@@ -8,7 +8,7 @@ name: "Update Platform Branch"
88
99on :
1010 schedule :
11- - cron : " 0 0 * * *" # Runs daily at midnight UTC
11+ - cron : " 17 0 * * *" # Runs daily at 00:17 UTC
1212 workflow_call :
1313 inputs :
1414 tag :
3535 with :
3636 persist-credentials : true
3737
38+ - name : Set up GitHub CLI as Actions bot
39+ env :
40+ GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
41+ run : |
42+ gh auth setup-git
43+ git config --global user.name "github-actions[bot]"
44+ git config --global user.email "github-actions[bot]@users.noreply.github.com"
45+
3846name : Fetch latest semver tag for protocol/go
3947 id : fetch-latest-tag
4048 run : |
@@ -55,11 +63,13 @@ jobs:
5563 CURRENT_TAG=$(grep -oP '<platform.branch>\K.*(?=</platform.branch>)' pom.xml | head -n1)
5664 if [ "$CURRENT_TAG" = "$LATEST_TAG" ]; then
5765 echo "Platform branch is already up-to-date."
58- exit 1
66+ echo "no_updates=true" >> "$GITHUB_OUTPUT"
67+ exit 0
5968 fi
6069 echo "CURRENT_TAG=$CURRENT_TAG" >> "$GITHUB_ENV"
6170
6271name : Check for existing PR
72+ if : steps.check-update.outputs.no_updates != 'true'
6373 id : check-pr
6474 run : |
6575 EXISTING_PR=$(gh pr list --head update-platform-branch --json number --jq '.[0].number')
@@ -70,51 +80,81 @@ jobs:
7080 GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
7181
7282 - name : Check out existing PR
73- if : steps.check-pr.outputs.EXISTING_PR != ''
83+ if : steps.check-pr.outputs.EXISTING_PR != '' && steps.check-update.outputs.no_updates != 'true'
7484 run : |
7585 git fetch origin update-platform-branch:update-platform-branch
7686 git checkout update-platform-branch
7787
7888name : Update platform.branch in pom.xml files
89+ if : steps.check-update.outputs.no_updates != 'true'
90+ id : update-platform-branch
7991 run : |
8092 find . -name "pom.xml" -exec sed -i.bak "s|<platform.branch>.*</platform.branch>|<platform.branch>${LATEST_TAG}</platform.branch>|g" {} \;
8193 CHANGED_FILES=$(find . -name "pom.xml" -exec diff -u {} {}.bak \;)
8294 if [ -z "$CHANGED_FILES" ]; then
8395 echo "No changes detected in pom.xml files." | tee -a $GITHUB_STEP_SUMMARY
8496 find . -name "pom.xml.bak" -delete
85- exit 1
97+ exit 0
8698 fi
99+ # otherwise output that changes were made
100+ echo "changes=true" >> $GITHUB_OUTPUT
87101 echo "The following pom.xml files were updated: $CHANGED_FILES"
88102 find . -name "pom.xml.bak" -delete
89103
90104name : Create new branch
91- if : steps.check-pr.outputs.EXISTING_PR == ''
105+ if : steps.check-pr.outputs.EXISTING_PR == '' && steps.update-platform-branch.outputs.changes == 'true'
92106 run : |
93- git checkout -b update-platform-branch
94- git add .
95- git commit -m "fix(sdk): Updates to proto version $LATEST_TAG"
96- git push origin update-platform-branch
107+ git checkout -b $BRANCH_NAME
108+ git push origin $BRANCH_NAME
109+ env :
110+ GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
111+ BRANCH_NAME : update-platform-branch
97112
98- name : Update existing PR
99- if : steps.check-pr .outputs.EXISTING_PR != ' '
113+ - name : Update files
114+ if : steps.update-platform-branch .outputs.changes == 'true '
100115 run : |
101- git add .
102- git commit --amend --no-edit
103- git push origin update-platform-branch --force
116+ echo "Committing changes..."
117+ FILES_CHANGED=$(git status --porcelain | awk '{print $2}')
118+ for file in $FILES_CHANGED; do
119+ echo "Committing file: $file"
120+
121+ CONTENT=$(base64 -i $file)
122+ MESSAGE="Update $file to match platform tag $LATEST_TAG"
123+
124+ SHA=$( git rev-parse $BRANCH_NAME:$file 2>/dev/null | grep -E '^[0-9a-f]{40}$' || echo "" )
125+ if [ -z "$SHA" ]; then
126+ SHA=""
127+ fi
128+
129+ gh api --method PUT /repos/${{ github.repository }}/contents/$file \
130+ --field message="$MESSAGE" \
131+ --field content="$CONTENT" \
132+ --field encoding="base64" \
133+ --field branch="$BRANCH_NAME" \
134+ --field sha="$SHA"
135+ done
136+ env :
137+ GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
138+ BRANCH_NAME : update-platform-branch
104139
105140 - name : Create New PR
106- if : steps.check-pr.outputs.EXISTING_PR == ''
107- uses : peter-evans/create-pull-request@v7.0.8
108- with :
109- token : ${{ secrets.GITHUB_TOKEN }}
110- commit-message : " fix(sdk): Updates to proto version $LATEST_TAG"
111- branch : update-platform-branch
112- title : " fix(sdk): Updates to proto version $LATEST_TAG"
113- body : |
114- This PR updates the platform.branch property in all pom.xml files to the new tag or branch: $LATEST_TAG.
115-
116- See the release: https://github.com/opentdf/platform/releases/tag/$LATEST_TAG
117-
118- Release Notes:
119- $RELEASE_NOTES
120- labels : " automated-update"
141+ if : steps.check-pr.outputs.EXISTING_PR == '' && steps.update-platform-branch.outputs.changes == 'true'
142+ env :
143+ GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
144+ BRANCH_NAME : update-platform-branch
145+ run : |
146+ RELEASE_NOTES=$(gh release view protocol/go/$LATEST_TAG --repo opentdf/platform --json body --jq '.body')
147+ cat <<EOF > pr_body.txt
148+ This PR updates the platform.branch property in all pom.xml files to the new tag or branch: $LATEST_TAG.
149+
150+ See the release: https://github.com/opentdf/platform/releases/tag/protocol%2Fgo%2F$LATEST_TAG
151+
152+ Release Notes:
153+ $RELEASE_NOTES
154+ EOF
155+ gh pr create \
156+ --title "fix(sdk): Updates to proto version $LATEST_TAG" \
157+ --body-file pr_body.txt \
158+ --head $BRANCH_NAME \
159+ --base main
160+
0 commit comments