Skip to content

Commit

Permalink
gha: update backport-command to use aws sm
Browse files Browse the repository at this point in the history
  • Loading branch information
@andrewhsu
andrewhsu committed Jun 7, 2024
1 parent d79b2f0 commit 0be664d
Showing 1 changed file with 28 additions and 14 deletions.
42 changes: 28 additions & 14 deletions .github/workflows/backport-command.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,9 +27,23 @@ jobs:
- name: checkout
uses: actions/checkout@v4

- name: configure aws credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.AWS_SM_READONLY_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SM_READONLY_SECRET_ACCESS_KEY }}
aws-region: us-west-2

- name: get secrets from aws sm
uses: aws-actions/aws-secretsmanager-get-secrets@v2
with:
secret-ids: |
,sdlc/prod/github/actions_bot_token
parse-json-secrets: true

- name: Get type of backport (issue or PR)
env:
GITHUB_TOKEN: ${{ secrets.ACTIONS_BOT_TOKEN }}
GITHUB_TOKEN: ${{ env.ACTIONS_BOT_TOKEN }}
CLIENT_PAYLOAD: ${{ toJson(github.event.client_payload) }}
id: get_backport_type
run: $SCRIPT_DIR/get_backport_type.sh
Expand All @@ -39,7 +53,7 @@ jobs:
uses: peter-evans/create-or-update-comment@v1
if: failure()
with:
token: ${{ secrets.ACTIONS_BOT_TOKEN }}
token: ${{ env.ACTIONS_BOT_TOKEN }}
repository: ${{ github.event.client_payload.github.payload.repository.full_name }}
comment-id: ${{ github.event.client_payload.github.payload.comment.id }}
reaction-type: "-1"
Expand All @@ -48,7 +62,7 @@ jobs:
if: failure()
env:
COMMENTED_ON: ${{ steps.get_backport_type.outputs.commented_on }}
GITHUB_TOKEN: ${{ secrets.ACTIONS_BOT_TOKEN }}
GITHUB_TOKEN: ${{ env.ACTIONS_BOT_TOKEN }}
run: $SCRIPT_DIR/post_error.sh
shell: bash

Expand All @@ -66,7 +80,7 @@ jobs:

- name: Get user
env:
GITHUB_TOKEN: ${{ secrets.ACTIONS_BOT_TOKEN }}
GITHUB_TOKEN: ${{ env.ACTIONS_BOT_TOKEN }}
id: user
run: |
username=$(gh api user --jq .login)
Expand All @@ -82,7 +96,7 @@ jobs:

- name: Discover and create milestone
env:
GITHUB_TOKEN: ${{ secrets.ACTIONS_BOT_TOKEN }}
GITHUB_TOKEN: ${{ env.ACTIONS_BOT_TOKEN }}
TARGET_MILESTONE: ${{ needs.backport-type.outputs.target_milestone }}
id: create_milestone
run: $SCRIPT_DIR/create_milestone.sh
Expand All @@ -91,7 +105,7 @@ jobs:
- name: Create issue
if: needs.backport-type.outputs.commented_on == 'issue'
env:
GITHUB_TOKEN: ${{ secrets.ACTIONS_BOT_TOKEN }}
GITHUB_TOKEN: ${{ env.ACTIONS_BOT_TOKEN }}
TARGET_MILESTONE: ${{ steps.create_milestone.outputs.milestone }}
ORIG_TITLE: ${{ github.event.client_payload.github.payload.issue.title }}
ORIG_LABELS: ${{ toJson(github.event.client_payload.github.payload.issue.labels) }}
Expand All @@ -104,7 +118,7 @@ jobs:
if: needs.backport-type.outputs.commented_on == 'pr'
env:
BACKPORT_PR_NUMBER: ${{ github.event.client_payload.pull_request.number }}
GITHUB_TOKEN: ${{ secrets.ACTIONS_BOT_TOKEN }}
GITHUB_TOKEN: ${{ env.ACTIONS_BOT_TOKEN }}
id: backport_commits
run: |
backport_commits=$(gh api "repos/$TARGET_FULL_REPO/pulls/$BACKPORT_PR_NUMBER/commits" --jq .[].sha | paste -s -d ' ' -)
Expand All @@ -114,13 +128,13 @@ jobs:
if: needs.backport-type.outputs.commented_on == 'pr'
with:
repository: ${{ steps.user.outputs.username }}/${{ steps.user.outputs.repo }}
token: ${{ secrets.ACTIONS_BOT_TOKEN }}
token: ${{ env.ACTIONS_BOT_TOKEN }}
path: ./fork

- name: Backport commits and get details
if: needs.backport-type.outputs.commented_on == 'pr'
env:
GITHUB_TOKEN: ${{ secrets.ACTIONS_BOT_TOKEN }}
GITHUB_TOKEN: ${{ env.ACTIONS_BOT_TOKEN }}
ORIG_TITLE: ${{ github.event.client_payload.github.payload.issue.title }}
BACKPORT_COMMITS: ${{ steps.backport_commits.outputs.backport_commits }}
IS_MERGED: ${{ github.event.client_payload.pull_request.merged }}
Expand All @@ -135,7 +149,7 @@ jobs:
- name: Create pull request
if: needs.backport-type.outputs.commented_on == 'pr'
env:
GITHUB_TOKEN: ${{ secrets.ACTIONS_BOT_TOKEN }}
GITHUB_TOKEN: ${{ env.ACTIONS_BOT_TOKEN }}
TARGET_MILESTONE: ${{ steps.create_milestone.outputs.milestone }}
ORIG_TITLE: ${{ github.event.client_payload.github.payload.issue.title }}
AUTHOR: ${{ github.event.client_payload.pull_request.user.login }}
Expand All @@ -151,7 +165,7 @@ jobs:
- name: Add reaction
uses: peter-evans/create-or-update-comment@v1
with:
token: ${{ secrets.ACTIONS_BOT_TOKEN }}
token: ${{ env.ACTIONS_BOT_TOKEN }}
repository: ${{ github.event.client_payload.github.payload.repository.full_name }}
comment-id: ${{ github.event.client_payload.github.payload.comment.id }}
reaction-type: hooray
Expand All @@ -160,7 +174,7 @@ jobs:
uses: peter-evans/create-or-update-comment@v1
if: failure()
with:
token: ${{ secrets.ACTIONS_BOT_TOKEN }}
token: ${{ env.ACTIONS_BOT_TOKEN }}
repository: ${{ github.event.client_payload.github.payload.repository.full_name }}
comment-id: ${{ github.event.client_payload.github.payload.comment.id }}
reaction-type: "-1"
Expand All @@ -169,14 +183,14 @@ jobs:
if: failure()
env:
COMMENTED_ON: ${{ needs.backport-type.outputs.commented_on }}
GITHUB_TOKEN: ${{ secrets.ACTIONS_BOT_TOKEN }}
GITHUB_TOKEN: ${{ env.ACTIONS_BOT_TOKEN }}
run: $SCRIPT_DIR/post_error.sh
shell: bash

- name: Create Issue On Error
if: failure()
env:
GITHUB_TOKEN: ${{ secrets.ACTIONS_BOT_TOKEN }}
GITHUB_TOKEN: ${{ env.ACTIONS_BOT_TOKEN }}
TARGET_MILESTONE: ${{ steps.create_milestone.outputs.milestone }}
ORIG_TITLE: ${{ github.event.client_payload.github.payload.issue.title }}
ORIG_LABELS: ${{ toJson(github.event.client_payload.github.payload.issue.labels) }}
Expand Down

0 comments on commit 0be664d

Please sign in to comment.