-
Notifications
You must be signed in to change notification settings - Fork 1.1k
64 lines (58 loc) · 2.5 KB
/
splice_bot_wf_run.yaml
File metadata and controls
64 lines (58 loc) · 2.5 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
name: splice-bot (workflow_run)
on:
workflow_run:
workflows: ["splice-bot"]
types: [completed]
permissions: {}
jobs:
mint-splicebot-tokens:
runs-on: ubuntu-latest
permissions:
id-token: write
outputs:
token: ${{ steps.token.outputs.token }}
authz_token: ${{ steps.authz-token.outputs.token }}
branch_token: ${{ steps.branch-token.outputs.token }}
steps:
- name: Mint splicebot token
id: token
uses: leanprover-community/mathlib-ci/.github/actions/azure-create-github-app-token@3bb576208589a435eeaeac9b144a1b7c3e948760
with:
app-id: ${{ secrets.MATHLIB_SPLICEBOT_APP_ID }}
key-vault-name: ${{ vars.MATHLIB_AZ_KEY_VAULT_NAME }}
key-name: mathlib-splicebot-app-pk
azure-client-id: ${{ vars.GH_APP_AZURE_CLIENT_ID_SPLICEBOT }}
azure-tenant-id: ${{ secrets.LPC_AZ_TENANT_ID }}
owner: leanprover-community
- name: Mint branch token
id: branch-token
uses: leanprover-community/mathlib-ci/.github/actions/azure-create-github-app-token@3bb576208589a435eeaeac9b144a1b7c3e948760
with:
app-id: ${{ secrets.MATHLIB_COPY_SPLICEBOT_APP_ID }}
key-vault-name: ${{ vars.MATHLIB_AZ_KEY_VAULT_NAME }}
key-name: mathlib-copy-splicebot-app-pk
azure-client-id: ${{ vars.GH_APP_AZURE_CLIENT_ID_SPLICEBOT }}
azure-tenant-id: ${{ secrets.LPC_AZ_TENANT_ID }}
owner: leanprover-community
- name: Mint authz token
id: authz-token
uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
with:
app-id: ${{ secrets.LPC_TEAM_CHECK_APP_ID }}
private-key: ${{ secrets.LPC_TEAM_CHECK_PRIVATE_KEY }}
owner: leanprover-community
run-reusable:
if: ${{ github.event.workflow_run.conclusion == 'success' }}
needs: [mint-splicebot-tokens]
uses: leanprover-community/SpliceBot/.github/workflows/splice_wf_run.yaml@fdb442693d6f613b25d2599ad64fd87cf019b9ce # master
with:
source_workflow: ${{ github.event.workflow_run.name }}
push_to_fork: leanprover-community/mathlib4_copy
allow_pr_author: true
allowed_teams: |
leanprover-community/mathlib-reviewers
leanprover-community/mathlib-maintainers
secrets:
token: ${{ needs.mint-splicebot-tokens.outputs.token }}
authz_token: ${{ needs.mint-splicebot-tokens.outputs.authz_token }}
branch_token: ${{ needs.mint-splicebot-tokens.outputs.branch_token }}