(RHIZA) SYNC #16
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: (RHIZA) SYNC | |
| # Synchronizes the repository with its rhiza template. | |
| # - On Renovate/rhiza branch push: auto-commits synced files directly to the branch. | |
| # - On schedule/dispatch: opens a pull request with the synced changes. | |
| # | |
| # IMPORTANT: A PAT with 'workflow' scope (PAT_TOKEN) is required when workflow | |
| # files are modified. See .rhiza/docs/TOKEN_SETUP.md for setup instructions. | |
| permissions: | |
| contents: write | |
| pull-requests: write | |
| on: | |
| push: | |
| branches: | |
| - 'renovate/jebel-quant-rhiza-**' | |
| - 'rhiza/**' | |
| paths: | |
| - '.rhiza/template.yml' | |
| schedule: | |
| - cron: '0 0 * * 1' # Weekly on Monday | |
| workflow_dispatch: | |
| inputs: | |
| create-pr: | |
| description: "Create a pull request" | |
| type: boolean | |
| default: true | |
| jobs: | |
| sync-direct: | |
| name: Sync and commit (Renovate) | |
| if: github.event_name == 'push' && github.repository != 'jebel-quant/rhiza' | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v6.0.2 | |
| with: | |
| ref: ${{ github.ref }} | |
| token: ${{ secrets.PAT_TOKEN || github.token }} | |
| - name: Check PAT_TOKEN configuration | |
| shell: bash | |
| env: | |
| PAT_TOKEN: ${{ secrets.PAT_TOKEN }} | |
| run: | | |
| if [ -z "$PAT_TOKEN" ]; then | |
| echo "::warning::PAT_TOKEN secret is not configured." | |
| echo "::warning::If this sync modifies workflow files, the push will fail." | |
| echo "::warning::See .rhiza/docs/TOKEN_SETUP.md for setup instructions." | |
| else | |
| echo "✓ PAT_TOKEN is configured." | |
| fi | |
| - name: Install uv | |
| uses: astral-sh/setup-uv@v7.6.0 | |
| - name: Get Rhiza version | |
| id: rhiza-version | |
| run: | | |
| VERSION=$(cat .rhiza/.rhiza-version 2>/dev/null || echo "0.9.0") | |
| echo "version=${VERSION}" >> "$GITHUB_OUTPUT" | |
| - name: Sync rhiza template | |
| id: sync | |
| run: | | |
| set -euo pipefail | |
| RHIZA_VERSION="${{ steps.rhiza-version.outputs.version }}" | |
| echo "Running rhiza sync with version >=${RHIZA_VERSION}" | |
| uvx "rhiza>=${RHIZA_VERSION}" sync . | |
| if git diff --quiet; then | |
| echo "No changes detected after template sync" | |
| echo "changes=false" >> "$GITHUB_OUTPUT" | |
| exit 0 | |
| fi | |
| echo "Template changes detected" | |
| echo "changes=true" >> "$GITHUB_OUTPUT" | |
| - name: Commit and push changes | |
| if: steps.sync.outputs.changes == 'true' | |
| run: | | |
| git config user.name "github-actions[bot]" | |
| git config user.email "41898282+github-actions[bot]@users.noreply.github.com" | |
| git config --global url."https://x-access-token:${{ secrets.PAT_TOKEN || github.token }}@github.com/".insteadOf "https://github.com/" | |
| git add -A | |
| git commit -m "$(cat <<'EOF' | |
| chore: sync rhiza template files | |
| Automatically synced template files after updating .rhiza/template.yml | |
| Co-Authored-By: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> | |
| EOF | |
| )" | |
| git push | |
| sync-pr: | |
| name: Sync and open PR (scheduled/manual) | |
| if: github.event_name != 'push' && github.repository != 'jebel-quant/rhiza' | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v6.0.2 | |
| with: | |
| token: ${{ secrets.PAT_TOKEN || github.token }} | |
| fetch-depth: 0 | |
| - name: Define sync branch name | |
| id: branch | |
| run: | | |
| echo "name=rhiza/${{ github.run_id }}" >> "$GITHUB_OUTPUT" | |
| - name: Check PAT_TOKEN configuration | |
| shell: bash | |
| env: | |
| PAT_TOKEN: ${{ secrets.PAT_TOKEN }} | |
| run: | | |
| if [ -z "$PAT_TOKEN" ]; then | |
| echo "::warning::PAT_TOKEN secret is not configured." | |
| echo "::warning::If this sync modifies workflow files, the push will fail." | |
| echo "::warning::See .rhiza/docs/TOKEN_SETUP.md for setup instructions." | |
| else | |
| echo "✓ PAT_TOKEN is configured." | |
| fi | |
| - name: Install uv | |
| uses: astral-sh/setup-uv@v8.0.0 | |
| - name: Get Rhiza version | |
| id: rhiza-version | |
| run: | | |
| VERSION=$(cat .rhiza/.rhiza-version 2>/dev/null || echo "0.9.0") | |
| echo "version=${VERSION}" >> "$GITHUB_OUTPUT" | |
| - name: Sync template | |
| id: sync | |
| shell: bash | |
| run: | | |
| set -euo pipefail | |
| RHIZA_VERSION="${{ steps.rhiza-version.outputs.version }}" | |
| uvx "rhiza>=${RHIZA_VERSION}" sync . | |
| git add -A | |
| if git diff --cached --quiet; then | |
| echo "changes_detected=false" >> "$GITHUB_OUTPUT" | |
| exit 0 | |
| fi | |
| echo "changes_detected=true" >> "$GITHUB_OUTPUT" | |
| # Generate PR description based on staged changes | |
| uvx "rhiza>=${RHIZA_VERSION}" summarise --output "${RUNNER_TEMP}/pr-description.md" | |
| git config user.name "github-actions[bot]" | |
| git config user.email "41898282+github-actions[bot]@users.noreply.github.com" | |
| git config --global url."https://x-access-token:${{ secrets.PAT_TOKEN || github.token }}@github.com/".insteadOf "https://github.com/" | |
| git commit -m "chore: Update via rhiza" | |
| - name: Create pull request | |
| if: > | |
| (github.event_name == 'schedule' || inputs.create-pr == true) | |
| && steps.sync.outputs.changes_detected == 'true' | |
| uses: peter-evans/create-pull-request@v8.1.0 | |
| with: | |
| token: ${{ secrets.PAT_TOKEN || github.token }} | |
| base: ${{ github.event.repository.default_branch }} | |
| branch: ${{ steps.branch.outputs.name }} | |
| delete-branch: true | |
| title: "chore: Sync with rhiza" | |
| body-path: ${{ runner.temp }}/pr-description.md |