Skip to content

Merge Queue

Merge Queue #2

Workflow file for this run

name: Merge Queue
on:
merge_group: {}
workflow_dispatch: {}
jobs:
deploy:
uses: ./.github/workflows/update-workflows.yml
secrets: inherit
with:
bridged: true
provider_name: xyz
automerge: true
downstream_test: true
skip_closing_prs: true
caller_workflow: "pull-request"
await_release:
name: Await release
runs-on: ubuntu-latest
needs: deploy
if: needs.deploy.outputs.pull_request_created == 'true'
env:
GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }}
steps:
# Open PR to XYZ
# Set to auto-merge & minor auto-release
# Wait for merge
# Wait for main build success
# Wait for release workflow success
- name: Await PR opened for pulumi-xyz
run: |
echo Await PR opened for pulumi-xyz
until gh search prs --repo pulumi/pulumi-xyz --match body "This PR was automatically generated by the pull-request workflow in the pulumi/ci-mgmt repo, from commit ${{ github.sha }}." --json url | grep url; do sleep 30; done;
- name: Find PR number
id: pr_number
run: |
number=$(gh search prs --repo pulumi/pulumi-xyz --match body "This PR was automatically generated by the pull-request workflow in the pulumi/ci-mgmt repo, from commit ${{ github.sha }}." --json number --jq '.[0].number')
echo "PR number is $number"
echo "number=${number}" >> "${GITHUB_OUTPUT}"
- name: Add needs-release label
run: gh pr edit --repo "pulumi/pulumi-xyz" "${{ steps.pr_number.outputs.number }}" --add-label "needs-release/patch"
- name: Await first checks started
# Wait for at least 3 checks to be started before we start waiting for them to finish.
# There's a couple of quick checks like comment notification and changelog which are started before the PR checks.
run: while [[ $(gh pr checks --repo "pulumi/pulumi-xyz" "${{ steps.pr_number.outputs.number }}" | wc -l) -le 2 ]]; do sleep 1; done
- name: Await PR codegen tests succeed.
run: gh pr checks --repo "pulumi/pulumi-xyz" "${{ steps.pr_number.outputs.number }}" --watch --fail-fast
- name: Await PR merged
run: while [[ $(gh pr view --repo "pulumi/pulumi-xyz" "${{ steps.pr_number.outputs.number }}" --json "state" --jq ".state") == "OPEN" ]]; do sleep 1; done
timeout-minutes: 2
- name: Get merge commit
id: merge_commit
run: |
merge_commit_oid=$(gh pr view --repo "pulumi/pulumi-xyz" "${{ steps.pr_number.outputs.number }}" --json "mergeCommit" --jq ".mergeCommit.oid")
if [[ -z "${merge_commit_oid}" ]]; then
echo "Failed to get merge commit"
exit 1
fi
echo "Merge commit oid is ${merge_commit_oid}"
echo "oid=${merge_commit_oid}" >> "${GITHUB_OUTPUT}"
- name: Await main build start
id: main_build
run: |
until (gh run list --repo "pulumi/pulumi-xyz" --workflow main --json headSha | grep -q "${{ steps.merge_commit.outputs.oid }}"); do sleep 1; done
database_id=$(gh run list --repo "pulumi/pulumi-xyz" --workflow main --json "number,headSha,databaseId" | jq '.[] | select(.headSha == "${{ steps.merge_commit.outputs.oid }}") | .databaseId')
echo "Main build started with database id ${database_id}"
echo "id=${database_id}" >> "${GITHUB_OUTPUT}"
timeout-minutes: 2
# Checkout pulumi-xyz so we get credentials ready to use
- name: Checkout pulumi-xyz
uses: actions/checkout@v4
with:
repository: pulumi/pulumi-xyz
ref: main
token: ${{ secrets.PULUMI_BOT_TOKEN }}
- name: Await main build success
run: gh run watch --repo "pulumi/pulumi-xyz" "${{ steps.main_build.outputs.id }}" --exit-status
- name: Get tag for release
id: release_tag
timeout-minutes: 2
run: |
until (git ls-remote --tags "[email protected]:pulumi/pulumi-xyz.git" | grep -q "${{ steps.merge_commit.outputs.oid }}"); do sleep 1; done
# Also handle annotated tags in the format refs/tags/v0.1.0^{}
tag=$(git ls-remote --tags "[email protected]:pulumi/pulumi-xyz.git" | grep "${{ steps.merge_commit.outputs.oid }}" | cut -d '/' -f 3 | sed -E 's/\^\{\}$//')
echo "Tag for release is ${tag}"
echo "tag=${tag}" >> "${GITHUB_OUTPUT}"
- name: Wait for release workflow run
id: release_workflow
timeout-minutes: 2
run: |
until (gh run list --repo "pulumi/pulumi-xyz" --workflow release --branch "${{ steps.release_tag.outputs.tag }}" --json headBranch | grep -q "${{ steps.release_tag.outputs.tag }}"); do sleep 1; done
database_id=$(gh run list --repo "pulumi/pulumi-xyz" --workflow release --branch "${{ steps.release_tag.outputs.tag }}" --json "databaseId" -- jq '.[0].databaseId')
echo "Release workflow started with id ${database_id}"
echo "id=${database_id}" >> "${GITHUB_OUTPUT}"
- name: Await release workflow success
run: gh run watch --repo "pulumi/pulumi-xyz" "${{ steps.release_workflow.outputs.id }}" --exit-status