-
Notifications
You must be signed in to change notification settings - Fork 53
80 lines (70 loc) · 3.01 KB
/
pr-comment-build-dispatcher.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
name: "PR command build dispatcher"
on:
issue_comment:
types: [created]
permissions:
pull-requests: write
concurrency:
group: ${{ github.workflow }}-pr-command-${{ github.event.issue.pull_request.number }}
cancel-in-progress: true
jobs:
run_pre_checks:
# Only run if this is a PR comment that contains a valid command
if: ${{ github.event.issue.pull_request }} && ( contains(github.event.comment.body, '/build-image') || contains(github.event.comment.body, '/update-sdk'))
name: Check if commenter is in the Flatcar maintainers team
outputs:
maintainers: steps.step1.output.maintainers
sdk_changes: ${{ steps.step3.outputs.sdk_changes }}
runs-on:
- ubuntu-latest
steps:
- name: Fetch members of the maintainers team
id: step1
env:
requester: ${{ github.event.comment.user.login }}
shell: bash
run: |
set -euo pipefail
curl --fail --show-error -L --silent \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer ${{ secrets.GH_ACTIONS_ORG_READ }}" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/orgs/flatcar/teams/flatcar-maintainers/members \
| jq -r '.[].login' > maintainers.txt
echo "Current members of the maintainers team:"
cat maintainers.txt
res=false
echo "Checking for membership of '${{ env.requester }}'"
if grep -qE "^${{ env.requester }}$" maintainers.txt ; then
echo "Succeeded."
res=true
else
echo "FAILED: '${{ env.requester }} is not a member of the Flatcar maintainers team."
fi
$res
- name: Set outputs
id: step2
shell: bash
run: |
echo "sdk_changes=${{ contains(github.event.comment.body, '/update-sdk') }}" >> $GITHUB_OUTPUT
- name: Post a link to the workflow run to the PR
id: step3
uses: mshick/add-pr-comment@v2
with:
issue: ${{ github.event.issue.pull_request.number }}
message: "Build action triggered: [${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}](${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }})"
update_sdk:
needs: run_pre_checks
if: needs.run_pre_checks.result == 'success' && needs.run_pre_checks.outputs.sdk_changes == 'true'
name: "Build an updated SDK container"
# SDK build needs access to bincache ssh secret
secrets: inherit
uses: ./.github/workflows/update-sdk.yaml
build_image:
needs: [ run_pre_checks, update_sdk ]
if: (always() && ! cancelled()) && needs.run_pre_checks.result == 'success' && needs.update_sdk.result != 'failure' && contains(github.event.comment.body, '/build-image')
name: "Build the OS image"
uses: ./.github/workflows/ci.yaml
with:
custom_sdk_version: ${{ needs.update_sdk.outputs.sdk_version }}
image_formats: qemu_uefi