-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
fix: Ensure provisioner deploy job runs (#618)
- Loading branch information
Showing
3 changed files
with
17 additions
and
16 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,5 @@ | ||
| --- | ||
| "provisioner": patch | ||
| --- | ||
|
|
||
| fix: Ensure the provisioner deployment is triggered |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -11,7 +11,10 @@ load("@rules_release//release:defs.bzl", "release_manager") | |
|
|
||
| package(default_visibility = ["//visibility:public"]) | ||
|
|
||
| exports_files(["WORKSPACE"]) | ||
| exports_files([ | ||
| "WORKSPACE", | ||
| ".github", | ||
| ]) | ||
|
|
||
| bool_flag( | ||
| name = "setup_debug_flag", | ||
|
|
@@ -207,36 +210,24 @@ diff_test( | |
| file2 = ":pdm-setup_lock", | ||
| ) | ||
|
|
||
| task( | ||
| name = "git_askpass", | ||
| cmds = [ | ||
| "export OP_SERVICE_ACCOUNT_TOKEN=${ONEPASSWORD_SERVICE_ACCOUNT_TOKEN_PROD:-}", | ||
| "echo $($OP read op://vgijssel-prod/github-git-push/credential)", | ||
| ], | ||
| env = { | ||
| "OP": cmd.executable("//tools/onepassword:op"), | ||
| }, | ||
| ) | ||
|
|
||
| task( | ||
| name = "push_git_changes", | ||
| cmds = [ | ||
| "export OP_SERVICE_ACCOUNT_TOKEN=${ONEPASSWORD_SERVICE_ACCOUNT_TOKEN_PROD:-}", | ||
| "export GIT_AUTHOR_NAME=$($OP read op://vgijssel-prod/github-git-push/username)", | ||
| "export GIT_AUTHOR_EMAIL=$($OP read op://vgijssel-prod/github-git-push/email)", | ||
| "export GIT_PUSH_PASSWORD=$($OP read op://vgijssel-prod/github-git-push/credential)", | ||
| "export GIT_COMMITTER_NAME=$GIT_AUTHOR_NAME", | ||
| "export GIT_COMMITTER_EMAIL=$GIT_AUTHOR_EMAIL", | ||
| "git add .", | ||
| "export CHANGES_TO_COMMIT=$(git diff-index --quiet HEAD && echo false || echo true)", | ||
| "if [ $CHANGES_TO_COMMIT = false ]; then echo 'Nothing to commit, working tree clean. Exitting.'; exit 0; fi", | ||
| "git commit -m 'chore(release_manager): update release files'", | ||
| # Disable credential.helper to ensure GIT_ASKPASS is used and not cached | ||
| # Force https to ensure GIT_ASKPASS is used and we can use al alternative username | ||
| "git -c credential.helper= push --tags https://[email protected]/vgijssel/setup.git HEAD:master", | ||
| # Disable credential.helper to ensure the passed in token is used | ||
| "git -c credential.helper= push --tags https://[email protected]/vgijssel/setup.git HEAD:master", | ||
| ], | ||
| cwd = "$BUILD_WORKSPACE_DIRECTORY", | ||
| env = { | ||
| "GIT_ASKPASS": cmd.executable(":git_askpass"), | ||
| "OP": cmd.executable("//tools/onepassword:op"), | ||
| }, | ||
| ) | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters