dependabot[bot]
4b416f89bf
* Chore(deps): Bump actions/checkout from 4 to 5 Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 5. - [Release notes](https://github.com/actions/checkout/releases) - [Commits](https://github.com/actions/checkout/compare/v4...v5) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * remove incorrect comments --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Ashley Harrison <ashley.harrison@grafana.com>
64 lines
2.2 KiB
YAML
64 lines
2.2 KiB
YAML
name: "Ephemeral instances"
|
|
|
|
on:
|
|
issue_comment:
|
|
types: [created]
|
|
pull_request:
|
|
types: [closed]
|
|
|
|
permissions: {}
|
|
|
|
jobs:
|
|
handle-ephemeral-instances:
|
|
if: ${{ github.repository_owner == 'grafana' && ((github.event.issue.pull_request && startsWith(github.event.comment.body, '/deploy-to-hg')) || github.event.action == 'closed') }}
|
|
runs-on:
|
|
labels: ubuntu-x64-xlarge
|
|
continue-on-error: true
|
|
permissions:
|
|
# For commenting.
|
|
pull-requests: write
|
|
# No contents permission is needed because we will impersonate an app to create the PR instead.
|
|
id-token: write # required for vault access
|
|
|
|
steps:
|
|
- name: Get vault secrets
|
|
id: vault-secrets
|
|
uses: grafana/shared-workflows/actions/get-vault-secrets@main
|
|
with:
|
|
# Secrets placed in ci/repo/grafana/grafana/
|
|
repo_secrets: |
|
|
APP_ID=ephemeral-instances-bot:app-id
|
|
APP_PEM=ephemeral-instances-bot:app-private-key
|
|
GCOM_HOST=ephemeral-instances-bot:gcom-host
|
|
GCOM_TOKEN=ephemeral-instances-bot:gcom-token
|
|
REGISTRY=ephemeral-instances-bot:registry
|
|
GCP_SA_ACCOUNT_KEY_BASE64=ephemeral-instances-bot:sa-key
|
|
|
|
- name: Generate a GitHub app installation token
|
|
id: generate_token
|
|
uses: tibdex/github-app-token@b62528385c34dbc9f38e5f4225ac829252d1ea92 # v1.8.0
|
|
with:
|
|
app_id: ${{ env.APP_ID }}
|
|
private_key: ${{ env.APP_PEM }}
|
|
|
|
- name: Checkout ephemeral instances repository
|
|
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8
|
|
with:
|
|
repository: grafana/ephemeral-grafana-instances-github-action
|
|
token: ${{ steps.generate_token.outputs.token }}
|
|
ref: main
|
|
path: ephemeral
|
|
persist-credentials: false
|
|
|
|
- name: build and deploy ephemeral instance
|
|
uses: ./ephemeral
|
|
with:
|
|
github-token: ${{ steps.generate_token.outputs.token }}
|
|
gcom-host: ${{ env.GCOM_HOST }}
|
|
gcom-token: ${{ env.GCOM_TOKEN }}
|
|
registry: "${{ env.REGISTRY }}"
|
|
gcp-service-account-key: ${{ env.GCP_SA_ACCOUNT_KEY_BASE64 }}
|
|
ephemeral-org-id: ephemeral
|
|
oss-or-enterprise: oss
|
|
verbose: true
|