name: operator-check-prepare-release-commit on: pull_request: paths: - 'operator/**' branches: - main jobs: check-commit: runs-on: ubuntu-latest permissions: contents: "read" id-token: "write" pull-requests: "write" if: | github.event.pull_request.head.ref == 'release-please--branches--main--components--operator' && contains(github.event.pull_request.title, 'chore( operator): community release') steps: - name: Retrieve GitHub App Credentials from Vault id: get-secrets uses: grafana/shared-workflows/actions/get-vault-secrets@28361cdb22223e5f1e34358c86c20908e7248760 with: repo_secrets: | APP_ID=loki-gh-app:app-id PRIVATE_KEY=loki-gh-app:private-key - name: Generate GitHub App Token id: app-token uses: "actions/create-github-app-token@d72941d797fd3113feb6b93fd0dec494b13a2547" # v1 with: # Variables generated by the previous step get-secrets app-id: ${{ env.APP_ID }} private-key: ${{ env.PRIVATE_KEY }} owner: ${{ github.repository_owner }} - name: Extract release version id: pr_semver env: PR_TITLE: ${{ github.event.pull_request.title }} run: | SEMVER=$(echo "$PR_TITLE" | sed -n 's/^chore( operator): community release \([0-9]\+\.[0-9]\+\.[0-9]\+\)$/\1/p') echo "semver=$SEMVER" >> $GITHUB_OUTPUT - name: Checkout code uses: actions/checkout@v4 with: ref: main path: "release" persist-credentials: false - name: Check main commits for prepare release commit id: check_commit env: GH_TOKEN: "${{ steps.app-token.outputs.token }}" OUTPUTS_SEMVER: ${{ steps.pr_semver.outputs.semver }} working-directory: "release" run: | COMMIT=$(gh search commits "chore(operator): prepare community release v${OUTPUTS_SEMVER}") if [ -n "$COMMIT" ]; then echo "Prepare release commit found." else echo "No prepare release commit found for the release version $OUTPUTS_SEMVER" exit 1 fi