Merge branch 'master' into renovate/etc-modules

giantswarm · Sep 19, 2022 · 9753834 · 9753834
2 parents 74e68fc + c496c6c
commit 9753834
Show file tree

Hide file tree

Showing 15 changed files with 292 additions and 36 deletions.
diff --git a/.circleci/config.yml b/.circleci/config.yml
@@ -1,5 +1,5 @@
 orbs:
-  architect: giantswarm/architect@4.15.0
+  architect: giantswarm/architect@4.24.0
 
 version: 2.1
 workflows:

diff --git a/.github/workflows/zz_generated.add-team-labels.yaml b/.github/workflows/zz_generated.add-team-labels.yaml
@@ -0,0 +1,53 @@
+name: Add Issue to Project when assigned
+
+on:
+  issues:
+    types: [assigned]
+
+jobs:
+  build_user_list:
+    name: Get yaml config of GS users
+    runs-on: ubuntu-latest
+    steps:
+    - name: Fetch issue templates
+      run: |
+        mkdir -p artifacts
+        wget --header "Authorization: token ${{ github.token }}" \
+          -O artifacts/users.yaml \
+          https://raw.githubusercontent.com/giantswarm/github/master/tools/issue-automation/user-mapping.yaml
+    - name: Upload Artifact
+      uses: actions/upload-artifact@v3
+      with:
+        name: users
+        path: artifacts/users.yaml
+        retention-days: 1
+
+  add_label:
+    name: Add team label when assigned
+    runs-on: ubuntu-latest
+    needs: build_user_list
+    steps:
+    - uses: actions/download-artifact@v3
+      id: download-users
+      with:
+        name: users
+    - name: Find team label based on user names
+      run: |
+        event_assignee=$(cat $GITHUB_EVENT_PATH | jq -r .assignee.login | tr '[:upper:]' '[:lower:]')
+        echo "Issue assigned to: ${event_assignee}"
+
+        TEAMS=$(cat ${{steps.download-users.outputs.download-path}}/users.yaml | tr '[:upper:]' '[:lower:]' | yq ".${event_assignee}.teams" -o csv | tr ',' ' ')
+
+        echo "LABEL<<EOF" >> $GITHUB_ENV
+        for team in ${TEAMS}; do
+          echo "Team: ${team} | Label: team/${team}"
+          echo "team/${team}" >> $GITHUB_ENV
+        done
+        echo "EOF" >> $GITHUB_ENV
+    - name: Apply label to issue
+      if: ${{ env.LABEL != '' }}
+      uses: actions-ecosystem/action-add-labels@v1
+      with:
+        github-token: ${{ secrets.ISSUE_AUTOMATION }}
+        labels: |
+          ${{ env.LABEL }}
diff --git a/.github/workflows/zz_generated.add-to-project-board.yaml b/.github/workflows/zz_generated.add-to-project-board.yaml
@@ -0,0 +1,85 @@
+name: Add Issue to Project when assigned
+
+on:
+  issues:
+    types: [assigned]
+
+jobs:
+  build_user_list:
+    name: Get yaml config of GS users
+    runs-on: ubuntu-latest
+    steps:
+    - name: Get user-mapping
+      run: |
+        mkdir -p artifacts
+        wget --header "Authorization: token ${{ github.token }}" \
+          -O artifacts/users.yaml \
+          https://raw.githubusercontent.com/giantswarm/github/master/tools/issue-automation/user-mapping.yaml
+    - name: Upload Artifact
+      uses: actions/upload-artifact@v3
+      with:
+        name: users
+        path: artifacts/users.yaml
+        retention-days: 1
+    - name: Get label-mapping
+      run: |
+        mkdir -p artifacts
+        wget --header "Authorization: token ${{ github.token }}" \
+          -O artifacts/labels.yaml \
+          https://raw.githubusercontent.com/giantswarm/github/master/tools/issue-automation/label-mapping.yaml
+    - name: Upload Artifact
+      uses: actions/upload-artifact@v3
+      with:
+        name: labels
+        path: artifacts/labels.yaml
+        retention-days: 1
+
+  add_to_personal_board:
+    name: Add issue to personal board
+    runs-on: ubuntu-latest
+    needs: build_user_list
+    steps:
+    - uses: actions/download-artifact@v3
+      id: download-users
+      with:
+        name: users
+    - name: Find personal board based on user names
+      run: |
+        event_assignee=$(cat $GITHUB_EVENT_PATH | jq -r .assignee.login | tr '[:upper:]' '[:lower:]')
+        echo "Issue assigned to: ${event_assignee}"
+
+        BOARD=($(cat ${{steps.download-users.outputs.download-path}}/users.yaml | tr '[:upper:]' '[:lower:]' | yq ".${event_assignee}.personalboard"))
+        echo "Personal board URL: ${BOARD}"
+
+        echo "BOARD=${BOARD}" >> $GITHUB_ENV
+    - name: Add issue to personal board
+      if: ${{ env.BOARD != 'null' && env.BOARD != '' }}
+      uses: actions/add-to-project@main
+      with:
+        project-url: ${{ env.BOARD }}
+        github-token: ${{ secrets.ISSUE_AUTOMATION }}
+
+  add_to_team_board:
+    name: Add issue to personal board
+    runs-on: ubuntu-latest
+    needs: build_user_list
+    steps:
+    - uses: actions/download-artifact@v3
+      id: download-labels
+      with:
+        name: labels
+    - name: Find team board based on label
+      run: |
+        event_label=$(cat $GITHUB_EVENT_PATH | jq -r .label | tr '[:upper:]' '[:lower:]')
+        echo "Issue labelled with: ${event_label}"
+
+        BOARD=($(cat ${{steps.download-users.outputs.download-path}}/labels.yaml | tr '[:upper:]' '[:lower:]' | yq ".${event_label}.projectBoard"))
+        echo "Team board URL: ${BOARD}"
+
+        echo "BOARD=${BOARD}" >> $GITHUB_ENV
+    - name: Add issue to team board
+      if: ${{ env.BOARD != 'null' && env.BOARD != '' }}
+      uses: actions/add-to-project@main
+      with:
+        project-url: ${{ env.BOARD }}
+        github-token: ${{ secrets.ISSUE_AUTOMATION }}
diff --git a/.github/workflows/zz_generated.check_values_schema.yaml b/.github/workflows/zz_generated.check_values_schema.yaml
@@ -1,6 +1,6 @@
 # DO NOT EDIT. Generated with:
 #
-#    devctl@4.24.1
+#    devctl@5.9.0
 #
 name: 'Check if values schema file has been updated'
 on: pull_request
@@ -16,34 +16,69 @@ jobs:
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         run: |
-          VALUES_FILE_CHANGED="false"
-          SCHEMA_FILE_CHANGED="false"
+          echo "Comparing ${GITHUB_BASE_REF}...${GITHUB_HEAD_REF}"
 
-          base_ref=${GITHUB_BASE_REF##*/}
-          head_ref=${GITHUB_HEAD_REF##*/}
+          # check if repo contains a schema file
+          if grep -q "values.schema.json" <<< $(git ls-tree -r --name-only ${GITHUB_SHA}); then
 
-          echo "Comparing ${base_ref}...${head_ref}"
+            # get a list of files changed in the PR
+            CHANGED_FILES=$(gh api repos/{owner}/{repo}/compare/${GITHUB_BASE_REF}...${GITHUB_HEAD_REF} \
+              --jq ".files[].filename")
 
-          changed_files=$(gh api repos/{owner}/{repo}/compare/${base_ref}...${head_ref} --jq ".files[] | .filename")
+            # check if values.yaml in main chart was modified by this PR
+            # (this won't check values files in subcharts)
+            if grep -q 'helm\/[-a-z].*\/values.yaml' <<< "${CHANGED_FILES}" ; then
 
-          if grep -q "values.schema.json" <<< $(git ls-tree -r --name-only ${GITHUB_SHA}); then
+              # get the path to values.yaml
+              VALUES_FILE=$(gh api repos/{owner}/{repo}/compare/${GITHUB_BASE_REF}...${GITHUB_HEAD_REF} \
+                --jq ".files[].filename" | grep 'helm\/[-a-z].*\/values.yaml')
 
-            if grep -q "values.yaml" <<< "${changed_files}" ; then
-              VALUES_FILE_CHANGED="true"
-            fi
+              # fetch branches so we can use them to compare
+              git fetch &> /dev/null
 
-            if grep -q "values.schema.json" <<< "${changed_files}" ; then
-              SCHEMA_FILE_CHANGED="true"
-            fi
+              # calculate hash of the keys from values.yaml from the default branch
+              DEFAULT_BRANCH_SHA=$(git show origin/${GITHUB_BASE_REF}:${VALUES_FILE} \
+                | yq -P 'sort_keys(..)' -o=json | jq -r '[paths | join(".")]' \
+                | sha1sum | awk '{print $1}')
+
+              # calculate hash of the keys from values.yaml from this branch
+              THIS_BRANCH_SHA=$(git show origin/${GITHUB_HEAD_REF}:${VALUES_FILE} \
+                | yq -P 'sort_keys(..)' -o=json | jq -r '[paths | join(".")]' \
+                | sha1sum | awk '{print $1}')
+
+              # compare hashes of the values files
+              if [[ "${DEFAULT_BRANCH_SHA}" != "${THIS_BRANCH_SHA}" ]]; then
 
-            if [ $VALUES_FILE_CHANGED != $SCHEMA_FILE_CHANGED ]; then
-              echo "FAILED: values.yaml was updated but values.schema.json hasn't been regenerated"
-              echo "Please refer to this document: https://intranet.giantswarm.io/docs/organizational-structure/teams/cabbage/app-updates/helm-values-schema/"
-              exit 1
+                # values file structure has been modified so we need to ensure the schema
+                # file is also updated
+
+                if grep -q "values.schema.json" <<< "${CHANGED_FILES}" ; then
+                  # we assume that the schema has been updated, nothing to do
+                  echo "PASSED: values.yaml and values.schema.json both appear to have been updated"
+                  exit 0
+                else
+                  # schema must be updated
+                  echo "FAILED: values.yaml was updated but values.schema.json hasn't been regenerated"
+                  echo "Please refer to this document: https://intranet.giantswarm.io/docs/organizational-structure/teams/cabbage/app-updates/helm-values-schema/"
+                  exit 1
+                fi
+
+              else
+                # values file structure hasn't changed, nothing to do
+                echo "values.yaml structure hasn't been changed by this PR"
+                exit 0
+              fi
+
+            else
+              # values file not included in PR, nothing to see here
+              echo "values.yaml not included in this PR"
+              exit 0
             fi
 
-            echo "PASSED: values.yaml and values.schema.json both appear to have been updated"
+          else
+
+            # if grep returns negative then there isn't a values.schema.json to check
+            echo "No values.schema.json file found in branch '${GITHUB_BASE_REF}', nothing to check"
             exit 0
-          fi
 
-          echo "INFO: values.schema.json not present in this repo - nothing to do"
+          fi
diff --git a/.github/workflows/zz_generated.create_release.yaml b/.github/workflows/zz_generated.create_release.yaml
@@ -1,6 +1,6 @@
 # DO NOT EDIT. Generated with:
 #
-#    devctl@4.24.1
+#    devctl@5.9.0
 #
 name: Create Release
 on:
@@ -120,11 +120,13 @@ jobs:
             echo "error: no changes in \"$file\"" >&2
             exit 1
           fi
+      - name: Set up git identity
+        run: |
+          git config --local user.email "41898282+github-actions[bot]@users.noreply.github.com"
+          git config --local user.name "github-actions[bot]"
       - name: Commit changes
         run: |
           file="${{ needs.gather_facts.outputs.project_go_path }}"
-          git config --local user.email "action@github.com"
-          git config --local user.name "GitHub Action"
           git add $file
           git commit -m "Bump version to ${{ steps.update_project_go.outputs.new_version }}"
       - name: Push changes
@@ -167,10 +169,13 @@ jobs:
         with:
           version: ${{ needs.gather_facts.outputs.version }}
           path: ./CHANGELOG.md
+      - name: Set up git identity
+        run: |
+          git config --local user.email "41898282+github-actions[bot]@users.noreply.github.com"
+          git config --local user.name "github-actions[bot]"
       - name: Create tag
         run: |
           version="${{ needs.gather_facts.outputs.version }}"
-          git config --local user.name "github-actions"
           git tag "v$version" ${{ github.sha }}
       - name: Push tag
         env: