Skip to content

Commit 302a675

Browse files
marikanermarikaner
committed
update spec update
1 parent 67762a4 commit 302a675

File tree

5 files changed

+212
-68
lines changed

5 files changed

+212
-68
lines changed

.github/workflows/auth.yaml

Lines changed: 29 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,29 @@
1+
name: Check Actor Permission
2+
3+
on:
4+
workflow_dispatch:
5+
workflow_call:
6+
7+
jobs:
8+
check-permission:
9+
name: 'Check if actor has maintain role'
10+
runs-on: ubuntu-latest
11+
steps:
12+
- name: 'Check permission'
13+
env:
14+
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
15+
ACTOR: ${{ github.actor }}
16+
REPO: ${{ github.repository }}
17+
run: |
18+
PERMISSION=$(gh api "repos/$REPO/collaborators/$ACTOR/permission" --jq '.permission')
19+
echo "Permission level for $ACTOR: $PERMISSION"
20+
21+
case "$PERMISSION" in
22+
maintain|admin)
23+
echo "Access granted: $ACTOR has '$PERMISSION' permission."
24+
;;
25+
*)
26+
echo "Access denied: $ACTOR has '$PERMISSION' permission, but 'maintain' or higher is required."
27+
exit 1
28+
;;
29+
esac

.github/workflows/spec-update-cleanup.yaml

Lines changed: 57 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,57 @@
1+
name: spec update cleanup
2+
3+
on:
4+
workflow_dispatch:
5+
inputs:
6+
service:
7+
description: 'Which service the branch was created for'
8+
type: choice
9+
required: true
10+
options:
11+
- ai-api
12+
- document-grounding
13+
- orchestration
14+
- prompt-registry
15+
- sap-rpt
16+
default: orchestration
17+
ref:
18+
description: 'Original branch or tag the branch was created from'
19+
required: false
20+
default: main
21+
type: string
22+
workflow_call:
23+
inputs:
24+
service:
25+
description: 'Which service the branch was created for'
26+
required: true
27+
type: string
28+
ref:
29+
description: 'Original branch or tag the branch was created from'
30+
required: false
31+
default: main
32+
type: string
33+
34+
jobs:
35+
auth:
36+
uses: ./.github/workflows/auth.yaml
37+
cleanup:
38+
name: 'Delete Spec Update Branch'
39+
needs: [auth]
40+
runs-on: [ubuntu-latest]
41+
permissions:
42+
contents: write
43+
env:
44+
SERVICE: ${{ inputs.service }}
45+
REF: ${{ inputs.ref }}
46+
steps:
47+
- name: 'Delete Branch'
48+
env:
49+
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
50+
run: |
51+
BRANCH="spec-update/$SERVICE/$REF"
52+
if git ls-remote --exit-code --heads https://github.com/SAP/ai-sdk-java.git "$BRANCH" > /dev/null 2>&1; then
53+
gh api "repos/SAP/ai-sdk-java/git/refs/heads/$BRANCH" -X DELETE
54+
echo "Deleted branch: $BRANCH"
55+
else
56+
echo "Branch $BRANCH does not exist, nothing to delete."
57+
fi

.github/workflows/spec-update.yaml

Lines changed: 57 additions & 57 deletions
Original file line numberDiff line numberDiff line change
@@ -1,11 +1,11 @@
1-
name: "Spec File Update Workflow"
2-
run-name: "Spec File Update Workflow: ${{ github.event.inputs.file }}-${{ github.event.inputs.file-ref }}"
1+
name: 'Spec File Update Workflow'
2+
run-name: 'Spec File Update Workflow: ${{ github.event.inputs.service }}-${{ github.event.inputs.ref }}'
33

44
on:
55
workflow_dispatch:
66
inputs:
7-
file:
8-
description: "Which spec file to update"
7+
service:
8+
description: 'Which spec file to update'
99
type: choice
1010
required: false
1111
options:
@@ -15,13 +15,13 @@ on:
1515
- prompt-registry
1616
- sap-rpt
1717
default: orchestration
18-
file-ref:
19-
description: "Branch or tag to checkout the spec file from"
18+
ref:
19+
description: 'Branch or tag to checkout the spec file from'
2020
required: false
2121
default: main
2222
type: string
2323
create-pr:
24-
description: "Create a pull request after updating the spec file"
24+
description: 'Create a pull request after updating the spec file'
2525
required: false
2626
default: true
2727
type: boolean
@@ -35,8 +35,8 @@ env:
3535

3636
jobs:
3737
generate:
38-
name: "Download, Generate, Compile and Push"
39-
runs-on: [ ubuntu-latest ]
38+
name: 'Download, Generate, Compile and Push'
39+
runs-on: [ubuntu-latest]
4040
permissions:
4141
pull-requests: write
4242
contents: write
@@ -47,54 +47,54 @@ jobs:
4747
compilation_result: ${{ steps.compile.outputs.compilation_result }}
4848
test_result: ${{ steps.compile.outputs.test_result }}
4949
env:
50-
API_BASE_URL: "https://github.tools.sap/api/v3/repos"
51-
CHOICE: ${{ github.event.inputs.file }}
52-
REF: ${{ github.event.inputs.file-ref }}
50+
API_BASE_URL: 'https://github.tools.sap/api/v3/repos'
51+
SERVICE: ${{ github.event.inputs.service }}
52+
REF: ${{ github.event.inputs.ref }}
5353
CREATE_PR: ${{ github.event.inputs.create-pr }}
5454
steps:
55-
- name: "Checkout repository"
55+
- name: 'Checkout repository'
5656
uses: actions/checkout@v6
5757
with:
5858
token: ${{ secrets.BOT_SDK_JS_FOR_DOCS_REPO_PR }}
5959

60-
- name: "Determine PR base"
60+
- name: 'Determine PR base'
6161
id: pr_base
6262
# If updating orchestration and orchestration-staging exists on remote, use it as PR base.
6363
run: |
6464
BASE=main
65-
if [ "${{ env.CHOICE }}" = "orchestration" ] && [ -n "$(git ls-remote --heads origin orchestration-staging)" ]; then
65+
if [ "${{ env.SERVICE }}" = "orchestration" ] && [ -n "$(git ls-remote --heads origin orchestration-staging)" ]; then
6666
BASE=orchestration-staging
6767
fi
6868
echo "PR base: $BASE"
6969
echo "BASE=$BASE" >> "$GITHUB_OUTPUT"
7070
71-
- name: "Setup Java"
71+
- name: 'Setup Java'
7272
uses: actions/setup-java@v5
7373
with:
74-
distribution: "sapmachine"
74+
distribution: 'sapmachine'
7575
java-version: ${{ env.JAVA_VERSION }}
7676
cache: 'maven'
7777

78-
- name: "Restore Dependencies"
78+
- name: 'Restore Dependencies'
7979
id: restore-dependencies
8080
uses: actions/cache/restore@v5
8181
with:
8282
key: ${{ env.MAVEN_CACHE_KEY }}
8383
path: ${{ env.MAVEN_CACHE_DIR }}
8484

85-
- name: "Checkout or Create Branch"
85+
- name: 'Checkout or Create Branch'
8686
id: branch
8787
env:
8888
BASE: ${{ steps.pr_base.outputs.BASE }}
89-
CHOICE: ${{ env.CHOICE }}
89+
SERVICE: ${{ env.SERVICE }}
9090
REF: ${{ env.REF }}
9191
run: |
92-
BRANCH="spec-update/$CHOICE/$REF"
93-
92+
BRANCH="spec-update/$SERVICE/$REF"
93+
9494
# try to fetch the base and the target branch (ignore failures if missing)
9595
git fetch --no-tags --depth=1 origin "$BASE" || true
9696
git fetch origin "$BRANCH" || true
97-
97+
9898
# if remote target branch exists, base the local branch on it
9999
if git ls-remote --heads origin "$BRANCH" | grep -q "refs/heads/$BRANCH"; then
100100
git checkout -B "$BRANCH" "origin/$BRANCH"
@@ -106,15 +106,15 @@ jobs:
106106
git checkout -B "$BRANCH"
107107
fi
108108
fi
109-
109+
110110
echo "branch=$BRANCH" >> "$GITHUB_OUTPUT"
111111
112-
- name: "Download specification file"
112+
- name: 'Download specification file'
113113
id: download
114114
env:
115115
GH_ENTERPRISE_TOKEN: ${{ secrets.GH_TOOLS_TOKEN }}
116116
run: |
117-
case $CHOICE in
117+
case $SERVICE in
118118
core)
119119
API_URL="$API_BASE_URL/cloudsdk/cloud-sdk-java-tests/contents/aicore.yaml?ref=$REF"
120120
FILE_PATH='core/src/main/resources/spec/aicore.yaml'
@@ -136,12 +136,12 @@ jobs:
136136
FILE_PATH='foundation-models/sap-rpt/src/main/resources/spec/sap-rpt-1_openapi.json'
137137
;;
138138
esac
139-
140-
echo "Downloading $CHOICE specification file from $API_URL ..."
141-
142-
gh api $API_URL -H "Accept: application/vnd.github.raw" > $FILE_PATH
143139
144-
- name: "Exit if there are no spec changes"
140+
echo "Downloading $SERVICE specification file from $API_URL ..."
141+
142+
gh api "$API_URL" -H "Accept: application/vnd.github.raw" > $FILE_PATH
143+
144+
- name: 'Exit if there are no spec changes'
145145
id: spec_diff
146146
env:
147147
GH_TOKEN: ${{ secrets.BOT_SDK_JS_FOR_DOCS_REPO_PR }}
@@ -153,27 +153,27 @@ jobs:
153153
else
154154
echo "No spec changes detected. Checking status of previous run."
155155
echo "spec_diff=false" >> "$GITHUB_OUTPUT"
156-
156+
157157
# The current run of this workflow
158158
CURRENT_RUN=${{ github.run_id }}
159-
159+
160160
# name must match the workflow run-name pattern above
161-
RUN_NAME="Spec File Update Workflow: $CHOICE-$REF"
161+
RUN_NAME="Spec File Update Workflow: $SERVICE-$REF"
162162
echo "Run name used for search: $RUN_NAME"
163-
163+
164164
# Get the most recent completed run of this workflow with respect to the same feature branch
165165
PREVIOUS_RUN=$(gh run list \
166166
--workflow "${{ github.workflow }}" \
167167
--branch main \
168168
--json databaseId,status,conclusion,displayTitle \
169169
--jq "map(select(.databaseId != ${CURRENT_RUN} and (.displayTitle | contains(\"${RUN_NAME}\")))) | .[0]")
170-
170+
171171
echo "Previous run: $PREVIOUS_RUN"
172-
172+
173173
if [ -n "$PREVIOUS_RUN" ] && [ "$PREVIOUS_RUN" != "null" ]; then
174174
CONCLUSION=$(echo "$PREVIOUS_RUN" | jq -r '.conclusion')
175175
echo "Previous run conclusion: $CONCLUSION"
176-
176+
177177
if [ "$CONCLUSION" = "failure" ]; then
178178
echo "Previous run failed and there were no spec changes since, thus failing this run as well."
179179
echo "prev_run_success=false" >> "$GITHUB_OUTPUT"
@@ -187,7 +187,7 @@ jobs:
187187
fi
188188
fi
189189
190-
- name: "Generate"
190+
- name: 'Generate'
191191
id: generate
192192
if: steps.spec_diff.outputs.spec_diff == 'true'
193193
run: |
@@ -197,7 +197,7 @@ jobs:
197197
echo "generation_result=failure" >> "$GITHUB_OUTPUT"
198198
fi
199199
200-
- name: "Compile and Test"
200+
- name: 'Compile and Test'
201201
id: compile
202202
if: steps.spec_diff.outputs.spec_diff == 'true'
203203
# Compilation can easily fail e.g. from re-namings and has to be fixed manually.
@@ -215,18 +215,18 @@ jobs:
215215
echo "test_result=skipped" >> "$GITHUB_OUTPUT"
216216
fi
217217
218-
- name: "Push changes"
218+
- name: 'Push changes'
219219
id: push
220220
if: steps.spec_diff.outputs.spec_diff == 'true'
221221
run: |
222222
git config --global user.email "cloudsdk@sap.com"
223223
git config --global user.name "SAP Cloud SDK Bot"
224224
git add --all
225225
git status
226-
git commit -m "Update $CHOICE based on $REF"
226+
git commit -m "Update $SERVICE based on $REF"
227227
git push --set-upstream origin ${{ steps.branch.outputs.branch }}
228228
229-
- name: "Create PR"
229+
- name: 'Create PR'
230230
id: create-pr
231231
if: ${{ env.CREATE_PR == 'true' && steps.spec_diff.outputs.spec_diff == 'true'}}
232232
env:
@@ -238,27 +238,27 @@ jobs:
238238
echo "An open PR already exists for this branch. Skipping PR creation."
239239
exit 0
240240
fi
241-
242-
PR_URL=$(gh pr create --base $BASE --head $BRANCH --title "feat: [DevOps] Update $CHOICE specification" --body "
241+
242+
PR_URL=$(gh pr create --base $BASE --head $BRANCH --title "feat: [DevOps] Update $SERVICE specification" --body "
243243
## Context
244-
245-
Update $CHOICE specification file based on $REF.
246-
244+
245+
Update $SERVICE specification file based on $REF.
246+
247247
This PR was created automatically by the [spec-update workflow](https://github.com/SAP/ai-sdk-java/actions/workflows/spec-update.yaml).
248248
You can commit on top of this branch, but as long as this PR is open the action can't be re-run.
249-
249+
250250
- Compilation outcome: ${{ steps.compile.outputs.compilation_result }}
251251
- Test run outcome: ${{ steps.compile.outputs.test_result }}
252-
252+
253253
Before merging, make sure to update tests and release notes, if necessary.
254-
254+
255255
## Definition of Done
256256
257257
- [ ] Unit tests cover new classes
258258
- [ ] Release notes updated
259259
") && echo "pr_url=$PR_URL" >> "$GITHUB_OUTPUT"
260260
261-
- name: "Generate Job Summary"
261+
- name: 'Generate Job Summary'
262262
if: ${{ always() }}
263263
env:
264264
BRANCH: ${{ steps.branch.outputs.branch }}
@@ -272,11 +272,11 @@ jobs:
272272
echo "|------|--------|" >> $GITHUB_STEP_SUMMARY
273273
echo "| File Download | ${{ steps.download.outcome == 'success' && '✅' || '❌' }} ${{ steps.download.outcome }}" >> $GITHUB_STEP_SUMMARY
274274
echo "| Spec File Changes | ${{ steps.spec_diff.outputs.spec_diff == 'true' && '🔄 Changes Detected' || '⏹️ No Changes' }}" >> $GITHUB_STEP_SUMMARY
275-
275+
276276
if ${{ steps.spec_diff.outputs.spec_diff == 'false' }}; then
277277
echo "| Outcome Previous Run | ${{ steps.spec_diff.outputs.prev_run_success == 'true' && '✅ (Current run succeeds as a result.)' || '❌ (Current run fails as a result.)' }}" >> $GITHUB_STEP_SUMMARY
278278
fi
279-
279+
280280
if ${{ steps.spec_diff.outputs.spec_diff == 'true' }}; then
281281
echo "| Client Generation | ${{ steps.generate.outputs.generation_result == 'success' && '✅' || '❌' }} ${{ steps.generate.outputs.generation_result }}" >> $GITHUB_STEP_SUMMARY
282282
echo "| Client Compilation | ${{ steps.compile.outputs.compilation_result == 'success' && '✅' || '❌' }} ${{ steps.compile.outputs.compilation_result }}" >> $GITHUB_STEP_SUMMARY
@@ -285,19 +285,19 @@ jobs:
285285
echo "| Pull Request Creation | ${{ env.CREATE_PR == 'false' && '⏩ skipped' || '' }}${{ env.CREATE_PR == 'true' && steps.push.outcome == 'success' && '✅ [PR Link]($PR_URL)' || '' }}" >> $GITHUB_STEP_SUMMARY
286286
fi
287287
288-
- name: "Fail if generation failed"
288+
- name: 'Fail if generation failed'
289289
if: steps.generate.outputs.generation_result == 'failure'
290290
run: |
291291
echo "Client generation failed. Please check the Generate step logs for details."
292292
exit 1
293293
294-
- name: "Fail if no spec changes and previous run failed"
294+
- name: 'Fail if no spec changes and previous run failed'
295295
if: steps.spec_diff.outputs.prev_run_success == 'false'
296296
run: |
297297
echo "Previous run failed and there were no spec changes since, thus failing this run as well."
298298
exit 1
299299
300-
- name: "Slack Notification"
300+
- name: 'Slack Notification'
301301
if: failure() && github.event.inputs.create-pr == 'true'
302302
uses: slackapi/slack-github-action@v2.1.1
303303
with:

0 commit comments

Comments
 (0)