diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 9d60215..15f12a5 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -1,10 +1,3 @@ -# We use this for automatic PR review assignment within Github. -# We don't intent to gatekeep certain parts of the codebase and -# won't use it in branch protection rules. -# If individual users are specified in this file, this is mainly to -# inform them of certain PRs and we don't require a review from them -# to be able to merge PRs. - # These owners will be the default owners for everything in # the repo. Unless a later match takes precedence, # they will be requested for review when someone opens a diff --git a/.github/lib/copy-codeowners-file.js b/.github/lib/copy-codeowners-file.js index bba234d..033b424 100644 --- a/.github/lib/copy-codeowners-file.js +++ b/.github/lib/copy-codeowners-file.js @@ -8,7 +8,7 @@ module.exports = () => { const fs = require("fs"); const mainFolder = path.join(process.env.GITHUB_WORKSPACE, "main"); const codeownersFile = fs.readFileSync( - path.join(mainFolder, "assets", "codeowners"), + path.join(mainFolder, ".github", "CODEOWNERS"), "utf-8" ); diff --git a/.github/workflows/add-codeowners.yml b/.github/workflows/add-codeowners.yml index ba9d31b..1e00c79 100644 --- a/.github/workflows/add-codeowners.yml +++ b/.github/workflows/add-codeowners.yml @@ -10,7 +10,7 @@ jobs: matrix: ${{ steps.set-matrix.outputs.matrix }} steps: - name: Checkout - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - id: set-matrix run: | provider=$(jq -rcM "{ provider: keys }" provider.json) @@ -26,18 +26,31 @@ jobs: max-parallel: 10 steps: - name: Checkout this repository - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 with: path: main - name: Checkout cdktf-provider-${{ matrix.provider }}-go Repository - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 with: repository: cdktf/cdktf-provider-${{ matrix.provider }}-go token: ${{ secrets.GH_COMMENT_TOKEN }} + fetch-depth: 0 path: provider - - uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410 - name: Copy codeowners file to provider repo + - name: Set git identity + run: |- + git config user.name "team-tf-cdk" + git config user.email "github-team-tf-cdk@hashicorp.com" + working-directory: ./provider + + - name: Delete old branches from previous runs + run: | + git branch -r | egrep -o "add-update-codeowners-file.*" | xargs -n 1 git push origin --delete + working-directory: ./provider + continue-on-error: true + + - name: Copy codeowners file to provider repo + uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410 # v6.4.1 with: script: | const {resolve} = require('path') @@ -45,12 +58,6 @@ jobs: const script = require(scriptPath) script() - - name: Set git identity - run: |- - git config user.name "team-tf-cdk" - git config user.email "github-team-tf-cdk@hashicorp.com" - working-directory: ./provider - - name: Check for changes id: git_diff run: | @@ -68,9 +75,11 @@ jobs: - if: steps.git_diff.outputs.has_changes name: "Create PR" - uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410 + uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410 # v6.4.1 with: github-token: ${{ secrets.GH_COMMENT_TOKEN }} + retries: 5 + retry-exempt-status-codes: 400,401,404 script: | const {resolve} = require('path') const scriptPath = resolve("./main/.github/lib/create-pr") diff --git a/.github/workflows/add-copyright-headers.yml b/.github/workflows/add-copyright-headers.yml index 289bb98..d6082fb 100644 --- a/.github/workflows/add-copyright-headers.yml +++ b/.github/workflows/add-copyright-headers.yml @@ -18,7 +18,7 @@ jobs: contents: write steps: - name: Checkout - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.3.0 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 with: ref: ${{ github.event.pull_request.head.ref }} repository: ${{ github.event.pull_request.head.repo.full_name }} diff --git a/.github/workflows/create-next-pr.yml b/.github/workflows/create-next-pr.yml index 9db535d..369464f 100644 --- a/.github/workflows/create-next-pr.yml +++ b/.github/workflows/create-next-pr.yml @@ -11,7 +11,7 @@ jobs: matrix: ${{ steps.set-matrix.outputs.matrix }} steps: - name: Checkout - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - id: set-matrix run: | provider=$(jq -rcM "{ provider: keys }" provider.json) @@ -29,6 +29,6 @@ jobs: max-parallel: 10 steps: - name: Trigger workflow - run: gh workflow run next-cdktf-version-pr -R hashicorp/cdktf-provider-${{ matrix.provider }} + run: gh workflow run next-cdktf-version-pr -R cdktf/cdktf-provider-${{ matrix.provider }} env: GH_TOKEN: ${{ secrets.GH_COMMENT_TOKEN }} diff --git a/.github/workflows/deploy-cdktf-stacks.yml b/.github/workflows/deploy-cdktf-stacks.yml index eb2f42d..da46992 100644 --- a/.github/workflows/deploy-cdktf-stacks.yml +++ b/.github/workflows/deploy-cdktf-stacks.yml @@ -22,7 +22,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - name: Setup Terraform uses: hashicorp/setup-terraform@633666f66e0061ca3b725c73b2ec20cd13a8fdd1 @@ -30,7 +30,7 @@ jobs: terraform_version: 1.0.7 cli_config_credentials_token: ${{ secrets.TF_CLOUD_TOKEN }} - - uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c + - uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3.6.0 with: node-version: "14" @@ -44,11 +44,11 @@ jobs: - name: Send failures to Slack if: ${{ failure() && !cancelled() }} - uses: slackapi/slack-github-action@e28cf165c92ffef168d23c5c9000cffc8a25e117 + uses: slackapi/slack-github-action@e28cf165c92ffef168d23c5c9000cffc8a25e117 # v1.24.0 with: payload: | { - "run_url": "https://github.com/hashicorp/terraform-ls/actions/runs/${{ github.run_id }}" + "run_url": "https://github.com/cdktf/cdktf-repository-manager/actions/runs/${{ github.run_id }}" } env: SLACK_WEBHOOK_URL: ${{ secrets.FAILURE_SLACK_WEBHOOK_URL }} diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 250b724..2694960 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -13,7 +13,7 @@ jobs: matrix: ${{ steps.set-matrix.outputs.matrix }} steps: - name: Checkout - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - id: set-matrix run: | stack=$(jq -rcM ".stacks | { stack: keys }" sharded-stacks.json) diff --git a/.github/workflows/diff-cdktf-stacks.yml b/.github/workflows/diff-cdktf-stacks.yml index a7e51af..59d554c 100644 --- a/.github/workflows/diff-cdktf-stacks.yml +++ b/.github/workflows/diff-cdktf-stacks.yml @@ -19,7 +19,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - name: Setup Terraform uses: hashicorp/setup-terraform@633666f66e0061ca3b725c73b2ec20cd13a8fdd1 @@ -27,7 +27,7 @@ jobs: terraform_version: 1.0.7 cli_config_credentials_token: ${{ secrets.TF_CLOUD_TOKEN }} - - uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c + - uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3.6.0 with: node-version: "14" @@ -44,7 +44,7 @@ jobs: terraform plan -no-color | tee ../../../plan_stdout_${{ matrix.stack }}.txt; echo $? set +o pipefail continue-on-error: true - - uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410 + - uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410 # v6.4.1 if: github.event_name == 'pull_request' with: github-token: ${{ secrets.GH_COMMENT_TOKEN }} diff --git a/.github/workflows/diff.yml b/.github/workflows/diff.yml index ae76534..0ed6c0f 100644 --- a/.github/workflows/diff.yml +++ b/.github/workflows/diff.yml @@ -9,7 +9,7 @@ jobs: matrix: ${{ steps.set-matrix.outputs.matrix }} steps: - name: Checkout - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - id: set-matrix run: | stack=$(jq -rcM ".stacks | { stack: keys }" sharded-stacks.json) diff --git a/.github/workflows/gh-action-upgrade.yml b/.github/workflows/gh-action-upgrade.yml index ce05b6d..decf07c 100644 --- a/.github/workflows/gh-action-upgrade.yml +++ b/.github/workflows/gh-action-upgrade.yml @@ -8,22 +8,22 @@ on: env: GH_TOKEN: ${{ secrets.GH_TOKEN_ACTIONS_UPDATER }} - PR_TITLE: "chore: update github workflow actions" + PR_TITLE: "chore(deps): update github workflow actions" jobs: update: runs-on: ubuntu-latest steps: - - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab + - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 with: token: ${{ secrets.GH_TOKEN_ACTIONS_UPDATER }} - name: Find and close older versions of this same PR run: | prlist=$(gh search prs --repo ${{ github.repository }} --state open --match title "$PR_TITLE" --json number --jq '.[].number') [ -n "$prlist" ] && gh pr close -d --comment "Closing this because I'm about to open a newer PR." ${prlist} + continue-on-error: true - name: Run GitHub Actions Version Updater - if: success() || failure() - uses: saadmk11/github-actions-version-updater@a7fd643bb3e9c1ef8f5c70bb5b645f5a2a9f395c + uses: saadmk11/github-actions-version-updater@a7fd643bb3e9c1ef8f5c70bb5b645f5a2a9f395c # TSCCR: no entry for repository "saadmk11/github-actions-version-updater" with: token: ${{ secrets.GH_TOKEN_ACTIONS_UPDATER }} committer_username: "team-tf-cdk" @@ -36,12 +36,13 @@ jobs: pin: runs-on: ubuntu-latest - if: success() || failure() needs: [update] steps: - name: Find and checkout the PR just created + id: find_pr run: | prnumber=$(gh search prs --repo ${{ github.repository }} --state open --match title "$PR_TITLE" --json number --jq '.[].number') + echo "pr=$prnumber" >> $GITHUB_OUTPUT gh pr checkout ${prnumber} - name: Setup TSCCR helper uses: hashicorp/setup-tsccr@v1 @@ -58,5 +59,8 @@ jobs: if: steps.get_changes.outputs.changed != 0 run: |- git add . - git commit -s -m "chore: pin all workflows based on HashiCorp TSCCR" + git commit -s -m "chore(deps): pin all workflows based on HashiCorp TSCCR" git push + - name: Add automerge label + run: | + gh pr edit ${{ steps.find_pr.outputs.pr }} --add-label "automerge" diff --git a/.github/workflows/lock.yml b/.github/workflows/lock.yml index 64be0e2..eed0b7c 100644 --- a/.github/workflows/lock.yml +++ b/.github/workflows/lock.yml @@ -12,7 +12,7 @@ jobs: lock: runs-on: ubuntu-latest steps: - - uses: dessant/lock-threads@c1b35aecc5cdb1a34539d14196df55838bb2f836 + - uses: dessant/lock-threads@be8aa5be94131386884a6da4189effda9b14aa21 # v4.0.1 with: issue-comment: > I'm going to lock this issue because it has been closed for at least 30 days. This helps our maintainers find and focus on the active issues. diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index 80aec8f..f1ddf18 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -11,7 +11,7 @@ jobs: stale: runs-on: ubuntu-latest steps: - - uses: actions/stale@1160a2240286f5da8ec72b1c0816ce2481aabf84 + - uses: actions/stale@1160a2240286f5da8ec72b1c0816ce2481aabf84 # v8.0.0 with: # For issues: post a "warning" message after 30 days, then close if another 30 days pass without a response. In another workflow, issues closed for 30 days will be locked. stale-issue-message: "Hi there! 👋 We haven't heard from you in 30 days and would like to know if the problem has been resolved or if you still need help. If we don't hear from you before then, I'll auto-close this issue in 30 days." diff --git a/.github/workflows/upgrade-repositories.yml b/.github/workflows/upgrade-repositories.yml index ea241bd..9f422f5 100644 --- a/.github/workflows/upgrade-repositories.yml +++ b/.github/workflows/upgrade-repositories.yml @@ -11,7 +11,7 @@ jobs: matrix: ${{ steps.set-matrix.outputs.matrix }} steps: - name: Checkout - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - id: set-matrix run: | provider=$(jq -rcM "{ provider: keys }" provider.json) @@ -29,17 +29,17 @@ jobs: max-parallel: 10 steps: - name: Checkout this repository - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 with: path: main - name: Checkout cdktf-provider-${{ matrix.provider }} Repository - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 with: repository: cdktf/cdktf-provider-${{ matrix.provider }} token: ${{ secrets.GH_COMMENT_TOKEN }} path: provider - - uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410 + - uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410 # v6.4.1 name: Create projen run commands file with: script: | @@ -74,7 +74,7 @@ jobs: - if: steps.git_diff.outputs.has_changes name: Detect breaking version changes id: diff_changes - uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410 + uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410 # v6.4.1 with: script: | const {resolve} = require('path') @@ -93,9 +93,11 @@ jobs: - if: steps.git_diff.outputs.has_changes name: "Create PR" - uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410 + uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410 # v6.4.1 with: github-token: ${{ secrets.GH_COMMENT_TOKEN }} + retries: 5 + retry-exempt-status-codes: 400,401,404 script: | const {resolve} = require('path') const scriptPath = resolve("./main/.github/lib/create-pr") @@ -109,12 +111,12 @@ jobs: - name: Send failures to Slack if: ${{ failure() && !cancelled() }} - uses: slackapi/slack-github-action@e28cf165c92ffef168d23c5c9000cffc8a25e117 + uses: slackapi/slack-github-action@e28cf165c92ffef168d23c5c9000cffc8a25e117 # v1.24.0 with: payload: | { "provider_name": "${{ matrix.provider }}", - "run_url": "https://github.com/hashicorp/cdktf-repository-manager/actions/runs/${{ github.run_id }}" + "run_url": "https://github.com/cdktf/cdktf-repository-manager/actions/runs/${{ github.run_id }}" } env: SLACK_WEBHOOK_URL: ${{ secrets.FAILURE_SLACK_WEBHOOK_URL }} diff --git a/assets/codeowners b/assets/codeowners deleted file mode 100644 index 8938e9d..0000000 --- a/assets/codeowners +++ /dev/null @@ -1,5 +0,0 @@ -# These owners will be the default owners for everything in -# the repo. Unless a later match takes precedence, -# they will be requested for review when someone opens a -# pull request. -* @cdktf/tf-cdk-team \ No newline at end of file