Sync github app token issuer code #16973
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Sync github app token issuer code | |
| on: | |
| push: | |
| branches: | |
| - main | |
| workflow_dispatch: | |
| schedule: | |
| - cron: "0 */1 * * *" # Runs every hour | |
| jobs: | |
| update-version: | |
| permissions: | |
| id-token: write | |
| contents: write | |
| pull-requests: write | |
| name: Update Version | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Collect Metrics | |
| id: collect-gha-metrics | |
| uses: smartcontractkit/push-gha-metrics-action@dea9b546553cb4ca936607c2267a09c004e4ab3f # v3.0.0 | |
| with: | |
| id: sync-github-app-token-issuer | |
| basic-auth: ${{ secrets.GRAFANA_INTERNAL_BASIC_AUTH }} | |
| hostname: ${{ secrets.GRAFANA_INTERNAL_HOST }} | |
| org-id: ${{ secrets.GRAFANA_INTERNAL_TENANT_ID }} | |
| this-job-name: Update Version | |
| continue-on-error: true | |
| - name: Checkout the repo | |
| uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 | |
| - name: Assume role capable of dispatching action | |
| uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 | |
| with: | |
| role-to-assume: ${{ secrets.AWS_OIDC_CHAINLINK_GITHUB_ACTIONS_SYNC_GATI_TOKEN_ISSUER_ROLE_ARN }} | |
| role-duration-seconds: 3600 | |
| role-session-name: sync-github-app-token-issuer.update-version | |
| aws-region: ${{ secrets.AWS_REGION }} | |
| mask-aws-account-id: true | |
| - name: Get Github Token | |
| id: get-gh-token | |
| uses: smartcontractkit/chainlink-github-actions/github-app-token-issuer@e29366cdecfe6befff9ab8c3cfe4825218505d58 # v2.3.16 | |
| with: | |
| url: ${{ secrets.AWS_INFRA_RELENG_TOKEN_ISSUER_LAMBDA_URL }} | |
| - name: Update version | |
| env: | |
| GH_TOKEN: ${{ steps.get-gh-token.outputs.access-token }} | |
| run: ./github-app-token-issuer/sync.sh | |
| - name: Update buggy version | |
| env: | |
| GH_TOKEN: ${{ steps.get-gh-token.outputs.access-token }} | |
| run: ./github-app-token-issuer-buggy/sync.sh | |
| - name: Open PR | |
| uses: peter-evans/create-pull-request@6d6857d36972b65feb161a90e484f2984215f83e # v6.0.5 | |
| with: | |
| title: Update github-app-token-issuers | |
| branch: chore/update-github-app-token-issuers | |
| commit-message: Update github-app-token-issuers |