-
Notifications
You must be signed in to change notification settings - Fork 333
116 lines (103 loc) · 4.22 KB
/
pin-system-tests.yaml
File metadata and controls
116 lines (103 loc) · 4.22 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
name: Pin system tests
on:
workflow_dispatch:
inputs:
release-branch-name:
description: 'The minor release branch name (e.g. release/v1.54.x)'
required: true
type: string
repository_dispatch:
types: [pin-system-tests]
jobs:
# TODO: Remove this job after confirming the workflow succeeds for release branches
print-github-ref:
name: "Print full github.ref"
runs-on: ubuntu-latest
steps:
- name: Print github.ref
run: |
echo "github.ref: ${{ github.ref }}"
pin-system-tests:
name: "Pin system tests"
runs-on: ubuntu-latest
permissions:
contents: write
id-token: write # required for OIDC token federation
steps:
- uses: DataDog/dd-octo-sts-action@acaa02eee7e3bb0839e4272dacb37b8f3b58ba80 # v1.0.3
id: octo-sts
with:
scope: DataDog/dd-trace-java
policy: self.pin-system-tests.create-pr
- name: Define base release branch
id: define-base-branch
run: |
if [[ -n "${{ github.event.inputs.release-branch-name }}" ]]; then
BASE_BRANCH=${{ github.event.inputs.release-branch-name }}
else
BASE_BRANCH="${{ github.event.client_payload.release-branch-name }}"
fi
if [[ -z "$BASE_BRANCH" ]]; then
echo "ERROR: Could not determine release branch"
exit 1
fi
echo "base_branch=${BASE_BRANCH}" >> $GITHUB_OUTPUT
- name: Checkout the dd-trace-java repository
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
ref: ${{ steps.define-base-branch.outputs.base_branch }}
- name: Get latest commit SHA of base release branch
id: get-latest-commit-sha
run: |
echo "sha=$(git rev-parse HEAD)" >> $GITHUB_OUTPUT
- name: Define pin-system-tests branch name
id: define-branch
run: echo "branch=ci/pin-system-tests-$(date +'%Y%m%d')" >> $GITHUB_OUTPUT
- name: Check if pin-system-tests branch already exists
id: check-branch
run: |
BRANCH=${{ steps.define-branch.outputs.branch }}
if git ls-remote --heads origin "$BRANCH" | grep -q "$BRANCH"; then
echo "ERROR: Branch $BRANCH already exists - please delete it and re-run the workflow."
exit 1
else
echo "Branch $BRANCH does not exist - creating it now."
fi
- name: Update system-tests references to latest commit SHA on main
run: ./tooling/update_system_test_reference.sh
- name: Check if changes should be committed
id: check-changes
run: |
if [[ -z "$(git status -s)" ]]; then
echo "ERROR: No changes to commit - the system-tests reference was not updated."
exit 1
else
echo "Changes to commit:"
git status -s
fi
- name: Commit changes
id: create-commit
run: |
git config user.name "github-actions[bot]"
git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
git commit -m "chore: Pin system-tests for release branch" .github/workflows/run-system-tests.yaml
echo "commit=$(git rev-parse HEAD)" >> $GITHUB_OUTPUT
- name: Push changes
uses: DataDog/commit-headless@05d7b7ee023e2c7d01c47832d420c2503cd416f3 # action/v2.0.3
with:
token: "${{ steps.octo-sts.outputs.token }}"
branch: "${{ steps.define-branch.outputs.branch }}"
head-sha: "${{ steps.get-latest-commit-sha.outputs.sha }}"
create-branch: true
command: push
commits: "${{ steps.create-commit.outputs.commit }}"
- name: Create pull request
env:
GH_TOKEN: ${{ steps.octo-sts.outputs.token }}
run: |
gh pr create --title "Pin system tests for release branch" \
--base ${{ steps.define-base-branch.outputs.base_branch }} \
--head ${{ steps.define-branch.outputs.branch }} \
--label "tag: dependencies" \
--label "tag: no release notes" \
--body "This PR pins the system-tests reference for the release branch." \