Fix memory leak issue when using fetch in oidc authentication #8175
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
on: | |
issues: | |
types: [opened, closed, deleted, reopened] | |
pull_request_target: | |
types: [opened, closed, reopened] | |
issue_comment: # Also triggers when commenting on a PR from the conversation view | |
types: [created] | |
workflow_dispatch: | |
name: Jira Sync | |
jobs: | |
sync: | |
runs-on: ubuntu-latest | |
name: Jira sync | |
steps: | |
- name: Check if community user | |
if: github.event.action == 'opened' | |
id: boundary-team-role | |
run: | | |
TEAM=boundary | |
ROLE="$(gh api orgs/hashicorp/teams/${TEAM}/memberships/${{ github.actor }} | jq -r '.role | select(.!=null)')" | |
if [[ -n ${ROLE} ]]; then | |
echo "Actor ${{ github.actor }} is a ${TEAM} team member, skipping ticket creation" | |
else | |
echo "Actor ${{ github.actor }} is not a ${TEAM} team member" | |
fi | |
echo "role=${ROLE}" >> $GITHUB_OUTPUT | |
env: | |
GITHUB_TOKEN: ${{ secrets.JIRA_SYNC_GITHUB_TOKEN }} | |
- name: Set ticket type | |
if: github.event.action == 'opened' && !steps.boundary-team-role.outputs.role | |
id: set-ticket-type | |
run: | | |
if [[ "${{ github.event_name }}" == "pull_request_target" ]]; then | |
echo "type=PR" >> $GITHUB_OUTPUT | |
else | |
echo "type=ISS" >> $GITHUB_OUTPUT | |
fi | |
- name: Create ticket | |
if: github.event.action == 'opened' && !steps.boundary-team-role.outputs.role | |
uses: tomhjp/gh-action-jira-create@3ed1789cad3521292e591a7cfa703215ec1348bf # v0.2.1 | |
env: | |
JIRA_BASE_URL: ${{ secrets.JIRA_BASE_URL }} | |
JIRA_USER_EMAIL: ${{ secrets.JIRA_USER_EMAIL }} | |
JIRA_API_TOKEN: ${{ secrets.JIRA_API_TOKEN }} | |
with: | |
project: ICU | |
issuetype: "GH Issue" | |
summary: "${{ github.event.repository.name }} [${{ steps.set-ticket-type.outputs.type }} #${{ github.event.issue.number || github.event.pull_request.number }}]: ${{ github.event.issue.title || github.event.pull_request.title }}" | |
description: "${{ github.event.issue.body || github.event.pull_request.body }}\n\n_Created from GitHub Action for ${{ github.event.issue.html_url || github.event.pull_request.html_url }}, from ${{ github.actor }}_" | |
# customfield_10089 is Issue Link custom field | |
# customfield_10091 is team custom field | |
extraFields: '{"customfield_10089": "${{ github.event.issue.html_url || github.event.pull_request.html_url }}"}' | |
- name: Search | |
if: github.event.action != 'opened' | |
id: search | |
uses: tomhjp/gh-action-jira-search@04700b457f317c3e341ce90da5a3ff4ce058f2fa # v0.2.2 | |
env: | |
JIRA_BASE_URL: ${{ secrets.JIRA_BASE_URL }} | |
JIRA_USER_EMAIL: ${{ secrets.JIRA_USER_EMAIL }} | |
JIRA_API_TOKEN: ${{ secrets.JIRA_API_TOKEN }} | |
with: | |
# cf[10089] is Issue Link custom field | |
jql: 'issuetype = "GH Issue" and cf[10089]="${{ github.event.issue.html_url || github.event.pull_request.html_url }}"' | |
- name: Sync comment | |
if: github.event.action == 'created' && steps.search.outputs.issue | |
uses: tomhjp/gh-action-jira-comment@6eb6b9ead70221916b6badd118c24535ed220bd9 # v0.2.0 | |
env: | |
JIRA_BASE_URL: ${{ secrets.JIRA_BASE_URL }} | |
JIRA_USER_EMAIL: ${{ secrets.JIRA_USER_EMAIL }} | |
JIRA_API_TOKEN: ${{ secrets.JIRA_API_TOKEN }} | |
with: | |
issue: ${{ steps.search.outputs.issue }} | |
comment: "${{ github.actor }} ${{ github.event.review.state || 'commented' }}:\n\n${{ github.event.comment.body || github.event.review.body }}\n\n${{ github.event.comment.html_url || github.event.review.html_url }}" | |
- name: Transitions | |
id: transitions | |
if: steps.search.outputs.issue | |
run: | | |
if [[ "${{ github.event.action }}" == "closed" || "${{ github.event.action }}" == "deleted" ]]; then | |
echo "Closing ticket" | |
echo "name=Done" >> "$GITHUB_OUTPUT" | |
elif [[ "${{ github.event.action }}" == "reopened" ]]; then | |
echo "Reopening ticket" | |
echo "name=Reopen" >> "$GITHUB_OUTPUT" | |
fi | |
# Transition issue API reference: https://developer.atlassian.com/cloud/jira/platform/rest/v3/api-group-issues/#api-rest-api-3-issue-issueidorkey-transitions-post | |
- name: Transition ticket | |
if: steps.transitions.outputs.name | |
run: | | |
transitions="$(curl --silent \ | |
--url "${{ secrets.JIRA_BASE_URL }}rest/api/3/issue/${{ steps.search.outputs.issue }}/transitions" \ | |
--user "${{ secrets.JIRA_USER_EMAIL }}:${{ secrets.JIRA_API_TOKEN }}" \ | |
--header "Accept: application/json")" | |
id="$(echo "${transitions}" | jq -r '.transitions[] | select(.name == "${{ steps.transitions.outputs.name }}") | .id')" | |
curl --silent \ | |
--url "${{ secrets.JIRA_BASE_URL }}rest/api/3/issue/${{ steps.search.outputs.issue }}/transitions" \ | |
--user "${{ secrets.JIRA_USER_EMAIL }}:${{ secrets.JIRA_API_TOKEN }}" \ | |
--header "Accept: application/json" \ | |
--header "Content-Type: application/json" \ | |
--data "$(printf '{"transition": {"id": "%s"}}' "${id}")" |