Protei/PromucFlow_constructor
2
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
d036064beb
PromucFlow_constructor/.github/workflows/sync-release-to-pg.yml
Anagh Hegde 8a45e5a7c7
chore: update sync to pg workflow to use github pat for accessing the secrets (#36944) 
## Description
In order to modify a workflow, a GitHub App, such as the one used for
issuing tokens for GitHub Actions, requires the workflow scope. This is
so that GitHub Apps you've added to your repository can't access the
secrets in your repository without your permission. The token issued for
GitHub Actions doesn't have this permission by default.
This PR adds pat token to the push command. This is to avoid failures
when the secrets are modified in the repositories.
## Automation

/ok-to-test tags=""

### 🔍 Cypress test results
<!-- This is an auto-generated comment: Cypress test results  -->
> [!WARNING]
> Tests have not run on the HEAD
b09d3542da73c527a1a52c93abb3b06a595c3bd3 yet
> <hr>Wed, 13 Nov 2024 06:09:54 UTC
<!-- end of auto-generated comment: Cypress test results  -->


## Communication
Should the DevRel and Marketing teams inform users about this change?
- [ ] Yes
- [ ] No


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

- **Chores**
- Updated the push command for merging the `release` branch into the
`pg` branch to use a personal access token for enhanced security.
- Modified error message capture to align with the new push command for
better error tracking.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2024-11-14 14:52:54 +05:30

113 lines
3.9 KiB
YAML
Raw Blame History

name: Merge release to pg
on:
push:
branches:
- release # Trigger on push to the release branch
jobs:
merge-release-to-pg:
runs-on: ubuntu-latest
steps:
- name: Checkout release branch
uses: actions/checkout@v3
with:
ref: release # Checkout the release branch
fetch-depth: 0
- name: Set Git config values
run: |
git config pull.rebase false
git config user.email "automated@github.com"
git config user.name "Automated Github Action"
- name: Checkout pg branch
run: git checkout pg
- name: Merge release to pg
id: merge_commits
run: |
PG_HEAD=$(git rev-parse pg)
RELEASE_HEAD=$(git rev-parse release)
echo "PG_HEAD=$PG_HEAD"
echo "RELEASE_HEAD=$RELEASE_HEAD"
# Attempt to merge release into pg
if ! git merge release; then
echo "Merge conflict detected during merge"
# Capture the conflicting commit SHAs (both HEAD of pg and the merge commit from release)
CONFLICTING_COMMIT=$(git log -1 --pretty=format:"%H")
echo "CONFLICTING_COMMIT=$CONFLICTING_COMMIT" >> $GITHUB_ENV
echo "MERGE_CONFLICT=true" >> $GITHUB_ENV
else
echo "MERGE_CONFLICT=false" >> $GITHUB_ENV
fi
- name: Push changes
if: env.MERGE_CONFLICT == 'false'
run: |
set -e
git push https://${{ secrets.PAT_GITHUB }}@github.com/${{ github.repository }} HEAD:pg || echo "PUSH_FAILURE=true" >> $GITHUB_ENV
- name: Capture push failure message
if: env.PUSH_FAILURE == 'true'
run: |
# Capture the last git error message
push_error_message=$(git push https://${{ secrets.PAT_GITHUB }}@github.com/${{ github.repository }} HEAD:pg 2>&1 | tail -n 1)
echo "PUSH_ERROR_MESSAGE=$push_error_message" >> $GITHUB_ENV
- name: Notify on push failure
if: env.PUSH_FAILURE == 'true'
env:
SLACK_MESSAGE: "Push to pg branch failed: ${{ env.PUSH_ERROR_MESSAGE }}"
run: |
# Format the Slack message
slack_message="${{ env.SLACK_MESSAGE }}"
# Set the Slack message body with channel ID and text
body="$(jq -nc \
--arg channel C07JMLWEXDJ \
--arg text "$slack_message" \
'$ARGS.named'
)"
# Send the message to Slack
curl -v https://slack.com/api/chat.postMessage \
--header "Authorization: Bearer ${{ secrets.SLACK_APPSMITH_ALERTS_TOKEN }}" \
--header "Content-Type: application/json; charset=utf-8" \
--data-raw "$body"
- name: Notify on merge conflicts
if: env.MERGE_CONFLICT == 'true'
env:
REPOSITORY_URL: ${{ github.repositoryUrl }}
CONFLICTING_COMMIT: ${{ env.CONFLICTING_COMMIT }}
run: |
# Prepare the message for Slack
message="Merge conflict detected while merging release into pg branch. Conflicted commits:"
commit_url="$REPOSITORY_URL/commit/$CONFLICTING_COMMIT"
message+="$commit_url"
# Send the message to Slack
# This unwieldy horror of a sed command, converts standard Markdown links to Slack's unwieldy link syntax.
slack_message="$(echo "$message" | sed -E 's/\[([^]]+)\]\(([^)]+)\)/<\2|\1>/g')"
echo "$slack_message"
# This is the ChannelId of the proj postgres channel.
body="$(jq -nc \
--arg channel C07JMLWEXDJ \
--arg text "$slack_message" \
'$ARGS.named'
)"
curl --version
curl -v https://slack.com/api/chat.postMessage \
--header 'Authorization: Bearer ${{ secrets.SLACK_APPSMITH_ALERTS_TOKEN }}' \
--header 'Content-Type: application/json; charset=utf-8' \
--data-raw "$body"
Reference in New Issue View Git Blame Copy Permalink