.head.ref }}
PR_NUMBER: ${{ github.event.number }}
shell: bash
run: |
# Changelog fragment file in the following format
# For example, 20.added.md
fragment="${{ env.PR_NUMBER }}.${{ env.CHANGELOG_SECTION }}.md"
fragment="${{ github.event.number }}.${{ env.CHANGELOG_SECTION }}.md"
klmcadams marked this conversation as resolved.
Show resolved Hide resolved

# Create changelog fragment with towncrier
# Fragment file contains the title of the PR
towncrier create -c "${{ env.CLEAN_TITLE }}" $fragment

# Configure git username & email
git config user.name 'pyansys-ci-bot'
git config user.email '[email protected]'
git config user.name ${{ inputs.bot-user }}
git config user.email ${{ inputs.bot-email }}

# Add towncrier fragment
git add .
Expand Down
23 changes: 16 additions & 7 deletions doc-deploy-changelog/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -89,6 +89,18 @@ inputs:
required: true
type: string

bot-user:
description: |
Use the PYANSYS_CI_BOT_USERNAME as the user for a git commit & push.
required: true
type: string

bot-email:
description: |
Use the PYANSYS_CI_BOT_EMAIL as the email for a git commit & push.
required: true
type: string

# Optional inputs

python-version:
Expand Down Expand Up @@ -157,13 +169,10 @@ runs:
fetch-depth: 0

- name: "Set up Python ${{ inputs.python-version }}"
env:
PYTHON_VERSION: ${{ inputs.python-version }}
PYTHON_CACHE: ${{ inputs.use-python-cache }}
uses: ansys/actions/_setup-python@main
with:
python-version: ${{ env.PYTHON_VERSION }}
use-cache: ${{ env.PYTHON_CACHE }}
python-version: ${{ inputs.python-version }}
use-cache: ${{ inputs.use-python-cache }}

- name: Save tag version
shell: bash
Expand Down Expand Up @@ -262,8 +271,8 @@ runs:
fi

# Configure git username & email
git config user.name 'pyansys-ci-bot'
git config user.email '[email protected]'
git config user.name ${{ inputs.bot-user }}
git config user.email ${{ inputs.bot-email }}

# Add CHANGELOG.md file and deleted ${{ env.TOWNCRIER_DIR }}/*.md files
git add .
Expand Down
40 changes: 25 additions & 15 deletions doc-deploy-dev/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -49,6 +49,18 @@ inputs:
required: true
type: string

bot-user:
description: |
Use the PYANSYS_CI_BOT_USERNAME as the user for a git commit & push.
required: true
type: string

bot-email:
description: |
Use the PYANSYS_CI_BOT_EMAIL as the email for a git commit & push.
required: true
type: string

# Optional inputs

doc-artifact-name:
Expand Down Expand Up @@ -145,19 +157,17 @@ runs:
token: ${{ inputs.token }}

- name: "Ensure that the desired branch exists"
env:
BRANCH: ${{ inputs.branch }}
shell: bash
run: |
# Check the ${{ env.BRANCH }} branch exists on remote
branch_exists=$(git ls-remote --heads origin refs/heads/${{ env.BRANCH }} 2>&1)
# Check the ${{ inputs.branch }} branch exists on remote
branch_exists=$(git ls-remote --heads origin refs/heads/${{ inputs.branch }} 2>&1)

# If the ${{ env.BRANCH }} doesn't exist, then print error message and exit 1
# If the ${{ inputs.branch }} doesn't exist, then print error message and exit 1
if [ -z "$branch_exists" ]; then
echo "The ${{ env.BRANCH }} branch does not exist. Creating ${{ env.BRANCH }}."
echo "The ${{ inputs.branch }} branch does not exist. Creating ${{ inputs.branch }}."

# Create orphan branch
git checkout --orphan ${{ env.BRANCH }}
git checkout --orphan ${{ inputs.branch }}

# Unstage files to be committed
git rm --cached -r .
Expand All @@ -166,16 +176,16 @@ runs:
git clean -fd

# Configure git username & email
git config user.name 'pyansys-ci-bot'
git config user.email '[email protected]'
git config user.name ${{ inputs.bot-user }}
git config user.email ${{ inputs.bot-email }}

# Commit ${{ env.BRANCH }} & push to origin
git commit --allow-empty -m "Create ${{ env.BRANCH }} branch"
git push -u origin ${{ env.BRANCH }}
# Commit ${{ inputs.branch }} & push to origin
git commit --allow-empty -m "Create ${{ inputs.branch }} branch"
git push -u origin ${{ inputs.branch }}
else
# Fetch and switch to ${{ env.BRANCH }}
git fetch origin ${{ env.BRANCH }}:${{ env.BRANCH }}
git switch ${{ env.BRANCH }}
# Fetch and switch to ${{ inputs.branch }}
git fetch origin ${{ inputs.branch }}:${{ inputs.branch }}
git switch ${{ inputs.branch }}
fi

# ------------------------------------------------------------------------
Expand Down
48 changes: 31 additions & 17 deletions doc-deploy-stable/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -54,6 +54,18 @@ inputs:
required: true
type: string

bot-user:
description: |
Use the PYANSYS_CI_BOT_USERNAME as the user for a git commit & push.
required: true
type: string

bot-email:
description: |
Use the PYANSYS_CI_BOT_EMAIL as the email for a git commit & push.
required: true
type: string

# Optional inputs

doc-artifact-name:
Expand Down Expand Up @@ -155,10 +167,12 @@ runs:
'release/<MAJOR>.<MINOR>'.

- name: "Collect version number from the tag"
env:
REF_NAME: ${{ github.ref_name }}
shell: bash
if: github.ref_type == 'tag'
run: |
tag=${{ github.ref_name }}
tag=${{ env.REF_NAME }}
version=$( echo $tag | cut -d 'v' -f 2)

if [[ $version =~ ^(0|[1-9][0-9]*)\.(0|[1-9][0-9]*)\.(0|[1-9][0-9]*)$ ]]; then
Expand All @@ -169,10 +183,12 @@ runs:
fi

- name: "Collect version number from the release branch"
env:
REF_NAME: ${{ github.ref_name }}
shell: bash
if: github.ref_type == 'branch'
run: |
tag=${{ github.ref_name }}
tag=${{ env.REF_NAME }}
version=$( echo $tag | cut -d '/' -f 2)

if [[ $version =~ ^(0|[1-9][0-9]*)\.(0|[1-9][0-9]*)(\..*)?$ ]]; then
Expand Down Expand Up @@ -219,19 +235,17 @@ runs:
token: ${{ inputs.token }}

- name: "Ensure that the desired branch exists"
env:
BRANCH: ${{ inputs.branch }}
shell: bash
run: |
# Check the ${{ env.BRANCH }} branch exists on remote
branch_exists=$(git ls-remote --heads origin refs/heads/${{ env.BRANCH }} 2>&1)
# Check the ${{ inputs.branch }} branch exists on remote
branch_exists=$(git ls-remote --heads origin refs/heads/${{ inputs.branch }} 2>&1)

# If the ${{ env.BRANCH }} doesn't exist, then print error message and exit 1
# If the ${{ inputs.branch }} doesn't exist, then print error message and exit 1
if [ -z "$branch_exists" ]; then
echo "The ${{ env.BRANCH }} branch does not exist. Creating ${{ env.BRANCH }}."
echo "The ${{ inputs.branch }} branch does not exist. Creating ${{ inputs.branch }}."

# Create orphan branch
git checkout --orphan ${{ env.BRANCH }}
git checkout --orphan ${{ inputs.branch }}

# Unstage files to be committed
git rm --cached -r .
Expand All @@ -240,16 +254,16 @@ runs:
git clean -fd

# Configure git username & email
git config user.name 'pyansys-ci-bot'
git config user.email '[email protected]'
git config user.name ${{ inputs.bot-user }}
git config user.email ${{ inputs.bot-email }}

# Commit ${{ env.BRANCH }} & push to origin
git commit --allow-empty -m "Create ${{ env.BRANCH }} branch"
git push -u origin ${{ env.BRANCH }}
# Commit ${{ inputs.branch }} & push to origin
git commit --allow-empty -m "Create ${{ inputs.branch }} branch"
git push -u origin ${{ inputs.branch }}
else
# Fetch and switch to ${{ env.BRANCH }}
git fetch origin ${{ env.BRANCH }}:${{ env.BRANCH }}
git switch ${{ env.BRANCH }}
# Fetch and switch to ${{ inputs.branch }}
git fetch origin ${{ inputs.branch }}:${{ inputs.branch }}
git switch ${{ inputs.branch }}
fi

# ------------------------------------------------------------------------
Expand Down
2 changes: 2 additions & 0 deletions doc/source/doc-actions/examples/doc-changelog-basic.yml
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,8 @@ changelog-fragment:
- uses: ansys/actions/doc-changelog@{{ version }}
with:
token: ${{ '{{ secrets.PYANSYS_CI_BOT_TOKEN }}' }}
bot-user: ${{ '{{ secrets.PYANSYS_CI_BOT_USERNAME }}' }}
bot-email: ${{ '{{ secrets.PYANSYS_CI_BOT_EMAIL }}' }}
# uncomment this line to use conventional commits instead of labels
# use-conventional-commits: true
# uncomment this if you don't have any towncrier configuration in your pyproject.toml file
Expand Down
2 changes: 2 additions & 0 deletions doc/source/doc-actions/examples/doc-deploy-changelog.yml
Original file line number Diff line number Diff line change
Expand Up @@ -9,3 +9,5 @@ update-changelog:
- uses: ansys/actions/doc-deploy-changelog@{{ version }}
with:
token: ${{ '{{ secrets.PYANSYS_CI_BOT_TOKEN }}' }}
bot-user: ${{ '{{ secrets.PYANSYS_CI_BOT_USERNAME }}' }}
bot-email: ${{ '{{ secrets.PYANSYS_CI_BOT_EMAIL }}' }}
2 changes: 2 additions & 0 deletions doc/source/doc-actions/examples/doc-deploy-dev-basic.yml
Original file line number Diff line number Diff line change
Expand Up @@ -9,3 +9,5 @@ doc-deploy-dev:
with:
cname: "<library>.docs.pyansys.com"
token: ${{ '{{ secrets.GITHUB_TOKEN }}' }}
bot-user: ${{ '{{ secrets.PYANSYS_CI_BOT_USERNAME }}' }}
bot-email: ${{ '{{ secrets.PYANSYS_CI_BOT_EMAIL }}' }}
2 changes: 2 additions & 0 deletions doc/source/doc-actions/examples/doc-deploy-stable-basic.yml
Original file line number Diff line number Diff line change
Expand Up @@ -9,3 +9,5 @@ doc-deploy-stable:
with:
cname: "<library>.docs.pyansys.com"
token: ${{ '{{ secrets.GITHUB_TOKEN }}' }}
bot-user: ${{ '{{ secrets.PYANSYS_CI_BOT_USERNAME }}' }}
bot-email: ${{ '{{ secrets.PYANSYS_CI_BOT_EMAIL }}' }}
12 changes: 12 additions & 0 deletions doc/source/migrations/index.rst
Original file line number Diff line number Diff line change
Expand Up @@ -21,11 +21,23 @@ Development version

**Breaking changes:**
klmcadams marked this conversation as resolved.
Show resolved Hide resolved

- Use secrets for commit and push credentials within ``ansys/actions/doc-changelog``,
``ansys/actions/doc-deploy-changelog``, ``ansys/actions/doc-deploy-dev``, and
``ansys/actions/doc-deploy-stable``.

**Migration steps:**

- To set up your repository to use the ``ansys/actions/release-pypi-*`` action with the `Trusted Publisher`_ approach,
see the :ref:`release_pypi_trusted_publisher`.

- Add the following required inputs to ``ansys/actions/doc-changelog``, ``ansys/actions/doc-deploy-changelog``,
``ansys/actions/doc-deploy-dev``, and ``ansys/actions/doc-deploy-stable``:

.. code:: yaml

bot-user: ${{ secrets.PYANSYS_CI_BOT_USERNAME }}
bot-email: ${{ secrets.PYANSYS_CI_BOT_EMAIL }}

Version ``v6``
--------------

Expand Down
Loading