From 59bd59e44ad42f066be67a4b9a22232c1a85a4b2 Mon Sep 17 00:00:00 2001 From: Scott Date: Mon, 2 Dec 2024 14:17:49 +0300 Subject: [PATCH 01/13] fix: Update sync-workflows.yml --- .github/workflows/sync-workflows.yml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/.github/workflows/sync-workflows.yml b/.github/workflows/sync-workflows.yml index 82e9faf..4c107b9 100644 --- a/.github/workflows/sync-workflows.yml +++ b/.github/workflows/sync-workflows.yml @@ -7,9 +7,8 @@ name: Sync Workflows on: - push: - branches: - - dev # The branches below must be a subset of the branches above + pull_request: + branches: [ "dev" ] # The branches below must be a subset of the branches above workflow_dispatch: jobs: From e66889fe0d10d4c272bdb9e4286dd0cfac7e445d Mon Sep 17 00:00:00 2001 From: Scott Date: Mon, 2 Dec 2024 15:28:13 +0300 Subject: [PATCH 02/13] fix: Update sync-workflows.yml --- .github/workflows/sync-workflows.yml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/.github/workflows/sync-workflows.yml b/.github/workflows/sync-workflows.yml index 4c107b9..a36cbe4 100644 --- a/.github/workflows/sync-workflows.yml +++ b/.github/workflows/sync-workflows.yml @@ -89,6 +89,15 @@ jobs: GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} run: | SIGNED_OFF_BY="Signed-off-by: ${{ env.PR_AUTHOR_NAME_FULL }} <${{ env.PR_AUTHOR_EMAIL }}>" + export GH_USERNAME=${{ secrets.GH_USERNAME }} + export GH_TOKEN=${{ secrets.GH_TOKEN_LIB }} + git config --global user.name ${{ secrets.GH_USERNAME }} + + # Clear the GITHUB_TOKEN environment variable and use a temporary file for gh authentication + echo "${{ secrets.GH_TOKEN_LIB }}" > /tmp/gh_token + unset GITHUB_TOKEN + unset GH_TOKEN + gh auth login --with-token < /tmp/gh_token for repo in $REPOS; do git clone https://github.com/frmscoe/$repo.git cd $repo From f3ffa32593d0e36677a5913ea281c81f98f3c807 Mon Sep 17 00:00:00 2001 From: Scott Date: Mon, 2 Dec 2024 15:33:27 +0300 Subject: [PATCH 03/13] fix: Update sync-workflows.yml --- .github/workflows/sync-workflows.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/sync-workflows.yml b/.github/workflows/sync-workflows.yml index a36cbe4..094e354 100644 --- a/.github/workflows/sync-workflows.yml +++ b/.github/workflows/sync-workflows.yml @@ -99,7 +99,7 @@ jobs: unset GH_TOKEN gh auth login --with-token < /tmp/gh_token for repo in $REPOS; do - git clone https://github.com/frmscoe/$repo.git + git clone https://${{ secrets.GH_USERNAME }}:${{ secrets.GH_TOKEN_LIB }}@github.com/frmscoe/$repo.git cd $repo git remote set-url origin https://x-access-token:${{ secrets.GH_TOKEN }}@github.com/frmscoe/$repo.git From 37ab978e46a931216ce144da6188aaeac0b43da6 Mon Sep 17 00:00:00 2001 From: Scott Date: Mon, 2 Dec 2024 15:47:34 +0300 Subject: [PATCH 04/13] FIX: Update sync-workflows.yml --- .github/workflows/sync-workflows.yml | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/.github/workflows/sync-workflows.yml b/.github/workflows/sync-workflows.yml index 094e354..ad6af6e 100644 --- a/.github/workflows/sync-workflows.yml +++ b/.github/workflows/sync-workflows.yml @@ -94,14 +94,13 @@ jobs: git config --global user.name ${{ secrets.GH_USERNAME }} # Clear the GITHUB_TOKEN environment variable and use a temporary file for gh authentication - echo "${{ secrets.GH_TOKEN_LIB }}" > /tmp/gh_token - unset GITHUB_TOKEN + echo "${{ secrets.GITHUB_TOKEN }}" > /tmp/gh_token unset GH_TOKEN gh auth login --with-token < /tmp/gh_token for repo in $REPOS; do - git clone https://${{ secrets.GH_USERNAME }}:${{ secrets.GH_TOKEN_LIB }}@github.com/frmscoe/$repo.git + git clone https://${{ secrets.GH_USERNAME }}:${{ secrets.GITHUB_TOKEN }}@github.com/frmscoe/$repo.git cd $repo - git remote set-url origin https://x-access-token:${{ secrets.GH_TOKEN }}@github.com/frmscoe/$repo.git + git remote set-url origin https://x-access-token:${{ secrets.GITHUB_TOKEN }}@github.com/frmscoe/$repo.git if git ls-remote --heads origin sync-workflows-update | grep sync-workflows-update; then # Branch exists, pull the latest changes From 42a38005be1d7c4815de208dcd72020e0ace9a0c Mon Sep 17 00:00:00 2001 From: Scott Date: Mon, 2 Dec 2024 15:57:10 +0300 Subject: [PATCH 05/13] fix: Update sync-workflows.yml --- .github/workflows/sync-workflows.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/sync-workflows.yml b/.github/workflows/sync-workflows.yml index ad6af6e..75f4fa0 100644 --- a/.github/workflows/sync-workflows.yml +++ b/.github/workflows/sync-workflows.yml @@ -94,13 +94,13 @@ jobs: git config --global user.name ${{ secrets.GH_USERNAME }} # Clear the GITHUB_TOKEN environment variable and use a temporary file for gh authentication - echo "${{ secrets.GITHUB_TOKEN }}" > /tmp/gh_token + echo "${{ secrets.GH_TOKEN }}" > /tmp/gh_token unset GH_TOKEN gh auth login --with-token < /tmp/gh_token for repo in $REPOS; do - git clone https://${{ secrets.GH_USERNAME }}:${{ secrets.GITHUB_TOKEN }}@github.com/frmscoe/$repo.git + git clone https://${{ secrets.GH_USERNAME }}:${{ secrets.GH_TOKEN }}@github.com/frmscoe/$repo.git cd $repo - git remote set-url origin https://x-access-token:${{ secrets.GITHUB_TOKEN }}@github.com/frmscoe/$repo.git + git remote set-url origin https://x-access-token:${{ secrets.GH_TOKEN }}@github.com/frmscoe/$repo.git if git ls-remote --heads origin sync-workflows-update | grep sync-workflows-update; then # Branch exists, pull the latest changes From 395e92b80234b41a1a39b94a6b6e46eb07f348d3 Mon Sep 17 00:00:00 2001 From: Scott Date: Mon, 2 Dec 2024 15:58:45 +0300 Subject: [PATCH 06/13] fix: Update sync-workflows.yml --- .github/workflows/sync-workflows.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/sync-workflows.yml b/.github/workflows/sync-workflows.yml index 75f4fa0..681e811 100644 --- a/.github/workflows/sync-workflows.yml +++ b/.github/workflows/sync-workflows.yml @@ -95,7 +95,7 @@ jobs: # Clear the GITHUB_TOKEN environment variable and use a temporary file for gh authentication echo "${{ secrets.GH_TOKEN }}" > /tmp/gh_token - unset GH_TOKEN + unset GITHUB_TOKEN gh auth login --with-token < /tmp/gh_token for repo in $REPOS; do git clone https://${{ secrets.GH_USERNAME }}:${{ secrets.GH_TOKEN }}@github.com/frmscoe/$repo.git From 70f60c0cf2e7675adbc72ee068664965ba373adb Mon Sep 17 00:00:00 2001 From: Scott Date: Mon, 2 Dec 2024 16:05:21 +0300 Subject: [PATCH 07/13] fix: Update sync-workflows.yml --- .github/workflows/sync-workflows.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/sync-workflows.yml b/.github/workflows/sync-workflows.yml index 681e811..f3b3094 100644 --- a/.github/workflows/sync-workflows.yml +++ b/.github/workflows/sync-workflows.yml @@ -94,13 +94,13 @@ jobs: git config --global user.name ${{ secrets.GH_USERNAME }} # Clear the GITHUB_TOKEN environment variable and use a temporary file for gh authentication - echo "${{ secrets.GH_TOKEN }}" > /tmp/gh_token + echo "${{ secrets.GH_TOKEN_LIB }}" > /tmp/gh_token unset GITHUB_TOKEN gh auth login --with-token < /tmp/gh_token for repo in $REPOS; do - git clone https://${{ secrets.GH_USERNAME }}:${{ secrets.GH_TOKEN }}@github.com/frmscoe/$repo.git + git clone https://${{ secrets.GH_USERNAME }}:${{ secrets.GH_TOKEN_LIB }}@github.com/frmscoe/$repo.git cd $repo - git remote set-url origin https://x-access-token:${{ secrets.GH_TOKEN }}@github.com/frmscoe/$repo.git + git remote set-url origin https://x-access-token:${{ secrets.GH_TOKEN_LIB }}@github.com/frmscoe/$repo.git if git ls-remote --heads origin sync-workflows-update | grep sync-workflows-update; then # Branch exists, pull the latest changes From 03f477660d1ad7ae3c02f9648fea3d019cef1f8c Mon Sep 17 00:00:00 2001 From: Scott Date: Mon, 2 Dec 2024 16:09:29 +0300 Subject: [PATCH 08/13] fix: Update sync-workflows.yml --- .github/workflows/sync-workflows.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/sync-workflows.yml b/.github/workflows/sync-workflows.yml index f3b3094..2462522 100644 --- a/.github/workflows/sync-workflows.yml +++ b/.github/workflows/sync-workflows.yml @@ -86,21 +86,21 @@ jobs: SPECIFIC_FILES: ${{ vars.SPECIFIC_FILES }} # List of specific files not to copy to certain repositories SPECIFIC_REPOS: ${{ vars.SPECIFIC_REPOS }} # List of specific repositories needing specific files not included PR_REVIEWERS: ${{ vars.PR_REVIEWERS }} # List of reviewers - GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | SIGNED_OFF_BY="Signed-off-by: ${{ env.PR_AUTHOR_NAME_FULL }} <${{ env.PR_AUTHOR_EMAIL }}>" export GH_USERNAME=${{ secrets.GH_USERNAME }} - export GH_TOKEN=${{ secrets.GH_TOKEN_LIB }} + export GH_TOKEN=${{ secrets.GH_TOKEN }} git config --global user.name ${{ secrets.GH_USERNAME }} # Clear the GITHUB_TOKEN environment variable and use a temporary file for gh authentication - echo "${{ secrets.GH_TOKEN_LIB }}" > /tmp/gh_token + echo "${{ secrets.GITHUB_TOKEN }}" > /tmp/gh_token unset GITHUB_TOKEN gh auth login --with-token < /tmp/gh_token for repo in $REPOS; do - git clone https://${{ secrets.GH_USERNAME }}:${{ secrets.GH_TOKEN_LIB }}@github.com/frmscoe/$repo.git + git clone https://${{ secrets.GH_USERNAME }}:${{ secrets.GH_TOKEN }}@github.com/frmscoe/$repo.git cd $repo - git remote set-url origin https://x-access-token:${{ secrets.GH_TOKEN_LIB }}@github.com/frmscoe/$repo.git + git remote set-url origin https://x-access-token:${{ secrets.GH_TOKEN }}@github.com/frmscoe/$repo.git if git ls-remote --heads origin sync-workflows-update | grep sync-workflows-update; then # Branch exists, pull the latest changes From ee78c926faa51413419f0301c90df6ec059b90a3 Mon Sep 17 00:00:00 2001 From: Scott Date: Mon, 2 Dec 2024 16:17:05 +0300 Subject: [PATCH 09/13] fix: Update sync-workflows.yml --- .github/workflows/sync-workflows.yml | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/.github/workflows/sync-workflows.yml b/.github/workflows/sync-workflows.yml index 2462522..6aa0d5e 100644 --- a/.github/workflows/sync-workflows.yml +++ b/.github/workflows/sync-workflows.yml @@ -90,15 +90,17 @@ jobs: run: | SIGNED_OFF_BY="Signed-off-by: ${{ env.PR_AUTHOR_NAME_FULL }} <${{ env.PR_AUTHOR_EMAIL }}>" export GH_USERNAME=${{ secrets.GH_USERNAME }} - export GH_TOKEN=${{ secrets.GH_TOKEN }} + export GH_TOKEN=${{ secrets.GH_TOKEN_LIB }} git config --global user.name ${{ secrets.GH_USERNAME }} # Clear the GITHUB_TOKEN environment variable and use a temporary file for gh authentication - echo "${{ secrets.GITHUB_TOKEN }}" > /tmp/gh_token + echo "${{ secrets.GH_TOKEN_LIB }}" > /tmp/gh_token unset GITHUB_TOKEN + unset GH_TOKEN gh auth login --with-token < /tmp/gh_token + for repo in $REPOS; do - git clone https://${{ secrets.GH_USERNAME }}:${{ secrets.GH_TOKEN }}@github.com/frmscoe/$repo.git + git clone https://${{ secrets.GH_USERNAME }}:${{ secrets.GH_TOKEN_LIB }}@github.com/frmscoe/$repo.git cd $repo git remote set-url origin https://x-access-token:${{ secrets.GH_TOKEN }}@github.com/frmscoe/$repo.git From 31c100d8417fe7cfa7d1ce3fe2d4fa6ad981e72c Mon Sep 17 00:00:00 2001 From: Scott Date: Mon, 2 Dec 2024 16:30:54 +0300 Subject: [PATCH 10/13] fix: Update sync-workflows.yml --- .github/workflows/sync-workflows.yml | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/.github/workflows/sync-workflows.yml b/.github/workflows/sync-workflows.yml index 6aa0d5e..604e80d 100644 --- a/.github/workflows/sync-workflows.yml +++ b/.github/workflows/sync-workflows.yml @@ -91,18 +91,19 @@ jobs: SIGNED_OFF_BY="Signed-off-by: ${{ env.PR_AUTHOR_NAME_FULL }} <${{ env.PR_AUTHOR_EMAIL }}>" export GH_USERNAME=${{ secrets.GH_USERNAME }} export GH_TOKEN=${{ secrets.GH_TOKEN_LIB }} - git config --global user.name ${{ secrets.GH_USERNAME }} + + # Configure Git user details + git config --global user.name "${{ secrets.GH_USERNAME }}" + git config --global user.email "${{ env.PR_AUTHOR_EMAIL }}" # Optional, but recommended for commits - # Clear the GITHUB_TOKEN environment variable and use a temporary file for gh authentication + # Authenticate with GitHub CLI (gh) echo "${{ secrets.GH_TOKEN_LIB }}" > /tmp/gh_token - unset GITHUB_TOKEN - unset GH_TOKEN gh auth login --with-token < /tmp/gh_token for repo in $REPOS; do - git clone https://${{ secrets.GH_USERNAME }}:${{ secrets.GH_TOKEN_LIB }}@github.com/frmscoe/$repo.git + git clone https://x-access-token:${{ secrets.GH_TOKEN_LIB }}@github.com/frmscoe/$repo.git cd $repo - git remote set-url origin https://x-access-token:${{ secrets.GH_TOKEN }}@github.com/frmscoe/$repo.git + git remote set-url origin https://x-access-token:${{ secrets.GH_TOKEN_LIB }}@github.com/frmscoe/$repo.git if git ls-remote --heads origin sync-workflows-update | grep sync-workflows-update; then # Branch exists, pull the latest changes From 32aef7d4ab39a8d54b3337152b6f0d597a7433eb Mon Sep 17 00:00:00 2001 From: Scott Date: Mon, 2 Dec 2024 16:35:32 +0300 Subject: [PATCH 11/13] fix: Update sync-workflows.yml --- .github/workflows/sync-workflows.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/sync-workflows.yml b/.github/workflows/sync-workflows.yml index 604e80d..931bca0 100644 --- a/.github/workflows/sync-workflows.yml +++ b/.github/workflows/sync-workflows.yml @@ -86,7 +86,6 @@ jobs: SPECIFIC_FILES: ${{ vars.SPECIFIC_FILES }} # List of specific files not to copy to certain repositories SPECIFIC_REPOS: ${{ vars.SPECIFIC_REPOS }} # List of specific repositories needing specific files not included PR_REVIEWERS: ${{ vars.PR_REVIEWERS }} # List of reviewers - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | SIGNED_OFF_BY="Signed-off-by: ${{ env.PR_AUTHOR_NAME_FULL }} <${{ env.PR_AUTHOR_EMAIL }}>" export GH_USERNAME=${{ secrets.GH_USERNAME }} From f9c8f1eaa362a5e7dd17709d0612b3ee107838b6 Mon Sep 17 00:00:00 2001 From: Scott Date: Mon, 2 Dec 2024 16:36:57 +0300 Subject: [PATCH 12/13] fix: Update sync-workflows.yml --- .github/workflows/sync-workflows.yml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/.github/workflows/sync-workflows.yml b/.github/workflows/sync-workflows.yml index 931bca0..fac24a5 100644 --- a/.github/workflows/sync-workflows.yml +++ b/.github/workflows/sync-workflows.yml @@ -94,10 +94,6 @@ jobs: # Configure Git user details git config --global user.name "${{ secrets.GH_USERNAME }}" git config --global user.email "${{ env.PR_AUTHOR_EMAIL }}" # Optional, but recommended for commits - - # Authenticate with GitHub CLI (gh) - echo "${{ secrets.GH_TOKEN_LIB }}" > /tmp/gh_token - gh auth login --with-token < /tmp/gh_token for repo in $REPOS; do git clone https://x-access-token:${{ secrets.GH_TOKEN_LIB }}@github.com/frmscoe/$repo.git From adc3f896d44b70b88917248c3e7cdead1e21d222 Mon Sep 17 00:00:00 2001 From: Scott Date: Mon, 2 Dec 2024 16:39:33 +0300 Subject: [PATCH 13/13] fix: Update sync-workflows.yml --- .github/workflows/sync-workflows.yml | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) diff --git a/.github/workflows/sync-workflows.yml b/.github/workflows/sync-workflows.yml index fac24a5..323cfa7 100644 --- a/.github/workflows/sync-workflows.yml +++ b/.github/workflows/sync-workflows.yml @@ -131,11 +131,7 @@ jobs: git add . git commit -m "ci: sync workflows from central-workflows ${SIGNED_OFF_BY}" || echo "No changes to commit" git push origin sync-workflows-update || git push origin sync-workflows-update --force - - # Clear the GITHUB_TOKEN environment variable and use a temporary file for gh authentication - echo "${{ secrets.GH_TOKEN }}" > /tmp/gh_token - unset GITHUB_TOKEN - gh auth login --with-token < /tmp/gh_token + # Create the PR with reviewers IFS=',' read -ra REVIEWERS <<< "${PR_REVIEWERS}" @@ -146,8 +142,5 @@ jobs: gh pr create --title "ci: sync workflows from central-workflows" --body "This PR syncs workflows from the central-workflows repository. ${SIGNED_OFF_BY}" --base dev --head sync-workflows-update $REVIEWERS_ARGS || echo "PR already exists, updating existing PR" - # Cleanup - rm /tmp/gh_token - cd .. done