Template sync #32
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Template sync | |
| on: | |
| workflow_dispatch: | |
| schedule: | |
| - cron: '0 0 * * *' # every day at midnight | |
| permissions: {} | |
| concurrency: | |
| group: pre-commit | |
| cancel-in-progress: false | |
| env: | |
| # renovate: datasource=github-releases depName=asdf-vm/asdf | |
| ASDF_VERSION: 31e8c93004abd76253d186b8896785895069749b # v0.15.0 # pragma: allowlist secret | |
| jobs: | |
| universal-addon: | |
| if: github.repository != 'lablabs/terraform-aws-eks-universal-addon' | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - name: Generate GitHub App token | |
| id: template-sync-app-token | |
| uses: actions/create-github-app-token@3ff1caaa28b64c9cc276ce0a02e2ff584f3900c5 # v2.0.2 | |
| with: | |
| app-id: ${{ secrets.LARA_TEMPLATE_SYNC_APP_ID }} | |
| private-key: ${{ secrets.LARA_TEMPLATE_SYNC_APP_PRIVATE_KEY }} | |
| repositories: ${{ github.event.repository.name }} | |
| owner: ${{ github.repository_owner }} | |
| - name: Checkout | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| with: | |
| token: ${{ steps.template-sync-app-token.outputs.token }} # needed for private repositories | |
| persist-credentials: false | |
| - name: Sync universal-addon template | |
| uses: AndreasAugustin/actions-template-sync@bcb94410a4f1dffdfe5eaabc8234c3b8e76ebc5b # v2.5.1 | |
| with: | |
| source_gh_token: ${{ steps.template-sync-app-token.outputs.token }} | |
| source_repo_path: lablabs/terraform-aws-eks-universal-addon | |
| upstream_branch: main | |
| target_gh_token: ${{ steps.template-sync-app-token.outputs.token }} | |
| git_remote_pull_params: --allow-unrelated-histories --squash --strategy=recursive --no-tags -X theirs | |
| pr_labels: kind/sync | |
| pr_branch_name_prefix: "feat/universal-addon-sync" | |
| pr_title: "feat(sync): sync universal-addon changes" | |
| pr_commit_msg: "feat(sync): sync universal-addon changes" | |
| is_pr_cleanup: true | |
| - name: Setup ASDF | |
| uses: asdf-vm/actions/setup@05e0d2ed97b598bfce82fd30daf324ae0c4570e6 # v3.0.2 | |
| - name: Cache ASDF | |
| uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3 | |
| id: asdf-cache | |
| with: | |
| # https://github.com/asdf-vm/asdf/blob/master/.gitignore | |
| path: | | |
| ~/.asdf/installs | |
| ~/.asdf/plugins | |
| ~/.asdf/shims | |
| key: ${{ runner.os }}-asdf-${{ hashFiles('.tool-versions') }} | |
| restore-keys: ${{ runner.os }}-asdf- | |
| - name: Install ASDF | |
| uses: asdf-vm/actions/install@05e0d2ed97b598bfce82fd30daf324ae0c4570e6 # v3.0.2 | |
| if: ${{ steps.asdf-cache.outputs.cache-hit != 'true' }} | |
| with: | |
| asdf_branch: ${{ env.ASDF_VERSION }} | |
| - name: Reshim installed ASDF tools | |
| shell: bash | |
| run: asdf reshim | |
| - name: Cache pip | |
| uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3 | |
| with: | |
| path: ~/.cache/pip/ | |
| key: ${{ runner.os }}-pip-${{ hashFiles('.pre-commit-config.yaml') }} | |
| restore-keys: | | |
| ${{ runner.os }}-pip- | |
| - name: Update README.md | |
| run: pre-commit run --show-diff-on-failure --color=always terraform_docs --all-files || true | |
| - name: Commit and push README.md | |
| uses: EndBug/add-and-commit@a94899bca583c204427a224a7af87c02f9b325d5 # v9.1.4 | |
| with: | |
| add: README.md | |
| message: "docs: update README.md" |