|
| 1 | +name: 'Open downstream PRs' |
| 2 | + |
| 3 | +on: |
| 4 | + pull_request_target: |
| 5 | + branches: |
| 6 | + - 'main' |
| 7 | + |
| 8 | +jobs: |
| 9 | + sync: |
| 10 | + runs-on: ubuntu-latest |
| 11 | + steps: |
| 12 | + - name: 'Checkout Self' |
| 13 | + uses: actions/checkout@v5 |
| 14 | + # This checks out the code from the PR branch itself |
| 15 | + |
| 16 | + - name: 'Check for Go file changes' |
| 17 | + id: check_go_changes |
| 18 | + run: | |
| 19 | + # Get the list of changed files in the PR |
| 20 | + CHANGED_FILES=$(gh pr view ${{ github.event.pull_request.number }} --repo ${{ github.repository }} --json files --jq '.files[].path') |
| 21 | +
|
| 22 | + # Filter for relevant Go files that should trigger downstream sync |
| 23 | + # Include: .go files (excluding test files and vendor directory) |
| 24 | + # Exclude: *_test.go files, vendor/ directory files |
| 25 | + RELEVANT_GO_FILES=$(echo "$CHANGED_FILES" | grep -E '\.go$' | grep -v '_test\.go$' | grep -v '^vendor/' || echo "") |
| 26 | +
|
| 27 | + if [ -n "$RELEVANT_GO_FILES" ]; then |
| 28 | + echo "Relevant Go files changed (excluding tests and vendor):" |
| 29 | + echo "should_run=true" >> $GITHUB_OUTPUT |
| 30 | + echo "go_changes=true" >> $GITHUB_ENV |
| 31 | + else |
| 32 | + echo "No relevant Go files were changed in this PR." |
| 33 | + echo "Only test files, vendor files, or non-Go files were modified - skipping downstream sync." |
| 34 | + echo "should_run=false" >> $GITHUB_OUTPUT |
| 35 | + echo "go_changes=false" >> $GITHUB_ENV |
| 36 | + fi |
| 37 | + env: |
| 38 | + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} |
| 39 | + |
| 40 | + - name: 'Setup Go' |
| 41 | + if: steps.check_go_changes.outputs.should_run == 'true' |
| 42 | + uses: actions/setup-go@v6 |
| 43 | + with: |
| 44 | + go-version: 'stable' |
| 45 | + |
| 46 | + - name: 'Checkout forked buildah' |
| 47 | + if: steps.check_go_changes.outputs.should_run == 'true' |
| 48 | + uses: actions/checkout@v5 |
| 49 | + with: |
| 50 | + repository: 'podmanbot/buildah' # The target repository |
| 51 | + path: 'buildah' # Checkout into a sub-directory |
| 52 | + fetch-depth: '1' |
| 53 | + token: ${{ secrets.VENDOR_TOKEN_PODMANBOT }} # We need to push into pobmanbot/buildah |
| 54 | + |
| 55 | + - name: 'Vendor Code from this repo to buildah' |
| 56 | + if: steps.check_go_changes.outputs.should_run == 'true' |
| 57 | + run: | |
| 58 | + # Get the current commit SHA from the PR |
| 59 | + COMMIT_SHA="${{ github.event.pull_request.head.sha }}" |
| 60 | + echo "Using commit SHA: $COMMIT_SHA" |
| 61 | +
|
| 62 | + cd buildah |
| 63 | + # Create a unique branch name based on the container-libs PR number |
| 64 | + BRANCH_NAME="sync/container-libs-${{ github.event.pull_request.number }}" |
| 65 | + git switch -c $BRANCH_NAME |
| 66 | + git remote add upstream https://github.com/containers/buildah.git |
| 67 | + git fetch upstream |
| 68 | + git rebase upstream/main |
| 69 | +
|
| 70 | + # Function to update module and verify |
| 71 | + update_module() { |
| 72 | + local module=$1 |
| 73 | + echo "Updating module: $module" |
| 74 | + go mod edit -replace ${module}=github.com/${{ github.event.pull_request.head.repo.full_name }}/${module#go.podman.io/}@${COMMIT_SHA} |
| 75 | + GOWORK=off go mod tidy |
| 76 | + } |
| 77 | +
|
| 78 | + # Update all required modules |
| 79 | + update_module "go.podman.io/common" |
| 80 | + update_module "go.podman.io/storage" |
| 81 | + update_module "go.podman.io/image/v5" |
| 82 | + GOWORK=off go mod vendor |
| 83 | + GOWORK=off go mod verify |
| 84 | +
|
| 85 | + echo "Updated go.mod:" |
| 86 | + cat go.mod |
| 87 | +
|
| 88 | + - name: 'Commit and Push to buildah' |
| 89 | + if: steps.check_go_changes.outputs.should_run == 'true' |
| 90 | + run: | |
| 91 | + cd buildah |
| 92 | + git config user.name "github-actions[bot]" |
| 93 | + git config user.email "github-actions[bot]@users.noreply.github.com" |
| 94 | +
|
| 95 | + BRANCH_NAME="sync/container-libs-${{ github.event.pull_request.number }}" |
| 96 | + git switch $BRANCH_NAME |
| 97 | +
|
| 98 | + git add . |
| 99 | + git commit -m "dnm: Vendor changes from containers/container-libs#${{ github.event.pull_request.number }}" |
| 100 | +
|
| 101 | + # Force push to update the branch if the action re-runs on 'synchronize' |
| 102 | + git push origin $BRANCH_NAME --force |
| 103 | +
|
| 104 | + echo "BRANCH_NAME=$BRANCH_NAME" >> $GITHUB_ENV |
| 105 | +
|
| 106 | + - name: 'Create or Update Pull Request in Buildah' |
| 107 | + if: steps.check_go_changes.outputs.should_run == 'true' |
| 108 | + id: create_pr |
| 109 | + env: |
| 110 | + GH_TOKEN: ${{ secrets.VENDOR_TOKEN_PODMANBOT }} |
| 111 | + SELF_REPO_PR_NUMBER: ${{ github.event.pull_request.number }} |
| 112 | + SELF_REPO_PR_URL: ${{ github.event.pull_request.html_url }} |
| 113 | + SELF_REPO_PR_TITLE: ${{ github.event.pull_request.title }} |
| 114 | + run: | |
| 115 | + cd buildah |
| 116 | +
|
| 117 | + BRANCH_NAME="sync/container-libs-${{ github.event.pull_request.number }}" |
| 118 | + PR_TITLE="Sync: ${{ env.SELF_REPO_PR_TITLE }}" |
| 119 | + PR_BODY="This PR automatically vendors changes from [repo-A#${{ env.SELF_REPO_PR_NUMBER }}](${{ env.SELF_REPO_PR_URL }})." |
| 120 | +
|
| 121 | + # Check if PR already exists for this branch |
| 122 | + echo "Searching for existing PR with branch: $BRANCH_NAME" |
| 123 | +
|
| 124 | + EXISTING_PR_URL=$(gh pr list --repo containers/buildah --head "$BRANCH_NAME" --json url --jq '.[0].url // empty' 2>/dev/null || echo "") |
| 125 | +
|
| 126 | + if [ -n "$EXISTING_PR_URL" ]; then |
| 127 | + echo "Found existing PR: $EXISTING_PR_URL" |
| 128 | + # Update existing PR title and body |
| 129 | + gh pr edit $EXISTING_PR_URL \ |
| 130 | + --title "$PR_TITLE" \ |
| 131 | + --body "$PR_BODY" |
| 132 | + echo "Updated existing PR: $EXISTING_PR_URL" |
| 133 | + echo "pr_url=$EXISTING_PR_URL" >> $GITHUB_OUTPUT |
| 134 | + echo "pr_action=updated" >> $GITHUB_OUTPUT |
| 135 | + else |
| 136 | + # Create new PR |
| 137 | + NEW_PR_URL=$(gh pr create \ |
| 138 | + --repo containers/buildah \ |
| 139 | + --draft \ |
| 140 | + --base main \ |
| 141 | + --head "$BRANCH_NAME" \ |
| 142 | + --title "$PR_TITLE" \ |
| 143 | + --body "$PR_BODY") |
| 144 | + echo "Created new PR: $NEW_PR_URL" |
| 145 | + echo "pr_url=$NEW_PR_URL" >> $GITHUB_OUTPUT |
| 146 | + echo "pr_action=created" >> $GITHUB_OUTPUT |
| 147 | + fi |
| 148 | +
|
| 149 | + - name: 'Comment on container-libs PR with the link to buildah PR' |
| 150 | + if: steps.check_go_changes.outputs.should_run == 'true' |
| 151 | + env: |
| 152 | + GH_TOKEN: ${{ secrets.VENDOR_TOKEN_PODMANBOT }} |
| 153 | + SELF_REPO_PR_NUMBER: ${{ github.event.pull_request.number }} |
| 154 | + TARGET_REPO_PR_URL: ${{ steps.create_pr.outputs.pr_url }} |
| 155 | + PR_ACTION: ${{ steps.create_pr.outputs.pr_action }} |
| 156 | + run: | |
| 157 | + if [ "${{ env.PR_ACTION }}" = "created" ]; then |
| 158 | + COMMENT_BODY="✅ A new PR has been created in buildah to vendor these changes: **${{ env.TARGET_REPO_PR_URL }}**" |
| 159 | + gh pr comment ${{ env.SELF_REPO_PR_NUMBER }} \ |
| 160 | + --repo ${{ github.repository }} \ |
| 161 | + --body "$COMMENT_BODY" |
| 162 | + fi |
| 163 | +
|
| 164 | + - name: 'Skip workflow - No relevant Go files changed' |
| 165 | + if: steps.check_go_changes.outputs.should_run == 'false' |
| 166 | + run: | |
| 167 | + echo "✅ Workflow completed successfully - No relevant Go files were changed in this PR." |
| 168 | + echo "The downstream sync workflow was skipped as it only runs when non-test .go files (excluding vendor/) are modified." |
0 commit comments