Enable Pack Build and Test #452
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Enable Pack Build and Test | |
| on: | |
| # Daily at 3 in the morning | |
| schedule: | |
| - cron: "0 3 * * *" | |
| # manual rebuilds by TSC members | |
| workflow_dispatch: | |
| env: | |
| ci_branch: master | |
| exchange_tools_branch: master | |
| packs_org: StackStorm-Exchange | |
| pack_repo_prefix: stackstorm | |
| # We need to be able to enable Workflows in all the repositories under the | |
| # StackStorm Exchange GitHub Organization. We are using the GitHub CLI (gh). | |
| # At the time of writing, it appears that fine grained PATs do not work with | |
| # GraphQL. As such, this only leaves the classic PATs. The bare minimum | |
| # permissions of repo:* and workflow are enough. | |
| GH_TOKEN: ${{ secrets.GH_ORG_CI_TOKEN }} | |
| # Only allow one workflow run per branch at a time. | |
| # When one is already running, new runs will be pending. | |
| # https://github.blog/changelog/2021-04-19-github-actions-limit-workflow-run-or-job-concurrency/ | |
| concurrency: | |
| group: enable-pack-build-and-test-${{ github.ref }} | |
| # Do not use cancel-in-progress! Or we might create a scenario where all workflows get canceled before they complete. | |
| permissions: | |
| contents: read # Need to clone repositories | |
| jobs: | |
| enable_pack_build_and_test_workflow: | |
| runs-on: ubuntu-20.04 | |
| name: Enable Pack Build and Test workflow | |
| steps: | |
| - name: Add checkout paths to env context | |
| shell: bash | |
| run: | | |
| echo "CI_DIR=${{ github.workspace }}/ci" >> ${GITHUB_ENV} | |
| echo "TOOLS_DIR=${{ github.workspace }}/exchange-tools" >> ${GITHUB_ENV} | |
| - name: Checkout ci repo | |
| uses: actions/checkout@v2 | |
| with: | |
| repository: StackStorm-Exchange/ci | |
| ref: ${{ env.ci_branch }} | |
| path: ci | |
| fetch-depth: 1 | |
| - name: Checkout exchange-tools repo | |
| uses: actions/checkout@v2 | |
| with: | |
| repository: StackStorm-Exchange/exchange-tools | |
| ref: ${{ env.exchange_tools_branch }} | |
| path: exchange-tools | |
| fetch-depth: 1 | |
| # TODO: Make sure this actually constitutes "repository activity" | |
| - name: Set this Workflow to active (attempt to prevent 60d disabling of itself) | |
| shell: bash | |
| env: | |
| WORKFLOW_PATH: repos/${{ github.repository }}/actions/workflows/enable-pack-build-and-test.yaml | |
| run: | | |
| gh api --method PUT "${WORKFLOW_PATH}/enable" | |
| - name: Enable Pack Repos Build and Test Workflow | |
| shell: bash | |
| env: | |
| PACKS_ORG: ${{ env.packs_org }} | |
| PACKS_PREFIX: ${{ env.pack_repo_prefix }} | |
| # _gh_list_repo_names use graphql, so we cannot use a fine-grained PAT. Use the workflow token instead. | |
| GH_WORKFLOW_TOKEN: ${{ github.token }} | |
| run: | | |
| source ${TOOLS_DIR}/functions.sh | |
| for repo_name in $(GH_TOKEN=${GH_WORKFLOW_TOKEN} _gh_list_repo_names ${PACKS_ORG} ${PACKS_PREFIX}); do | |
| WORKFLOW_PATH="repos/${PACKS_ORG}/${repo_name}/actions/workflows/build_and_test.yaml" | |
| WORKFLOW_NAME="CI" | |
| echo "::group::Ensure ${WORKFLOW_NAME} workflow for ${PACKS_ORG}/${repo_name} is active" | |
| if gh api --silent --method GET ${WORKFLOW_PATH} 2>/dev/null; then | |
| echo "GitHub ${WORKFLOW_NAME} workflow found for ${PACKS_ORG}/${repo_name}" | |
| echo "Setting GitHub ${WORKFLOW_NAME} workflow for ${PACKS_ORG}/${repo_name} to active" | |
| gh api --method PUT "${WORKFLOW_PATH}/enable" | |
| if [[ "$(gh api --method GET ${WORKFLOW_PATH} --jq .state)" != "active" ]]; then | |
| echo "::error::Failed enabling GitHub ${WORKFLOW_NAME} workflow for ${PACKS_ORG}/${repo_name}" | |
| fi | |
| else | |
| echo "::warning::No GitHub ${WORKFLOW_NAME} workflow found for ${PACKS_ORG}/${repo_name}" | |
| fi | |
| echo "::endgroup::" | |
| done |