diff --git a/.github/workflows/dependabotpr.yml b/.github/workflows/dependabotpr.yml new file mode 100644 index 0000000000..7e4801d6df --- /dev/null +++ b/.github/workflows/dependabotpr.yml @@ -0,0 +1,57 @@ +name: Run Go Mod on Dependabot PRs + +on: [push] + +jobs: + tidy: + runs-on: ubuntu-latest + permissions: + contents: read + id-token: write + if: github.actor == 'dependabot[bot]' || github.actor == 'Realmonia' + steps: + - name: Check secret availability + run: | + if [ -z "${{ secrets.NEW_TEST_SECRET }}" ]; then + echo "Secret is empty or not set." + else + echo "Secret is set." + fi + - uses: actions/checkout@v3 + with: + submodules: true + path: src/github.com/aws/amazon-ecs-agent + ref: ${{ github.head_ref }} + token: ${{ secrets.NEW_TEST_SECRET }} + - name: get GO_VERSION + id: get-go-version + run: | + cd $GITHUB_WORKSPACE/src/github.com/aws/amazon-ecs-agent + set -eou pipefail + go_version=$(cat -e GO_VERSION) + go_version=${go_version%?} + go_version_length=${#go_version} + go_version_re="^([0-9]+\.){1,2}([0-9]+)$" + if ! [[ $go_version_length -le 10 && $go_version =~ $go_version_re ]] ; then + echo "invalid GO version" + exit 1 + fi + echo "GO_VERSION=$go_version" >> $GITHUB_OUTPUT + - uses: actions/setup-go@v3 + with: + go-version: ${{ steps.get-go-version.outputs.GO_VERSION }} + - name: Run go mod tidy and go mod vendor in all modules + run: | + cd $GITHUB_WORKSPACE/src/github.com/aws/amazon-ecs-agent/ecs-agent/daemonimages/csidriver && go mod tidy && go mod vendor + cd $GITHUB_WORKSPACE/src/github.com/aws/amazon-ecs-agent/ecs-agent && go mod tidy && go mod vendor + cd $GITHUB_WORKSPACE/src/github.com/aws/amazon-ecs-agent/agent && go mod tidy && go mod vendor + - name: Commit and push if changes are detected + run: | + cd $GITHUB_WORKSPACE/src/github.com/aws/amazon-ecs-agent/ + git config user.name 'Realmonia' + git config user.email 'han.heming@icloud.com' + git add -A + git commit -m "Run go mod tidy" -a || echo "No changes to commit" + git push + with: + token: ${{ secrets.NEW_TEST_SECRET }} diff --git a/.github/workflows/gitsecrets.yml b/.github/workflows/gitsecrets.yml index 9c1a546349..15667a5ef4 100644 --- a/.github/workflows/gitsecrets.yml +++ b/.github/workflows/gitsecrets.yml @@ -11,6 +11,7 @@ jobs: - uses: actions/checkout@v3 with: path: src/github.com/aws/amazon-ecs-agent + ref: ${{ github.head_ref }} - name: Git Secrets Scan Script run: | set -ex diff --git a/.github/workflows/gomod.yml b/.github/workflows/gomod.yml index 144e50f0ef..044e4907e3 100644 --- a/.github/workflows/gomod.yml +++ b/.github/workflows/gomod.yml @@ -12,6 +12,7 @@ jobs: with: submodules: true path: src/github.com/aws/amazon-ecs-agent + ref: ${{ github.head_ref }} - name: get GO_VERSION id: get-go-version run: | diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index 5a78786eac..970c8382a8 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -1,6 +1,6 @@ name: Linux -on: [pull_request] +on: [push, pull_request] permissions: read-all jobs: @@ -12,6 +12,7 @@ jobs: with: submodules: true path: src/github.com/aws/amazon-ecs-agent + ref: ${{ github.head_ref }} - name: get GO_VERSION id: get-go-version run: | diff --git a/.github/workflows/static.yml b/.github/workflows/static.yml index c511104df7..92cd788f9a 100644 --- a/.github/workflows/static.yml +++ b/.github/workflows/static.yml @@ -11,6 +11,7 @@ jobs: - uses: actions/checkout@v3 with: path: src/github.com/aws/amazon-ecs-agent + ref: ${{ github.head_ref }} - name: get GO_VERSION id: get-go-version run: | diff --git a/.github/workflows/windows.yml b/.github/workflows/windows.yml index cf90998962..140f785802 100644 --- a/.github/workflows/windows.yml +++ b/.github/workflows/windows.yml @@ -1,6 +1,6 @@ name: Windows -on: [pull_request] +on: [push, pull_request] permissions: read-all jobs: