diff --git a/.github/allowed-actions.js b/.github/allowed-actions.js index 64db2d5ca1c3..674008e371ad 100644 --- a/.github/allowed-actions.js +++ b/.github/allowed-actions.js @@ -13,7 +13,6 @@ export default [ 'alex-page/github-project-automation-plus@bb266ff4dde9242060e2d5418e120a133586d488', // v0.8.1 'andymckay/labeler@e6c4322d0397f3240f0e7e30a33b5c5df2d39e90', // v1.0.4 'crowdin/github-action@d7f217268068f1244883a993379d62d816f84f25', // v1.4.0 - 'crykn/copy_folder_to_another_repo_action@0282e8b9fef06de92ddcae9fe6cb44df6226646c', 'cschleiden/actions-linter@caffd707beda4fc6083926a3dff48444bc7c24aa', // uses github-actions-parser v0.23.0 'dawidd6/action-delete-branch@47743101a121ad657031e6704086271ca81b1911', // v3.0.2 'dawidd6/action-download-artifact@af92a8455a59214b7b932932f2662fdefbd78126', // v2.15.0 diff --git a/.github/workflows/site-policy-sync.yml b/.github/workflows/site-policy-sync.yml index cb0c8ea7b40e..4ee14f2c61f1 100644 --- a/.github/workflows/site-policy-sync.yml +++ b/.github/workflows/site-policy-sync.yml @@ -2,7 +2,7 @@ name: Site policy sync # **What it does**: Updates our site-policy repo when changes happen to site policy docs. # **Why we have it**: We want keep site-policy repo up to date. -# **Who does it impact**: Site-policy team. +# **Who does it impact**: site-policy-admins and Developer Policy teams. # Controls when the action will run. on: @@ -14,40 +14,67 @@ on: - closed paths: - 'content/github/site-policy/**' - - # Allows you to run this workflow manually from the Actions tab workflow_dispatch: -# A workflow run is made up of one or more jobs that can run sequentially or in parallel jobs: - # This workflow contains a single job called "build" - copy-file: + sync: + name: Get the latest docs if: >- github.event.pull_request.merged == true && github.repository == 'github/docs-internal' - # The type of runner that the job will run on runs-on: ubuntu-latest - - # Steps represent a sequence of tasks that will be executed as part of the job + permissions: + contents: write + pull-requests: write steps: - # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it - - uses: actions/checkout@1e204e9a9253d643386038d443f96446fa156a97 - # Sets commit message - - name: custom message + - name: checkout docs-internal + uses: actions/checkout@1e204e9a9253d643386038d443f96446fa156a97 + + - name: checkout public site-policy + uses: actions/checkout@1e204e9a9253d643386038d443f96446fa156a97 + with: + repository: github/site-policy + token: ${{ secrets.API_TOKEN_SITEPOLICY }} + fetch-depth: '' + path: public-repo + + - name: Commits internal policies to copy of public repo with descriptive message from triggering PR title run: | - echo "MESSAGE=${{github.event.pull_request.title}}" >> $GITHUB_ENV + cd public-repo + git config --local user.name 'site-policy-bot' + git config --local user.email 'site-policy-bot@github.com' + rm -rf Policies + cp -r ../content/github/site-policy Policies + git status + git checkout -b automated-sync-$GITHUB_RUN_ID + git add . + PR_TITLE=${{ github.event.pull_request.title }} + [[ ! -z $PR_TITLE ]] && DESCRIPTION="${PR_TITLE}" || DESCRIPTION="Update manually triggered by workflow" + echo "DESCRIPTION=$DESCRIPTION" >> $GITHUB_ENV + git commit -m "$(echo $DESCRIPTION)" - # Pushes to other repo - - name: Push folder to another repository - uses: crykn/copy_folder_to_another_repo_action@0282e8b9fef06de92ddcae9fe6cb44df6226646c + - name: If there are changes to push, create a pull request in the public repo using the gh command line tool, then immediately merge the PR and delete the branch + id: createAndMergePullRequest env: - API_TOKEN_GITHUB: ${{ secrets.API_TOKEN_SITEPOLICY }} - with: - source_folder: 'content/github/site-policy' - destination_repo: 'github/site-policy' - destination_branch: 'main' - destination_branch_create: 'repo-sync' - destination_folder: 'Policies' - user_email: 'site-policy-bot@users.noreply.github.com' - user_name: 'site-policy-bot' - commit_msg: '${{ env.MESSAGE }}' + GITHUB_TOKEN: ${{ secrets.API_TOKEN_SITEPOLICY }} + run: | + cd public-repo + git config --local user.name 'site-policy-bot' + git config --local user.email 'site-policy-bot@github.com' + DIFF=$(git diff --name-status --summary HEAD^..HEAD) + NUM_FILES_CHANGED=$(git diff --name-only HEAD^..HEAD | wc -l) + [[ $NUM_FILES_CHANGED -ge 2 ]] && TITLE="Sync changes from GitHub Docs" || TITLE=$(echo $DIFF | sed -e 's/^A\s/Added /g;s/^D\s/Deleted /g;s/^C\s/Copied /g;s/^M\s/Modified /g;s/^R100\s/Renamed /g;') + if [[ ! -z $TITLE ]] + then + echo -e "This is an automated pull request to sync changes from GitHub Docs.\n\nDiff summary:\n\n${DIFF}" > msg + git push --set-upstream origin automated-sync-$GITHUB_RUN_ID + PR_URL=$(gh pr create --title "${TITLE}" --body-file msg --head automated-sync-$GITHUB_RUN_ID --base main --repo github/site-policy) + gh pr diff ${PR_URL} + gh pr merge ${PR_URL} --merge --delete-branch + else + echo "No updates to push to the public repo" + fi + + - name: Delete remote updates branch if previous step failed + if: failure() && steps.createAndMergePullRequest.outcome == 'failure' + run: git push github/site-policy --delete automated-sync-$GITHUB_RUN_ID