Skip to content

feat(nns): Support upgrading root canister through install_code (#396) #1

feat(nns): Support upgrading root canister through install_code (#396)

feat(nns): Support upgrading root canister through install_code (#396) #1

# This workfow makes sure the gitlab-mirror branch is always in sync with the master branch
name: GitLab Sync Branches
on:
push:
branches:
- master
workflow_dispatch:
jobs:
sync-branches:
runs-on: ubuntu-latest
if: ${{ vars.RUN_SYNC == 'true' }}
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
token: ${{ secrets.IDX_PUSH_TO_PR }}
- name: Setup Git User
run: |
git config user.name "GitHub Actions Bot"
git config user.email "[email protected]"
# Normally this would fail, as branch protection rules only allow merging via a PR
# But we gave sa-github-api a custom role that allows bypassing branch rules and use its PAT for this job
- name: Update mirroring branch
shell: bash
run: |
set -eu
# fetch the list of workflows running on the 'mirroring' branch
RESPONSE=$(curl -s -H "Authorization: token $TOKEN" \
"https://api.github.com/repos/${REPO}/actions/runs?status=in_progress")
# extract workflow runs and check if any head_branch starts with "gh-readonly-queue/"
COUNT=$(echo "$RESPONSE" | jq '[.workflow_runs[] | select(.head_branch | startswith("gh-readonly-queue/"))] | length')
echo "Number of workflows in merge queue: $COUNT"
IS_WORKFLOW_DISPATCH=${{ github.event_name == 'workflow_dispatch' }}
if [ "$COUNT" -eq 0 ] || [ "$IS_WORKFLOW_DISPATCH" == "true" ]; then
git fetch origin master mirroring
git checkout -B mirroring
git rebase --onto origin/master origin/mirroring
git push origin mirroring --force-with-lease
else
echo "Workflows in merge queue detected. Skipping sync to 'mirroring' branch!"
fi
env:
REPO: ${{ github.repository }}
TOKEN: ${{ secrets.IDX_PUSH_TO_PR }}