feat: add reusable workflow for autofilling an issue when there's a n…

…ew TUF version (theupdateframework#224) * feat: add workflow for notifying when there's a new TUF specification Signed-off-by: Radoslav Dimitrov <[email protected]> * chore: add a link to compare what's new between the two versions Signed-off-by: Radoslav Dimitrov <[email protected]> * docs: add description and how-to-use example for the specification check workflow Signed-off-by: Radoslav Dimitrov <[email protected]> * docs: include the reusable workflow for specification updates in the readme Signed-off-by: Radoslav Dimitrov <[email protected]> * docs: use relative path for referencing the workflow Signed-off-by: Radoslav Dimitrov <[email protected]> * chore: Apply suggestions by lukpueh from code review Co-authored-by: Lukas Pühringer <[email protected]> Co-authored-by: Lukas Pühringer <[email protected]>
fridex · May 27, 2022 · 0ec72e4 · 0ec72e4
1 parent 7f356e4
commit 0ec72e4
Show file tree

Hide file tree

Showing 2 changed files with 91 additions and 0 deletions.
diff --git a/.github/workflows/check-latest-spec-version.yml b/.github/workflows/check-latest-spec-version.yml
@@ -0,0 +1,82 @@
+# Description:
+# This is a reusable workflow that can be used by projects to keep track of
+# new TUF specification releases. It automatically opens an issue to notify
+# the project in case the released version is different from what the project
+# states it supports.
+#
+# Usage:
+# The following is an example of how to use the workflow.
+#
+# Create a yml file inside the project's ".github/workflows/" directory with the following content:
+# on:
+#   schedule:
+#     - cron: "0 13 * * *"
+#   workflow_dispatch:
+# name: Specification version check
+# jobs:
+#   # Get the latest TUF specification release and open an issue (if needed)
+#   specification-bump-check:
+#     permissions:
+#       contents: read
+#       issues: write
+#     uses: theupdateframework/specification/.github/workflows/check-latest-spec-version.yml@master
+#     with:
+#       tuf-version: "v1.0.29" # Should be updated to the version the project supports either manually or extracted automatically. You can see how python-tuf did that as an example.
+#
+on:
+  workflow_call:
+    inputs:
+      tuf-version:
+        required: true
+        type: string
+name: Get the latest TUF specification release and open an issue (if needed)
+jobs:
+  check-spec-version:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      issues: write
+    steps:
+      - uses: actions/github-script@9ac08808f993958e9de277fe43a64532a609130e
+        with:
+          script: |
+            const release = await github.rest.repos.getLatestRelease({
+              owner: "theupdateframework",
+              repo: "specification"
+            });
+            const latest_version = release.data.tag_name
+            const supported_version = "${{ inputs.tuf-version }}"
+            const repo = context.repo.owner + "/" + context.repo.repo
+            if (latest_version != supported_version) {
+              console.log(
+                "The latest TUF specification version (" + latest_version + ") does not match with the version that " + repo + " supports (" +
+                  supported_version + ")"
+              )
+              const issues = await github.rest.search.issuesAndPullRequests({
+                q: "TUF+specification+has+a+new+version+in:title+state:open+type:issue+repo:" + repo,
+              })
+              if (issues.data.total_count > 0) {
+                console.log("There's already an open issue for that, therefore not creating.")
+              } else {
+                await github.rest.issues.create({
+                  owner: context.repo.owner,
+                  repo: context.repo.repo,
+                  title: "TUF specification has a new version - " + latest_version,
+                  body: "Hey, it seems there's a newer version of the TUF specification - [" + latest_version +
+                        "](https://github.com/theupdateframework/specification/blob/" + latest_version + "/tuf-spec.md)" +
+                        "\n\n" +
+                        "The version which [" + repo + "](https://github.com/" + repo + ") states it supports is - [" + supported_version +
+                        "](https://github.com/theupdateframework/specification/blob/" + supported_version + "/tuf-spec.md)" +
+                        "\n\n" +
+                        "The following is a comparison of what changed between the two versions - [Compare " + supported_version + " to " + latest_version +"](https://github.com/theupdateframework/specification/compare/" + supported_version + "..." + latest_version + ")" +
+                        "\n\n" +
+                        "Please review the newer version and address the changes."
+                })
+                console.log("New issue created.")
+              }
+            } else {
+              console.log(
+                "The latest TUF specification version (" + latest_version + ") matches with the version that " + repo + " supports (" +
+                  supported_version + ")"
+              )
+            }
diff --git a/README.rst b/README.rst
@@ -60,7 +60,16 @@ The TUF specification uses `Semantic Versioning 2.0.0 <https://semver.org/>`_
   number.
 - Merges with 'master' must be followed by a rebase of 'draft' onto 'master'.
 
+Keep track of new TUF releases
+------------------------------
 
+There's a reusable workflow that can be used by projects to keep track of
+new TUF specification releases. It automatically opens an issue to notify
+the project in case the released version is different from what the project
+states it supports.
+
+The workflow, along with an example of how to use it, can be found at - `.github/workflows/check-latest-spec-version.yml
+</.github/workflows/check-latest-spec-version.yml>`_.
 
 Acknowledgements
 ----------------