From 98bcf7e37ca2128613275b28df0968893feee36d Mon Sep 17 00:00:00 2001
From: Adam Cmiel <acmiel@redhat.com>
Date: Thu, 25 Jul 2024 13:24:54 +0200
Subject: [PATCH] sync workflow: send PR instead of pushing to main

By pushing directly to main, build-definitions syncs would bypass CI
checks.

Not to mention the main branch is protected, so this workflow *can't*
push directly to main.

Signed-off-by: Adam Cmiel <acmiel@redhat.com>
---
 .github/workflows/build-definitions-sync.yaml | 36 +++++++++++++++++--
 1 file changed, 33 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/build-definitions-sync.yaml b/.github/workflows/build-definitions-sync.yaml
index 119e9ef..924707f 100644
--- a/.github/workflows/build-definitions-sync.yaml
+++ b/.github/workflows/build-definitions-sync.yaml
@@ -7,6 +7,7 @@ on:
 
 permissions:
   contents: write
+  pull-requests: write
 
 jobs:
   build-definitions-sync:
@@ -16,16 +17,22 @@ jobs:
         uses: actions/checkout@v4
         with:
           path: tssc-sample-pipelines
+          ref: main
+
       - name: Checkout build-definitions
         uses: actions/checkout@v4
         with:
           repository: redhat-appstudio/build-definitions
           path: build-definitions
+
       - name: Synchronize build-definitions
         run: |
           export BUILD_DEFINITIONS=$GITHUB_WORKSPACE/build-definitions
           $GITHUB_WORKSPACE/tssc-sample-pipelines/hack/import-build-definitions
-      - name: Commit changes
+
+      - name: Create a PR with the changes
+        env:
+          GH_TOKEN: ${{ github.token }}
         run: |
           cd $GITHUB_WORKSPACE/tssc-sample-pipelines/
 
@@ -33,11 +40,34 @@ jobs:
               echo 'No changes has been detected'
               exit 0
           fi
+
           echo "Updates detected"
+          update_branch=selfupdate/import-build-definitions
+
+          git checkout -b "$update_branch"
 
-          git diff
           git config --global user.name 'RHTAP bot'
           git config --global user.email 'rhtap-bot@noreply.rhtap.com'
           git add .
+
+          echo "Pushing to $update_branch"
           git commit -m "Sync build-definitions"
-          git push
+          git push -f --set-upstream origin "$update_branch"
+
+          cat <<- 'EOF' > /tmp/body.txt
+          Synchronize changes from https://github.com/konflux-ci/build-definitions
+
+          (Done using the `hack/import-build-definitions` script)
+          EOF
+
+          echo "Checking if PR exists for $update_branch"
+          pr_number=$(
+              gh pr list --base main --head "$update_branch" --json number --jq '.[].number'
+          )
+          if [[ -z "$pr_number" ]]; then
+              echo "Creating PR"
+              gh pr create --title "Sync build-definitions" --body-file /tmp/body.txt
+          else
+              echo "Found existing PR: #$pr_number"
+              gh pr edit "$pr_number" --title "Sync build-definitions" --body-file /tmp/body.txt
+          fi