You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
161 lines
5.8 KiB
161 lines
5.8 KiB
name: _move_finalization_db_scripts |
|
run-name: Move finalization database scripts |
|
|
|
on: |
|
workflow_call: |
|
|
|
permissions: |
|
pull-requests: write |
|
contents: write |
|
|
|
jobs: |
|
setup: |
|
name: Setup |
|
runs-on: ubuntu-22.04 |
|
outputs: |
|
migration_filename_prefix: ${{ steps.prefix.outputs.prefix }} |
|
copy_finalization_scripts: ${{ steps.check-finalization-scripts-existence.outputs.copy_finalization_scripts }} |
|
steps: |
|
- name: Log in to Azure |
|
uses: Azure/login@e15b166166a8746d1a47596803bd8c1b595455cf # v1.6.0 |
|
with: |
|
creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }} |
|
|
|
- name: Retrieve secrets |
|
id: retrieve-secrets |
|
uses: bitwarden/gh-actions/get-keyvault-secrets@main |
|
with: |
|
keyvault: "bitwarden-ci" |
|
secrets: "github-pat-bitwarden-devops-bot-repo-scope" |
|
|
|
- name: Check out branch |
|
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 |
|
with: |
|
token: ${{ steps.retrieve-secrets.outputs.github-pat-bitwarden-devops-bot-repo-scope }} |
|
|
|
- name: Get script prefix |
|
id: prefix |
|
run: echo "prefix=$(date +'%Y-%m-%d')" >> $GITHUB_OUTPUT |
|
|
|
- name: Check if any files in DB finalization directory |
|
id: check-finalization-scripts-existence |
|
run: | |
|
if [ -f util/Migrator/DbScripts_finalization/* ]; then |
|
echo "copy_finalization_scripts=true" >> $GITHUB_OUTPUT |
|
else |
|
echo "copy_finalization_scripts=false" >> $GITHUB_OUTPUT |
|
fi |
|
|
|
move-finalization-db-scripts: |
|
name: Move finalization database scripts |
|
runs-on: ubuntu-22.04 |
|
needs: setup |
|
if: ${{ needs.setup.outputs.copy_finalization_scripts == 'true' }} |
|
steps: |
|
- name: Checkout |
|
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 |
|
with: |
|
fetch-depth: 0 |
|
|
|
- name: Generate branch name |
|
id: branch_name |
|
env: |
|
PREFIX: ${{ needs.setup.outputs.migration_filename_prefix }} |
|
run: echo "branch_name=move_finalization_db_scripts_$PREFIX" >> $GITHUB_OUTPUT |
|
|
|
- name: "Create branch" |
|
env: |
|
BRANCH: ${{ steps.branch_name.outputs.branch_name }} |
|
run: git switch -c $BRANCH |
|
|
|
- name: Move DbScripts_finalization |
|
id: move-files |
|
env: |
|
PREFIX: ${{ needs.setup.outputs.migration_filename_prefix }} |
|
run: | |
|
src_dir="util/Migrator/DbScripts_finalization" |
|
dest_dir="util/Migrator/DbScripts" |
|
i=0 |
|
|
|
moved_files="" |
|
for file in "$src_dir"/*; do |
|
filenumber=$(printf "%02d" $i) |
|
|
|
filename=$(basename "$file") |
|
new_filename="${PREFIX}_${filenumber}_${filename}" |
|
dest_file="$dest_dir/$new_filename" |
|
|
|
mv "$file" "$dest_file" |
|
moved_files="$moved_files \n $filename -> $new_filename" |
|
|
|
i=$((i+1)) |
|
done |
|
echo "moved_files=$moved_files" >> $GITHUB_OUTPUT |
|
|
|
- name: Log in to Azure - production subscription |
|
uses: Azure/login@e15b166166a8746d1a47596803bd8c1b595455cf # v1.6.0 |
|
with: |
|
creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }} |
|
|
|
- name: Retrieve secrets |
|
id: retrieve-secrets |
|
uses: bitwarden/gh-actions/get-keyvault-secrets@main |
|
with: |
|
keyvault: "bitwarden-ci" |
|
secrets: "github-gpg-private-key, |
|
github-gpg-private-key-passphrase, |
|
devops-alerts-slack-webhook-url" |
|
|
|
- name: Import GPG keys |
|
uses: crazy-max/ghaction-import-gpg@cb9bde2e2525e640591a934b1fd28eef1dcaf5e5 # v6.2.0 |
|
with: |
|
gpg_private_key: ${{ steps.retrieve-secrets.outputs.github-gpg-private-key }} |
|
passphrase: ${{ steps.retrieve-secrets.outputs.github-gpg-private-key-passphrase }} |
|
git_user_signingkey: true |
|
git_commit_gpgsign: true |
|
|
|
- name: Commit and push changes |
|
id: commit |
|
run: | |
|
git config --local user.email "106330231+bitwarden-devops-bot@users.noreply.github.com" |
|
git config --local user.name "bitwarden-devops-bot" |
|
if [ -n "$(git status --porcelain)" ]; then |
|
git add . |
|
git commit -m "Move DbScripts_finalization to DbScripts" -a |
|
git push -u origin ${{ steps.branch_name.outputs.branch_name }} |
|
echo "pr_needed=true" >> $GITHUB_OUTPUT |
|
else |
|
echo "No changes to commit!"; |
|
echo "pr_needed=false" >> $GITHUB_OUTPUT |
|
echo "### :mega: No changes to commit! PR was ommited." >> $GITHUB_STEP_SUMMARY |
|
fi |
|
|
|
- name: Create PR for ${{ steps.branch_name.outputs.branch_name }} |
|
if: ${{ steps.commit.outputs.pr_needed == 'true' }} |
|
id: create-pr |
|
env: |
|
BRANCH: ${{ steps.branch_name.outputs.branch_name }} |
|
GH_TOKEN: ${{ github.token }} |
|
MOVED_FILES: ${{ steps.move-files.outputs.moved_files }} |
|
TITLE: "Move finalization database scripts" |
|
run: | |
|
PR_URL=$(gh pr create --title "$TITLE" \ |
|
--base "main" \ |
|
--head "$BRANCH" \ |
|
--label "automated pr" \ |
|
--body " |
|
## Automated movement of DbScripts_finalization to DbScripts |
|
|
|
## Files moved: |
|
$(echo -e "$MOVED_FILES") |
|
") |
|
echo "pr_url=${PR_URL}" >> $GITHUB_OUTPUT |
|
|
|
- name: Notify Slack about creation of PR |
|
if: ${{ steps.commit.outputs.pr_needed == 'true' }} |
|
uses: act10ns/slack@44541246747a30eb3102d87f7a4cc5471b0ffb7d # v2.1.0 |
|
env: |
|
SLACK_WEBHOOK_URL: ${{ steps.retrieve-secrets.outputs.devops-alerts-slack-webhook-url }} |
|
with: |
|
message: "Created PR for moving DbScripts_finalization to DbScripts: ${{ steps.create-pr.outputs.pr_url }}" |
|
status: ${{ job.status }}
|
|
|