Skip to content

Sync Envoy

Sync Envoy #1

Workflow file for this run

name: Sync Envoy
permissions:
contents: read
on:
workflow_dispatch:
inputs:
commit_sha:
type: string
required: true
concurrency:
group: SYNC
jobs:
sync:
runs-on: ubuntu-22.04
if: |
${{
!contains(github.actor, '[bot]')
|| github.actor == 'sync-envoy[bot]'
}}
steps:
- id: appauth
uses: envoyproxy/toolshed/gh-actions/appauth@8a8f4f64d8bccc99427740197479c0a5353ca8de # actions-v0.0.18
with:
key: ${{ secrets.ENVOY_CI_UPDATE_BOT_KEY }}
app_id: ${{ secrets.ENVOY_CI_UPDATE_APP_ID }}
# Checkout the repo
- name: 'Checkout Repository (envoy-website)'
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
ref: main
token: ${{ steps.appauth.outputs.token }}
path: archive
- run: |
envoy_version="$(awk '/"envoy"/ { in_block=1 } in_block && /"version"/ { gsub(/[",]/, "", $2); print $2; in_block=0 }' archive/versions.bzl)"
echo "envoy_version=${envoy_version}" >> "$GITHUB_OUTPUT"
id: current
name: Get current Envoy version
# Checkout the Envoy repo
- name: 'Checkout Repository (envoy)'
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
repository: envoyproxy/envoy
ref: main
path: envoy
fetch-depth: 0
- run: |
if [[ "${{ inputs.commit_sha }}" == "${{ steps.current.outputs.envoy_version }}" ]]; then
echo "Envoy is already up-to-date (${{ inputs.commit_sha }})" >&2
exit 0
fi
if ! git merge-base --is-ancestor "${{ inputs.commit_sha }}" HEAD; then
echo "Provided Envoy sha (${{ inputs.commit_sha }}) is not an ancestor of main" >&2
exit 1
fi
git checkout "${{ inputs.commit_sha }}"
if ! git merge-base --is-ancestor "${{ steps.current.outputs.envoy_version }}" HEAD; then
echo "Provided Envoy sha (${{ inputs.commit_sha }}) is not newer than " \
"the current sha (${{ steps.current.outputs.envoy_version }})" >&2
exit 0
fi
echo "should_update=true" >> "$GITHUB_OUTPUT"
id: state
working-directory: envoy
name: Check provided Envoy version
- run: ./sync_envoy.sh
if: ${{ steps.state.outputs.should_update == 'true' }}
working-directory: archive
env:
ENVOY_SRC_DIR: ../envoy
COMMITTER_NAME: "update-envoy[bot]"
COMMITTER_EMAIL: "135279899+update-envoy[bot]@users.noreply.github.com"