diff --git a/.github/workflows/sync-upstream-changes.yml b/.github/workflows/sync-upstream-changes.yml new file mode 100644 index 000000000000..9a2d3c40a509 --- /dev/null +++ b/.github/workflows/sync-upstream-changes.yml @@ -0,0 +1,44 @@ +name: Sync with Upstream (change) + +on: + pull_request_review: + types: [submitted] + +jobs: + sync: + runs-on: ubuntu-latest + if: github.event.review.state != 'approved' && github.event.pull_request.user.login == 'gha-runner-images-updater-test[bot]' + steps: + - name: Generate GitHub App token + id: generate-token + uses: actions/create-github-app-token@v1 + with: + app-id: ${{ secrets.GH_APP_ID }} + private-key: ${{ secrets.GH_APP_KEY }} + + - name: Checkout the repository + uses: actions/checkout@v4 + with: + fetch-depth: 0 + token: ${{ steps.generate-token.outputs.token }} + ref: ${{ github.event.pull_request.head.ref }} + + - name: Reset branch to main + run: | + git reset --hard origin/main + + - name: Configure Git + run: | + git config user.name 'gha-runner-images-updater-test[bot]' + git config user.email '172421971+gha-runner-images-updater-test[bot]@users.noreply.github.com@github.com' + + - name: Pull changes from upstream and rebase + id: rebase + run: | + git remote add upstream https://github.com/actions/runner-images.git + git fetch upstream + git rebase upstream/main || echo "conflict=true" >> $GITHUB_OUTPUT + + - name: Push changes to branch + run: | + git push -f origin ${{ github.event.pull_request.head.ref }} diff --git a/.github/workflows/sync-upstream-pr.yml b/.github/workflows/sync-upstream-pr.yml new file mode 100644 index 000000000000..370f4a2dca09 --- /dev/null +++ b/.github/workflows/sync-upstream-pr.yml @@ -0,0 +1,70 @@ +name: Sync with Upstream (create) + +on: + schedule: + - cron: "0 0 1 * *" # Runs at 00:00 on the first day of every month + workflow_dispatch: + # TODO: Remove this trigger once the workflow is ready + pull_request: + branches: + - main + +jobs: + sync: + runs-on: ubuntu-latest + if: github.event.pull_request.user.login != 'gha-runner-images-updater-test[bot]' + steps: + - name: Generate GitHub App token + id: generate-token + uses: actions/create-github-app-token@v1 + with: + app-id: ${{ secrets.GH_APP_ID }} + private-key: ${{ secrets.GH_APP_KEY }} + + - name: Checkout the repository + uses: actions/checkout@v4 + with: + fetch-depth: 0 + token: ${{ steps.generate-token.outputs.token }} + ref: main + + - name: Create new branch from main + run: | + git checkout -b update-from-upstream-${{ github.run_number }} + + - name: Configure Git + run: | + git config user.name 'gha-runner-images-updater-test[bot]' + git config user.email '172421971+gha-runner-images-updater-test[bot]@users.noreply.github.com@github.com' + + #TODO: Remove this step once the workflow is ready + - name: Merge the feature branch for the workflow + run: | + git merge --squash origin/gc/sync-upstream + git commit -m "Add sync-upstream.yml workflow (#7)" + + - name: Pull changes from upstream and rebase + id: rebase + run: | + git remote add upstream https://github.com/actions/runner-images.git + git fetch upstream + git rebase upstream/main || echo "conflict=true" >> $GITHUB_OUTPUT + + - name: Push changes to new branch + run: | + git push -f origin update-from-upstream-${{ github.run_number }} + + - name: Create pull request + env: + GH_TOKEN: ${{ steps.generate-token.outputs.token }} + run: | + gh pr create --title "Update from upstream" \ + --body "# :warning: PR WITH REBASE CHANGES. DO NOT MERGE MANUALLY. + + You shouldn't be able to manually merge this PR. This is an automated PR to rebase updates from upstream. Please review the changes and approve. The bot will be responsible for pushing the changes to main and closing the PR. + + This pull request was created by the [Sync from Upstream (create)](${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}) workflow. + + To see the changes in this PR use "'`git range-diff origin/main...origin/update-from-upstream-${{ github.run_number }}`'"." \ + --base main --head update-from-upstream-${{ github.run_number }} \ + --repo ${{ github.repository }} || gh pr view update-from-upstream-${{ github.run_number }} --repo ${{ github.repository }} diff --git a/.github/workflows/sync-upstream-push.yml b/.github/workflows/sync-upstream-push.yml new file mode 100644 index 000000000000..5f699361d4a0 --- /dev/null +++ b/.github/workflows/sync-upstream-push.yml @@ -0,0 +1,53 @@ +name: Sync with Upstream (push) + +on: + pull_request_review: + types: [submitted] + +jobs: + sync: + runs-on: ubuntu-latest + if: github.event.review.state == 'approved' && github.event.pull_request.user.login == 'gha-runner-images-updater-test[bot]' + steps: + - name: Generate GitHub App token + id: generate-token + uses: actions/create-github-app-token@v1 + with: + app-id: ${{ secrets.GH_APP_ID }} + private-key: ${{ secrets.GH_APP_KEY }} + + - name: Checkout the repository + uses: actions/checkout@v4 + with: + fetch-depth: 0 + token: ${{ steps.generate-token.outputs.token }} + + - name: Configure Git + run: | + git config user.name 'gha-runner-images-updater-test[bot]' + git config user.email '172421971+gha-runner-images-updater-test[bot]@users.noreply.github.com@github.com' + + - name: Check if changes will be removed from main + id: check-changes + run: | + git fetch origin + changest_removed=$(git range-diff origin/main...origin/${{ github.event.pull_request.head.ref }} | grep -q '<') + if [ -n "$changes_removed" ]; then + echo "Commits will be removed from main, this shouldn't happen. Please request changes on the pull request." + exit 1 + else + echo "Commits will not be removed from main." + exit 0 + fi + + - name: Push changes to main + run: | + git push -f origin main + + - name: Close pull request + env: + GH_TOKEN: ${{ steps.generate-token.outputs.token }} + run: | + gh pr close ${{ github.event.pull_request.number }}\ + --repo ${{ github.repository }}\ + --comment "This PR was automatically closed by the bot after pushing the changes to main."