-
Notifications
You must be signed in to change notification settings - Fork 21
106 lines (96 loc) · 3.58 KB
/
pr_merged.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
name: PR Merged
on:
push:
branches:
- develop
env:
BOT_NAME: svc-docs-eng-opensource-bot
BOT_EMAIL: [email protected]
jobs:
generate-third-party-notices:
runs-on: ubuntu-latest
steps:
# Checkout fetch-depth: 2 because there's a check to see if package.json
# was updated, and need at least 2 commits for the check to function properly
- name: Checkout repo
uses: actions/checkout@v3
with:
fetch-depth: 2
- name: Setup Node.js
uses: actions/setup-node@v3
with:
node-version: 18
cache: 'yarn'
- name: Install Dependencies
run: yarn install --frozen-lockfile
- name: Install OSS CLI
run: |
yarn global add @newrelic/newrelic-oss-cli
- name: Generate Third Party Notices
id: generate-notices
run: |
if [ ! -f "third_party_manifest.json" ]; then
echo "::error::third_party_manifest.json is missing. Must generate using the newrelic-oss-cli."
exit 1
fi
# latest commit
LATEST_COMMIT=$(git rev-parse HEAD)
# latest commit where package.json was changed
LAST_CHANGED_COMMIT=$(git log -1 --format=format:%H --full-diff package.json)
if [ $LAST_CHANGED_COMMIT = $LATEST_COMMIT ]; then
git config user.email "${{ env.BOT_EMAIL }}"
git config user.name "${{ env.BOT_NAME }}"
oss third-party manifest
oss third-party notices
git add third_party_manifest.json
git add THIRD_PARTY_NOTICES.md
git commit -m 'chore: update third-party manifest and notices [skip-cd]'
echo "commit=true" >> $GITHUB_OUTPUT
else
echo "No change in package.json, not regenerating third-party notices"
fi
- name: Temporarily disable "required_pull_request_reviews" branch protection
id: disable-branch-protection
if: always()
uses: actions/github-script@v6
with:
github-token: ${{ secrets.DOCS_ENG_BOT_TOKEN }}
previews: luke-cage-preview
script: |
const result = await github.rest.repos.updateBranchProtection({
owner: context.repo.owner,
repo: context.repo.repo,
branch: 'develop',
required_status_checks: null,
restrictions: null,
enforce_admins: null,
required_pull_request_reviews: null
})
console.log("Result:", result)
- name: Push Commit
if: steps.generate-notices.outputs.commit == 'true'
uses: ad-m/[email protected]
with:
github_token: ${{ secrets.DOCS_ENG_BOT_TOKEN }}
branch: develop
- name: Re-enable "required_pull_request_reviews" branch protection
id: enable-branch-protection
if: always()
uses: actions/github-script@v6
with:
github-token: ${{ secrets.DOCS_ENG_BOT_TOKEN }}
previews: luke-cage-preview
script: |
const result = await github.rest.repos.updateBranchProtection({
owner: context.repo.owner,
repo: context.repo.repo,
branch: 'develop',
required_status_checks: null,
restrictions: null,
enforce_admins: true,
required_pull_request_reviews: {
dismiss_stale_reviews: true,
required_approving_review_count: 1
}
})
console.log("Result:", result)