This repository has been archived by the owner on Jan 2, 2025. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 574
101 lines (92 loc) · 3.56 KB
/
build-on-pr-command.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
name: Build Bloop container with latest PR commit tag on build command
on:
issue_comment:
types: [created]
jobs:
debug:
runs-on: ubuntu-latest
steps:
- name: $github
run: echo "$GITHUB_CONTEXT"
env:
GITHUB_CONTEXT: ${{ toJson(github) }}
permissions:
runs-on: ubuntu-latest
name: Validate user is the member of BloopAI organization
if: github.event.issue.pull_request && contains(github.event.comment.body, '/build')
outputs:
is-member: ${{ steps.membership.outputs.is-member }}
steps:
- name: Validation
id: membership
env:
ACTOR: ${{ github.triggering_actor }}
run: |
members=$(curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer ${{ secrets.BLOOP_DEVOPS_PAT}}"\
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/orgs/BloopAI/members | jq -r ".[] .login")
for member in $(echo ${members}); do
if [[ $member = $ACTOR ]]; then
echo "is-member=true" >> $GITHUB_OUTPUT
fi
done
build_tag:
runs-on: ubuntu-latest
name: Run container build on comment
needs: [permissions]
if: github.event.issue.pull_request && contains(github.event.comment.body, '/build') && needs.permissions.outputs.is-member == 'true'
outputs:
tag: build-${{ steps.comment-branch.outputs.head_sha }}
ref: ${{ steps.comment-branch.outputs.head_ref }}
steps:
- name: Get PR branch
uses: xt0rted/pull-request-comment-branch@v1
id: comment-branch
- name: Checkout PR branch
uses: actions/checkout@v4
with:
ref: ${{ steps.comment-branch.outputs.head_ref }}
build_and_push:
uses: BloopAI/workflows/.github/workflows/build-container.yml@main
if: needs.permissions.outputs.is-member == 'true'
needs: [permissions, build_tag]
with:
repository: bloop
tag: ${{ needs.build_tag.outputs.tag }}
runner: ubuntu-latest
secrets:
awsRegion: ${{ secrets.AWS_REGION }}
awsAccountID: ${{ secrets.AWS_ACCOUNT_ID }}
slackBuildWebhook: ${{ secrets.SLACK_BUILD_WEBHOOK }}
build-args: |
SENTRY_AUTH_TOKEN=${{ secrets.SENTRY_AUTH_TOKEN }}
SENTRY_RELEASE_VERSION=${{ needs.build_tag.outputs.tag }}
report_status:
runs-on: ubuntu-latest
name: Report status of the build
needs: [permissions, build_tag, build_and_push]
if: always() && needs.permissions.outputs.is-member == 'true'
steps:
- name: pr
id: pr
run: |
PR_NUMBER=$(echo $GITHUB_REF | awk 'BEGIN { FS = "/" } ; { print $3 }')
echo "number=${PR_NUMBER}" >> ${GITHUB_OUTPUT}
- name: Comment failure build
if: ${{ contains(needs.*.result, 'failure') }}
uses: thollander/actions-comment-pull-request@v2
with:
message: |
:red_circle: Bloop container with `${{ needs.build_tag.outputs.tag }}` tag failed!
:link: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
pr_number: ${{ steps.pr.outputs.number }}
- name: Comment success build
if: ${{ !contains(needs.*.result, 'failure') }}
uses: thollander/actions-comment-pull-request@v2
with:
message: |
:green_circle: Bloop container with `${{ needs.build_tag.outputs.tag }}` tag is ready!
:link: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
pr_number: ${{ steps.pr.outputs.number }}