From 66f1b0fda160854cd17849b887b12bbb01651acd Mon Sep 17 00:00:00 2001 From: William Desportes Date: Thu, 27 Jul 2023 09:45:06 +0200 Subject: [PATCH] Add sudo-bot --- .github/sudo-bot-template.js | 53 +++++++++++++++++++++++++++++++ .github/workflows/build-lists.yml | 25 +++++++++++++++ 2 files changed, 78 insertions(+) create mode 100644 .github/sudo-bot-template.js diff --git a/.github/sudo-bot-template.js b/.github/sudo-bot-template.js new file mode 100644 index 0000000..dea9522 --- /dev/null +++ b/.github/sudo-bot-template.js @@ -0,0 +1,53 @@ +'use strict'; + +/** + * @param {string[]} modifiedFiles The modified files + * @returns {string} The commit message + */ +const commitMessage = function (modifiedFiles) { + return 'update: 🤖 Some updates 🤖'; +}; + +/** + * @param {string[]} modifiedFiles The modified files + * @returns {string} The pr message + */ +const prMessage = function (modifiedFiles) { + return '🤖 Some updates to review 🤖'; +}; + +/** + * @param {string[]} modifiedFiles The modified files + * @returns {string} The pr content + */ +const prContent = function (modifiedFiles) { + let message = + 'Dear human 🌻🐓🦃🦎🦙🐂🐏🐐🐎🦉, after running my task the following file' + + (modifiedFiles.length > 1 ? 's where updated:' : ' was updated:') + + '\n'; + message += modifiedFiles + .map((file) => { + let emoji = '👽'; + if (file.match(/.(txt)$/g)) { + emoji = '📦'; + } + return '- `' + file + '` ' + emoji + '\n'; + }) + .join(''); + return message; +}; + +/** + * @param {string[]} modifiedFiles The modified files + * @returns {string} The pr branch + */ +const prBranch = function (modifiedFiles) { + return 'refs/heads/update/' + new Date().getTime(); +}; + +module.exports = { + commitMessage: commitMessage, + prMessage: prMessage, + prContent: prContent, + prBranch: prBranch, +}; diff --git a/.github/workflows/build-lists.yml b/.github/workflows/build-lists.yml index e65dfd1..5569161 100644 --- a/.github/workflows/build-lists.yml +++ b/.github/workflows/build-lists.yml @@ -12,6 +12,8 @@ on: jobs: build-stretchoid: + environment: + name: sudo-bot runs-on: ubuntu-latest steps: - name: Checkout @@ -23,6 +25,29 @@ jobs: git add -A echo '### Diff' >> $GITHUB_STEP_SUMMARY printf '### Diff\n```diff\n%s\n```\n' "$(git diff --staged)" >> $GITHUB_STEP_SUMMARY + - name: Extract secrets + run: | + printf '%s' "${{ secrets.GH_APP_JWT_PRIV_PEM_CONTENTS }}" > ${HOME}/.secret_jwt.pem + printf '%s' "${{ secrets.GPG_PRIVATE_KEY }}" > ${HOME}/.private-key.asc + - name: Run sudo-bot + run: | + sudo-bot --verbose \ + --jwt-file="${HOME}/.secret_jwt.pem" \ + --gh-app-id='17453' \ + --installation-id="${{ secrets.INSTALLATION_ID }}" \ + --repository-slug='datacenters-network/security' \ + --target-branch='main' \ + --assign='williamdes' \ + --commit-author-email='sudo-bot@wdes.fr' \ + --commit-author-name='Sudo Bot' \ + --gpg-private-key-file="${HOME}/.private-key.asc" \ + --template="./.github/sudo-bot-template.js" \ + --gpg-private-key-passphrase="${{ secrets.GPG_PASSPHRASE }}" + - name: Purge secrets + if: always() + run: | + rm -v ${HOME}/.secret_jwt.pem + rm -v ${HOME}/.private-key.asc build-aws-cloudfront: runs-on: ubuntu-latest