Trunk Upgrade #12
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Trunk Upgrade | |
| on: | |
| schedule: | |
| # On the first day of every month @ 8am | |
| - cron: 0 8 1 * * | |
| workflow_dispatch: {} | |
| permissions: read-all | |
| jobs: | |
| trunk-upgrade: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| # For trunk to create PRs | |
| contents: write | |
| pull-requests: write | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| - name: Create Token for MasterpointBot App | |
| uses: tibdex/github-app-token@3beb63f4bd073e61482598c45c71c1019b59b73a #v2.1.0 | |
| id: generate-token | |
| with: | |
| app_id: ${{ secrets.MP_BOT_APP_ID }} | |
| private_key: ${{ secrets.MP_BOT_APP_PRIVATE_KEY }} | |
| - name: Upgrade | |
| id: trunk-upgrade | |
| uses: trunk-io/trunk-action/upgrade@4d5ecc89b2691705fd08c747c78652d2fc806a94 # v1.1.19 | |
| with: | |
| github-token: ${{ steps.generate-token.outputs.token }} | |
| reviewers: "@masterpointio/masterpoint-internal" | |
| prefix: "chore: " | |
| - name: Wait for checks to pass + Merge PR | |
| if: steps.trunk-upgrade.outputs.pull-request-number != '' | |
| env: | |
| GH_TOKEN: ${{ secrets.MASTERPOINT_TEAM_PAT }} | |
| PR_NUMBER: ${{ steps.trunk-upgrade.outputs.pull-request-number }} | |
| run: | | |
| echo "Waiting for required status checks to pass on PR #$PR_NUMBER..." | |
| while true; do | |
| CHECKS_JSON=$(gh pr checks "$PR_NUMBER" --required --json state,bucket) | |
| echo "Current checks status: $CHECKS_JSON" | |
| if echo "$CHECKS_JSON" | jq -e '.[] | select(.bucket=="fail")' > /dev/null; then | |
| echo "One or more required checks have failed. Exiting..." | |
| exit 1 | |
| fi | |
| FAILED_OR_PENDING_CHECKS=$(echo "$CHECKS_JSON" | jq '[.[] | select(.state!="SUCCESS" or .bucket!="pass")] | length') | |
| if [ "$FAILED_OR_PENDING_CHECKS" -eq 0 ]; then | |
| echo "All required checks passed. Auto-approving and merging PR https://github.com/${{ github.repository }}/pull/$PR_NUMBER..." | |
| # Auto-approve the PR | |
| gh pr review "$PR_NUMBER" --approve --body "Auto-approved by trunk upgrade workflow" | |
| # Merge the PR | |
| gh pr merge "$PR_NUMBER" --squash --delete-branch --admin | |
| break | |
| else | |
| echo "Some required checks are still running or pending. Retrying in 30s..." | |
| sleep 30 | |
| fi | |
| done |