Skip to content

Nightly version checks #413

Nightly version checks

Nightly version checks #413

---
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
name: Nightly version checks
on:
schedule:
- cron: '0 1 * * 1-5' # 01:00 AM UTC Monday - Friday
workflow_dispatch: {}
defaults:
run:
shell: nix develop --impure --command bash {0}
jobs:
redpanda-version:
strategy:
matrix:
chart:
- redpanda
- console
# Operator changed it's versioning scheme, so that version checks wrongly open PRs
# - operator
fail-fast: false
runs-on: ubuntu-22.04
permissions:
contents: write
id-token: write
steps:
- uses: aws-actions/configure-aws-credentials@v4
with:
aws-region: ${{ vars.RP_AWS_CRED_REGION }}
role-to-assume: arn:aws:iam::${{ secrets.RP_AWS_CRED_ACCOUNT_ID }}:role/${{ vars.RP_AWS_CRED_BASE_ROLE_NAME }}${{ github.event.repository.name }}
- uses: aws-actions/aws-secretsmanager-get-secrets@v2
with:
secret-ids: |
,sdlc/prod/github/actions_bot_token
parse-json-secrets: true
- uses: cachix/install-nix-action@v30
with:
github_access_token: ${{ secrets.GITHUB_TOKEN }}
# Cache the nix store.
- uses: DeterminateSystems/magic-nix-cache-action@v8
# Try to checkout a branch with the same name as provided in the dispatch
- uses: actions/checkout@v4
id: checkout
with:
ref: main
fetch-depth: 0
token: ${{ env.ACTIONS_BOT_TOKEN }}
continue-on-error: true
# If we couldn't checkout the provided branch, we will checkout the default branch
# instead. We assume that the branch does not yet exist, but we will create it,
# when we commit the updated dependencies.
- uses: actions/checkout@v4
if: ${{ steps.checkout.outcome != 'success' }}
with:
token: ${{ env.ACTIONS_BOT_TOKEN }}
fetch-depth: 0
- run: go install github.com/joejulian/docker-tag-list@latest
- name: Check chart version for ${{ matrix.chart }}
id: chartversion
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: .github/bump_chart_versions.sh ${{ matrix.chart }}
- run: task ci:lint
- name: Debug -- delete me
run: |
echo TITLE
echo steps.chartversion.outputs.TITLE
echo INPUT_BODY
echo "${INPUT_BODY}"
echo CHANGED
echo steps.chartversion.outputs.CHANGED
- name: Create PR
if: steps.chartversion.outputs.CHANGED == 'true'
uses: peter-evans/create-pull-request@5e914681df9dc83aa4e4905692ca88beb2f9e91f # v7.0.5
with:
title: ${{ steps.chartversion.outputs.TITLE }}
commit-message: ${{ steps.chartversion.outputs.TITLE }}
body-path: ${{ steps.chartversion.outputs.BODY_FILE }}
branch: bump-appversion/${{ matrix.chart }}