diff --git a/.github/workflows/plugin-update-check.yml b/.github/workflows/plugin-update-check.yml index 7e9a5fad5b..361fd501ba 100644 --- a/.github/workflows/plugin-update-check.yml +++ b/.github/workflows/plugin-update-check.yml @@ -82,7 +82,7 @@ jobs: GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} continue-on-error: true run: | - if [ -z "$vault_pr_num" ]; then + if [ -z "${{ steps.pr.outputs.vault_pr_url }}" ]; then echo "error: no vault PR found" exit 1 fi diff --git a/.github/workflows/plugin-update.yml b/.github/workflows/plugin-update.yml index ab74c448dc..b7ddafebcc 100644 --- a/.github/workflows/plugin-update.yml +++ b/.github/workflows/plugin-update.yml @@ -6,11 +6,11 @@ on: inputs: repo: type: string - description: 'The owner and repository name as per the github.repository context property.' + description: 'The owner and repository name. Ex: hashicorp/vault-plugin-auth-jwt' required: true plugin_tag: type: string - description: 'The name of the plugin tag.' + description: 'The name of the plugin tag. Ex: v0.5.1' required: true jobs: @@ -48,7 +48,7 @@ jobs: run: | git config user.name hc-github-team-secure-vault-ecosystem git config user.email hc-github-team-secure-vault-ecosystem@users.noreply.github.com - git add . + git add go.mod go.sum git commit -m "Automated dependency upgrades" git push -f origin ${{ github.ref_name }}:"$VAULT_BRANCH" @@ -63,8 +63,9 @@ jobs: if [ -z "$PR" ]; then gh pr create \ --head "$VAULT_BRANCH" \ + --reviewer "${{ github.actor }}" \ --title "Update ${{ inputs.repo }} to ${{ inputs.plugin_tag }}" \ - --body "Updates ${{ inputs.repo }} to verify vault CI. Full log: https://github.com/hashicorp/vault/actions/runs/${{ github.run_id }}" + --body "This PR was generated by a GitHub Action. Full log: https://github.com/hashicorp/vault/actions/runs/${{ github.run_id }}" echo "vault_pr_num=$(gh pr list --head "$VAULT_BRANCH" --json number -q '.[0].number')" >> "$GITHUB_OUTPUT" echo "vault_pr_url=$(gh pr list --head "$VAULT_BRANCH" --json url -q '.[0].url')" >> "$GITHUB_OUTPUT" @@ -73,13 +74,8 @@ jobs: fi - name: Add changelog - continue-on-error: true + if: steps.pr.outputs.vault_pr_num != '' run: | - if [ -z "$vault_pr_num" ]; then - echo "error: no vault PR found" - exit 1 - fi - # strip "hashicorp/" from repo name PLUGIN=$(echo ${{ inputs.repo }} | awk -F/ '{print $NF}') echo "plugin: $PLUGIN" @@ -94,24 +90,20 @@ jobs: echo "\`\`\`release-note:change ${PLUGIN_TYPE}/${PLUGIN_SERVICE}: Update plugin to ${{ inputs.plugin_tag }} - \`\`\`" > "changelog/${vault_pr_num}.txt" + \`\`\`" > "changelog/${{ steps.pr.outputs.vault_pr_num }}.txt" - git add . + git add changelog/ git commit -m "Add changelog" git push origin ${{ github.ref_name }}:"$VAULT_BRANCH" - name: Add labels to Vault PR + if: steps.pr.outputs.vault_pr_num != '' env: # this is a different token to the one we have been using that should # allow us to add labels GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} continue-on-error: true run: | - if [ -z "$vault_pr_num" ]; then - echo "error: no vault PR found" - exit 1 - fi - gh pr edit "${{ steps.pr.outputs.vault_pr_num }}" \ --add-label "dependencies" \ --repo hashicorp/vault