open-vault/.github/workflows/oss.yml

129 lines
4.7 KiB
YAML

# Open Source Community Workflows
name: Project triage
on:
pull_request:
types: [opened, reopened]
# Runs on PRs to main
branches:
- main
issues:
types: [opened, reopened]
jobs:
add-to-projects:
# exclude internal PRs
if: github.event.pull_request.head.repo.owner.login != 'hashicorp' && ((github.event.action == 'reopened') || (github.event.action == 'opened'))
name: Add issue or PR to projects
runs-on: ubuntu-latest
steps:
- if: github.event.pull_request != null
uses: actions/checkout@v3
- if: github.event.pull_request != null
uses: dorny/paths-filter@v2
id: changes
with:
# derived from CODEOWNERS
filters: |
cryptosec:
- 'builtin/logical/pki/**'
- 'builtin/logical/ssh/**'
- 'builtin/logical/totp/**'
- 'builtin/logical/transit/**'
ecosystem:
- 'builtin/credential/aws/**'
- 'builtin/credential/github/**'
- 'builtin/credential/ldap/**'
- 'builtin/credential/okta/**'
- 'builtin/logical/aws/**'
- 'builtin/logical/cassandra/**'
- 'builtin/logical/consul/**'
- 'builtin/logical/database/**'
- 'builtin/logical/mongodb/**'
- 'builtin/logical/mssql/**'
- 'builtin/logical/mysql/**'
- 'builtin/logical/nomad/**'
- 'builtin/logical/postgresql/**'
- 'builtin/logical/rabbitmq/**'
- 'command/agent/**'
- 'plugins/**'
- 'vault/plugin_catalog.go'
- 'ui/app/components/auth-jwt.js'
- 'ui/app/routes/vault/cluster/oidc-*.js'
devex:
- 'api/**'
- 'command/**'
ui:
- 'ui/**'
- name: "Default to core board"
run: echo "PROJECT=170" >> "$GITHUB_ENV"
- if: github.event.pull_request != null && steps.changes.outputs.cryptosec == 'true'
run: echo "PROJECT=172" >> "$GITHUB_ENV"
- if: github.event.pull_request != null && steps.changes.outputs.ecosystem == 'true'
run: echo "PROJECT=169" >> "$GITHUB_ENV"
- if: github.event.pull_request != null && steps.changes.outputs.devex == 'true'
run: echo "PROJECT=176" >> "$GITHUB_ENV"
- if: github.event.pull_request != null && steps.changes.outputs.ui == 'true'
run: echo "PROJECT=171" >> "$GITHUB_ENV"
- uses: actions/add-to-project@v0.3.0
with:
project-url: https://github.com/orgs/hashicorp/projects/${{ env.PROJECT }}
github-token: ${{ secrets.TRIAGE_GITHUB_TOKEN }}
# example of something more complicated: deleting an issue or PR automatically (though this is done in the project workflows already)
# we have to use the GraphQL API for anything involving projects.
#
# get-project:
# name: Get project data
# runs-on: ubuntu-latest
# if: github.event.action == 'closed' || github.event.action == 'deleted'
# outputs:
# project_id: ${{ steps.get-project.outputs.project_id }}
# steps:
# - id: get-project
# name: Get project data
# env:
# GITHUB_TOKEN: ${{ secrets.TRIAGE_GITHUB_TOKEN }}
# ORGANIZATION: hashicorp
# PROJECT_NUMBER: 169
# run: |
# gh api graphql -f query='
# query($org: String!, $number: Int!) {
# organization(login: $org){
# projectV2(number: $number) {
# id
# }
# }
# }' -f org=$ORGANIZATION -F number=$PROJECT_NUMBER > project_data.json
# echo "::set-output name=project_id::$(jq '.data.organization.projectV2.id' project_data.json)"
# delete-from-project:
# name: Remove issue or PR from project
# needs: [get-project]
# if: github.event.action == 'closed' || github.event.action == 'deleted'
# runs-on: ubuntu-latest
# steps:
# - name: Remove issue or PR
# env:
# GITHUB_TOKEN: ${{ secrets.TRIAGE_GITHUB_TOKEN }}
# run: |
# PROJECT_ID=${{ needs.get-project.outputs.project_id }}
# item_id=${{ github.event.issue.node_id }}
# if [ -z "$item_id" ]; then
# item_id=${{ github.event.pull_request.node_id }}
# fi
# gh api graphql -f query='
# mutation($project_id: ID!, $item_id: ID!) {
# deleteProjectV2Item(
# input: {
# projectId: $project_id
# itemId: $item_id
# }
# ) {
# deletedItemId
# }
# }' -f project_id=$PROJECT_ID -f item_id=$item_id || true