-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Fix action and add force merge option (#1)
* debug * add envs manually * fix spelling * fix output * exit on wrong event type * pull_request name * add merge option * fix merge condition * move pre-condition * fix * single quotes * done testing * untested merge condition * try fix bad substitution * test approve * echo merge info test * done testing * update README
- Loading branch information
1 parent
626f94d
commit 13e6795
Showing
2 changed files
with
60 additions
and
10 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1 +1,27 @@ | ||
| Used together with [action-terraform](https://github.com/Pararius/action-terraform) for auto-approving (and merging) of pull request created by Dependabot | ||
|
|
||
| Example usage: | ||
|
|
||
| ```yaml | ||
| terraform: | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - uses: actions/checkout@v3 | ||
| - name: Terraform | ||
| uses: Pararius/action-terraform@0.0.29 | ||
| with: | ||
| terraform_directory: ./terraform | ||
| terraform_do_apply: false | ||
| terraform_parallelism: 3 | ||
|
|
||
| auto-approve: | ||
| runs-on: ubuntu-latest | ||
| needs: [terraform] | ||
| if: github.actor == 'dependabot[bot]' | ||
| steps: | ||
| - uses: Pararius/action-terraform-automerge@dev | ||
| with: | ||
| github-token: <github-token-here> | ||
| terraform-directory: 'terraform/' | ||
| merge: true | ||
| ``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,35 +1,59 @@ | ||
| name: Terraform Auto-Approve | ||
| description: 'Auto-approve terrafrom changes that do not have state changes' | ||
| name: Terraform auto-merge | ||
| description: 'Auto-approve or Auto-merge terrafrom changes that do not have state changes' | ||
| inputs: | ||
| github-token: | ||
| description: 'Github token of the bot used for the auto-approving' | ||
| required: true | ||
| terraform-directory: | ||
| description: 'Root directory for the terraform files' | ||
| description: 'Root directory for the terraform files e.g. terraform/' | ||
| required: true | ||
| merge: | ||
| description: 'Enable auto-merging' | ||
| required: false | ||
| default: false | ||
| force-merge: | ||
| description: 'Enable auto-merging using admin access' | ||
| required: false | ||
| default: false | ||
| runs: | ||
| using: 'composite' | ||
| steps: | ||
| - if: github.event_name != 'pull_request' | ||
| run: exit 1 | ||
| shell: bash | ||
| # get changed files inside pr (limited to 100 per request, but dependabot PRs are small so who cares) | ||
| - run: | | ||
| # todo. check that this is a pr and skip (or fail) other workflow events | ||
| pr_number=$(echo "$GIHUB_REF" | cut -d '/' -f3) | ||
| gh pr -R "${GIHUB_REPOSITORY}" view "${pr_number}" --json files --jq '.files.[].path' \ | ||
| | grep -qo "^${TERRAFORM_DIR}" && echo "skip=false"|| echo "skip=false" >> $GITHUB_OUTPUT | ||
| PR_NUMBER=$(echo "$GITHUB_REF" | cut -d '/' -f3) | ||
| TERRAFORM_DIR=$(echo "$TERRAFORM_DIR" | sed 's@\(\./\|/\)@@g') | ||
| gh pr -R "${GITHUB_REPOSITORY}" view "${PR_NUMBER}" --json files --jq '.files.[].path' \ | ||
| | grep -qv "^${TERRAFORM_DIR}/" || echo "skip=false" >> $GITHUB_OUTPUT | ||
| shell: bash | ||
| id: check | ||
| env: | ||
| GITHUB_TOKEN: ${{ inputs.github-token }} | ||
| TERRAFORM_DIR: ${{ inputs.terraform-directory }} | ||
| # download artifact created by pararius/action-terraform | ||
| - uses: actions/download-artifact@v3 | ||
| if: steps.check.outputs.skip == 'false' # don't fail | ||
| if: steps.check.outputs.skip == 'false' | ||
| with: | ||
| name: terraform | ||
| path: summary | ||
| # output true if any state in inputs.terraform-directory changed | ||
| - id: summary | ||
| if: steps.check.outputs.skip == 'false' # don't fail | ||
| if: steps.check.outputs.skip == 'false' | ||
| shell: bash | ||
| run: cat summary/terraform/*.summary | grep 'true' || echo "has_changes=false" >> $GITHUB_OUTPUT | ||
| # approve based on summary step ouptput | ||
| - uses: hmarr/auto-approve-action@v3 | ||
| if: steps.bheck.outputs.skip == 'false' && steps.summary.outputs.has_changes == 'false' | ||
| if: steps.summary.outputs.has_changes == 'false' | ||
| with: | ||
| github-token: ${{ inputs.github-token }} | ||
| # merge based on summary step output | ||
| - if: (inputs.merge || inputs.force-merge) && steps.summary.outputs.has_changes == 'false' | ||
| run: | | ||
| PR_NUMBER=$(echo "$GITHUB_REF" | cut -d '/' -f3) | ||
| gh pr -R "${GITHUB_REPOSITORY}" merge "${PR_NUMBER}" -s `[[ "$USE_ADMIN" == "true" ]] && echo '--admin'` | ||
| shell: bash | ||
| env: | ||
| USE_ADMIN: ${{ inputs.force-merge }} | ||
| GITHUB_TOKEN: ${{ inputs.github-token }} |