Update workflows #20
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This workflow will update all workflow templates | |
| # | |
| # SPDX-FileCopyrightText: 2025 Nextcloud GmbH and Nextcloud contributors | |
| # SPDX-License-Identifier: MIT | |
| name: Update workflows | |
| on: | |
| workflow_dispatch: | |
| schedule: | |
| - cron: "5 2 * * 0" | |
| permissions: | |
| contents: read | |
| jobs: | |
| dispatch: | |
| runs-on: ubuntu-latest | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| branches: | |
| - ${{ github.event.repository.default_branch }} | |
| - 'stable32' | |
| - 'stable31' | |
| name: Update workflows in ${{ matrix.branches }} | |
| permissions: | |
| contents: write | |
| pull-requests: write | |
| steps: | |
| - name: Check actor permission | |
| uses: skjnldsv/check-actor-permission@69e92a3c4711150929bca9fcf34448c5bf5526e7 # v3.0 | |
| with: | |
| require: admin | |
| - name: Checkout workflow repository | |
| uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 | |
| with: | |
| persist-credentials: false | |
| path: source | |
| repository: nextcloud/.github | |
| - name: Checkout app | |
| uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 | |
| with: | |
| persist-credentials: false | |
| path: target | |
| ref: ${{ matrix.branches }} | |
| - name: Copy all workflow templates | |
| run: | | |
| for workflow in ./source/workflow-templates/*.yml; do | |
| echo "❓ Looking for $workflow" | |
| if [ -f "$workflow" ]; then | |
| filename=$(basename "$workflow") | |
| target_file="./target/.github/workflows/$filename" | |
| # Only copy if the file exists in the target repository | |
| if [ -f "$target_file" ]; then | |
| if [ -f "./target/.github/actions-lock.txt" ]; then | |
| locked_version=$(grep " $filename" ./target/.github/actions-lock.txt | cat) | |
| else | |
| echo "# SPDX-FileCopyrightText: 2025 Nextcloud GmbH and Nextcloud contributors" >> ./target/.github/actions-lock.txt | |
| echo "# SPDX-License""-Identifier: MIT" >> ./target/.github/actions-lock.txt | |
| locked_version="" | |
| fi | |
| locked_version=$(echo $locked_version | cut -f 1 -d " ") | |
| new_version=$(md5sum $workflow | cut -f 1 -d " ") | |
| # Only update if the action changes | |
| if [[ "$locked_version" != "$new_version" ]]; then | |
| echo "ℹ️ Locked version: $locked_version" | |
| echo "ℹ️ Current version: $new_version" | |
| echo "🆙 Updating existing workflow: $filename" | |
| cp "$workflow" "$target_file" | |
| # Apply patch if one exists | |
| if [ -f "$target_file.patch" ]; then | |
| echo "🩹 Applying patch" | |
| cd ./target | |
| patch -p1 < ".github/workflows/$filename.patch" | |
| cd - | |
| fi | |
| if [[ "$locked_version" != "" ]]; then | |
| sed -i "s/$locked_version $filename/$new_version $filename/" ./target/.github/actions-lock.txt | |
| else | |
| echo "$new_version $filename" >> ./target/.github/actions-lock.txt | |
| fi | |
| else | |
| echo "✅ Skipping $filename: already up to date" | |
| fi | |
| else | |
| echo "⏭️ Skipping $filename: does not exist in target repository" | |
| fi | |
| fi | |
| done | |
| - name: Create Pull Request | |
| uses: peter-evans/create-pull-request@84ae59a2cdc2258d6fa0732dd66352dddae2a412 # v7.0.9 | |
| with: | |
| token: ${{ secrets.COMMAND_BOT_WORKFLOWS }} | |
| commit-message: 'ci(actions): Update workflow templates from organization template repository' | |
| committer: GitHub <[email protected]> | |
| author: nextcloud-command <[email protected]> | |
| path: target | |
| signoff: true | |
| branch: 'automated/noid/${{ matrix.branches }}-update-workflows' | |
| title: '[${{ matrix.branches }}] ci(actions): Update workflow templates from organization template repository' | |
| body: | | |
| Automated update of all workflow templates from [nextcloud/.github](https://github.com/nextcloud/.github) | |
| labels: | | |
| dependencies | |
| 3. to review |