Skip to content

Document the github actions somewhere so that new arrivals to the repo know what does what #6

Document the github actions somewhere so that new arrivals to the repo know what does what

Document the github actions somewhere so that new arrivals to the repo know what does what #6

Workflow file for this run

name: Issue Submission to Pull Request
on:
issues:
types:
[opened, edited]
jobs:
submit-provider:
if: contains(github.event.issue.labels.*.name, 'provider') && contains(github.event.issue.labels.*.name, 'submission')
runs-on: ubuntu-latest
permissions:
issues: write
contents: write
pull-requests: write
steps:
- name: Checkout Repository
uses: actions/checkout@v4
- name: Set up Go
uses: actions/setup-go@v4
with:
go-version-file: './src/go.mod'
- name: Validate Provider and Create PR
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GH_REPO: ${{ github.repository }}
NUMBER: ${{ github.event.issue.number }}
URL: ${{ github.event.issue.url }}
TITLE: ${{ github.event.issue.title }}
BODY: ${{ github.event.issue.body }}
working-directory: ./src
run: |
set +e
echo "$BODY" | grep "\- \[[xX]\] I sign this project's \[DCO\](https://developercertificate.org/)"
if [[ "$?" != 0 ]]; then
gh issue comment $NUMBER -b "DCO must be signed to submit this repository"
exit 1
fi
set -e
repository=$(echo "$BODY" | grep "### Provider Repository" -A2 | tail -n1 | sed -e 's/[\r\n]//g')
set +e
go run ./cmd/add-provider -repository="$repository" -output=./output.json
if [[ "$?" != 0 ]]; then
gh issue comment $NUMBER -b "$(cat ./output.json | jq -r '.validation')"
exit 1
fi
set -e
namespace=$(cat ./output.json | jq -r '.namespace')
name=$(cat ./output.json | jq -r '.name')
jsonfile=$(cat ./output.json | jq -r '.file')
# Create Branch
branch=provider-submission_${namespace}_${name}
set +e
git checkout -b $branch
if [[ "$?" != 0 ]]; then
gh issue comment $NUMBER -b "Failed validation: A branch already exists for this provider '$branch'"
exit 1
fi
set -e
# Add result
git add $jsonfile
# Commit and push result
git config --global user.email "[email protected]"
git config --global user.name "OpenTofu Automation"
git commit -s -m "Create provider $namespace/$name"
git push -u origin $branch
# Create pull request and update issue
pr=$(gh pr create --title "$TITLE" --body "Created $(echo $jsonfile | sed -e 's/../src/') for provider $namespace/$name. Closes #$NUMBER.") #--assignee opentofu/core-engineers)
gh issue comment $NUMBER -b "Your submission has been validated and has moved on to the pull request phase ($pr). This issue has been locked."
gh issue lock $NUMBER -r resolved
submit-module:
if: contains(github.event.issue.labels.*.name, 'module') && contains(github.event.issue.labels.*.name, 'submission')
runs-on: ubuntu-latest
permissions:
issues: write
contents: write
pull-requests: write
steps:
- name: Checkout Repository
uses: actions/checkout@v4
- name: Set up Go
uses: actions/setup-go@v4
with:
go-version-file: './src/go.mod'
- name: Validate Module and Create PR
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GH_REPO: ${{ github.repository }}
NUMBER: ${{ github.event.issue.number }}
URL: ${{ github.event.issue.url }}
TITLE: ${{ github.event.issue.title }}
BODY: ${{ github.event.issue.body }}
working-directory: ./src
run: |
set +e
echo "$BODY" | grep "\- \[[xX]\] I sign this project's \[DCO\](https://developercertificate.org/)"
if [[ "$?" != 0 ]]; then
gh issue comment $NUMBER -b "DCO must be signed to submit this repository"
exit 1
fi
set -e
repository=$(echo "$BODY" | grep "### Module Repository" -A2 | tail -n1 | sed -e 's/[\r\n]//g')
set +e
go run ./cmd/add-module -repository="$repository" -output=./output.json
if [[ "$?" != 0 ]]; then
gh issue comment $NUMBER -b "$(cat ./output.json | jq -r '.validation')"
exit 1
fi
set -e
namespace=$(cat ./output.json | jq -r '.namespace')
name=$(cat ./output.json | jq -r '.name')
target=$(cat ./output.json | jq -r '.target')
jsonfile=$(cat ./output.json | jq -r '.file')
# Create Branch
branch=module-submission_${namespace}_${name}_${target}
set +e
git checkout -b $branch
if [[ "$?" != 0 ]]; then
gh issue comment $NUMBER -b "Failed validation: A branch already exists for this module '$branch'"
exit 1
fi
set -e
# Add result
git add $jsonfile
# Commit and push result
git config --global user.email "[email protected]"
git config --global user.name "OpenTofu Automation"
git commit -s -m "Create module $namespace/$name/$target"
git push -u origin $branch
# Create pull request and update issue
pr=$(gh pr create --title "$TITLE" --body "Created $(echo $jsonfile | sed -e 's/../src/') for module $namespace/$name/$target. Closes #$NUMBER.") #--assignee opentofu/core-engineers)
gh issue comment $NUMBER -b "Your submission has been validated and has moved on to the pull request phase ($pr). This issue has been locked."
gh issue lock $NUMBER -r resolved
submit-provider-key:
if: contains(github.event.issue.labels.*.name, 'provider-key') && contains(github.event.issue.labels.*.name, 'submission')
runs-on: ubuntu-latest
permissions:
issues: write
contents: write
pull-requests: write
steps:
- name: Checkout Repository
uses: actions/checkout@v4
- name: Set up Go
uses: actions/setup-go@v4
with:
go-version-file: './src/go.mod'
- name: Validate Provider and Create PR
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GH_REPO: ${{ github.repository }}
GH_USER: ${{ github.event.issue.user.login }}
NUMBER: ${{ github.event.issue.number }}
URL: ${{ github.event.issue.url }}
TITLE: ${{ github.event.issue.title }}
BODY: ${{ github.event.issue.body }}
working-directory: ./src
run: |
set +e
echo "$BODY" | grep "\- \[[xX]\] I sign this project's \[DCO\](https://developercertificate.org/)"
if [[ "$?" != 0 ]]; then
gh issue comment $NUMBER -b "DCO must be signed to submit this repository"
exit 1
fi
set -e
namespace=$(echo "$BODY" | grep "### Provider Namespace" -A2 | tail -n1 | tr "[:upper:]" "[:lower:]" | sed -e 's/[\r\n]//g')
keydata=$(echo "$BODY" | grep -A 1000 "BEGIN PGP PUBLIC KEY BLOCK" | grep -B 1000 "END PGP PUBLIC KEY BLOCK")
echo "$keydata" > tmp.key
set +e
go run ./cmd/verify-gpg-key -org "$namespace" -username "$GH_USER" -key-file=tmp.key -output=./output.json
verification=$?
set -e
gh issue comment $NUMBER -b "$(cat ./output.json | jq -r '.')"
if [[ "$verification" != 0 ]]; then
exit 1
fi
keyfile="../keys/${namespace:0:1}/$namespace/provider.asc"
if [ -d $(dirname $keyfile) ]; then
msg=Updated
git rm $(dirname $keyfile)/*
else
msg=Created
fi
mkdir -p $(dirname $keyfile)
mv tmp.key $keyfile
# Create Branch
branch=provider-key-submission_${namespace}
set +e
git checkout -b $branch
if [[ "$?" != 0 ]]; then
gh issue comment $NUMBER -b "Failed validation: A branch already exists for this provider '$branch'"
exit 1
fi
set -e
# Add result
git add $keyfile
# Commit and push result
git config --global user.email "[email protected]"
git config --global user.name "OpenTofu Automation"
git commit -s -m "Create provider key $namespace/$name"
git push -u origin $branch
# Create pull request and update issue
pr=$(gh pr create --title "$TITLE" --body "$msg $(echo $keyfile | sed -e 's/.././') for provider $namespace. Closes #$NUMBER.") #--assignee opentofu/core-engineers)
gh issue comment $NUMBER -b "Your submission has been validated and has moved on to the pull request phase ($pr). This issue has been locked."
gh issue lock $NUMBER -r resolved