diff --git a/.github/repository-settings.md b/.github/repository-settings.md index 6c5b4ffe9070..267dad1c1b02 100644 --- a/.github/repository-settings.md +++ b/.github/repository-settings.md @@ -87,7 +87,7 @@ settings](https://github.com/open-telemetry/community/blob/main/docs/how-to-conf - Exclude: - `release/*` - `renovate/**/*` - - `opentelemetrybot/**/*` + - `otelbot/**/*` - `revert-*/**/*` (these are created when using the GitHub UI to revert a PR) - Restrict creations: CHECKED @@ -125,6 +125,8 @@ settings](https://github.com/open-telemetry/community/blob/main/docs/how-to-conf ### Organization secrets -- `OPENTELEMETRYBOT_GITHUB_TOKEN` -- `OTELBOT_CLIENT_ID` - `OTELBOT_PRIVATE_KEY` + +### Organization variables + +- `OTELBOT_APP_ID` diff --git a/.github/scripts/generate-release-contributors.sh b/.github/scripts/generate-release-contributors.sh index e5a9cc605b42..f684e84e65a4 100755 --- a/.github/scripts/generate-release-contributors.sh +++ b/.github/scripts/generate-release-contributors.sh @@ -85,4 +85,5 @@ echo "$contributors1" "$contributors2" \ | grep -v github-actions \ | grep -v renovate \ | grep -v opentelemetrybot \ + | grep -v otelbot \ | sed 's/^/@/' diff --git a/.github/scripts/use-cla-approved-bot.sh b/.github/scripts/use-cla-approved-bot.sh new file mode 100644 index 000000000000..149a13d9b930 --- /dev/null +++ b/.github/scripts/use-cla-approved-bot.sh @@ -0,0 +1,4 @@ +#!/bin/bash -e + +git config user.name otelbot +git config user.email 197425009+otelbot@users.noreply.github.com diff --git a/.github/scripts/use-cla-approved-github-bot.sh b/.github/scripts/use-cla-approved-github-bot.sh deleted file mode 100755 index a4c68b0e308e..000000000000 --- a/.github/scripts/use-cla-approved-github-bot.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/bash -e - -git config user.name opentelemetrybot -git config user.email 107717825+opentelemetrybot@users.noreply.github.com diff --git a/.github/workflows/auto-update-otel-sdk.yml b/.github/workflows/auto-update-otel-sdk.yml index b3e2640426c6..5e5b4308d11d 100644 --- a/.github/workflows/auto-update-otel-sdk.yml +++ b/.github/workflows/auto-update-otel-sdk.yml @@ -33,7 +33,7 @@ jobs: | sed 's/^v//') matches=$(gh pr list \ - --author opentelemetrybot \ + --author otelbot \ --state open \ --search "in:title \"Update the OpenTelemetry SDK version to $latest_version\"") if [ ! -z "$matches" ] @@ -62,9 +62,6 @@ jobs: VERSION: ${{ needs.check-versions.outputs.latest-version }} run: ./.github/scripts/update-sdk-version.sh $VERSION - - name: Use CLA approved github bot - run: .github/scripts/use-cla-approved-github-bot.sh - - name: Free disk space run: .github/scripts/gha-free-disk-space.sh @@ -84,16 +81,25 @@ jobs: if: failure() run: git checkout -- licenses + - name: Use CLA approved bot + run: .github/scripts/use-cla-approved-bot.sh + + - uses: actions/create-github-app-token@67e27a7eb7db372a1c61a7f9bdab8699e9ee57f7 # v1.11.3 + id: otelbot-token + with: + app-id: ${{ vars.OTELBOT_APP_ID }} + private-key: ${{ secrets.OTELBOT_PRIVATE_KEY }} + - name: Create pull request against main if: success() || failure() env: VERSION: ${{ needs.check-versions.outputs.latest-version }} # not using secrets.GITHUB_TOKEN since pull requests from that token do not run workflows - GH_TOKEN: ${{ secrets.OPENTELEMETRYBOT_GITHUB_TOKEN }} + GH_TOKEN: ${{ steps.otelbot-token.outputs.token }} run: | message="Update the OpenTelemetry SDK version to $VERSION" body="Update the OpenTelemetry SDK version to \`$VERSION\`." - branch="opentelemetrybot/update-opentelemetry-sdk-to-${VERSION}" + branch="otelbot/update-opentelemetry-sdk-to-${VERSION}" git checkout -b $branch git add -u diff --git a/.github/workflows/backport.yml b/.github/workflows/backport.yml index 88582a35bf05..e2f4507f4b1f 100644 --- a/.github/workflows/backport.yml +++ b/.github/workflows/backport.yml @@ -26,27 +26,25 @@ jobs: # history is needed to run git cherry-pick below fetch-depth: 0 + - name: Use CLA approved bot + run: .github/scripts/use-cla-approved-bot.sh + - uses: actions/create-github-app-token@67e27a7eb7db372a1c61a7f9bdab8699e9ee57f7 # v1.11.3 - id: app-token + id: otelbot-token with: app-id: ${{ vars.OTELBOT_APP_ID }} private-key: ${{ secrets.OTELBOT_PRIVATE_KEY }} - - name: Use CLA approved author - run: | - git config user.name otelbot - git config user.email 197425009+otelbot@users.noreply.github.com - - name: Create pull request env: NUMBER: ${{ github.event.inputs.number }} # not using secrets.GITHUB_TOKEN since pull requests from that token do not run workflows - GH_TOKEN: ${{ steps.app-token.outputs.token }} + GH_TOKEN: ${{ steps.otelbot-token.outputs.token }} run: | commit=$(gh pr view $NUMBER --json mergeCommit --jq .mergeCommit.oid) title=$(gh pr view $NUMBER --json title --jq .title) - branch="opentelemetrybot/backport-${NUMBER}-to-${GITHUB_REF_NAME//\//-}" + branch="otelbot/backport-${NUMBER}-to-${GITHUB_REF_NAME//\//-}" git checkout -b $branch git cherry-pick $commit diff --git a/.github/workflows/overhead-benchmark-daily.yml b/.github/workflows/overhead-benchmark-daily.yml index cc4233e89827..0a63bf21060c 100644 --- a/.github/workflows/overhead-benchmark-daily.yml +++ b/.github/workflows/overhead-benchmark-daily.yml @@ -49,10 +49,10 @@ jobs: cwd: "./gh-pages" branch: "gh-pages" message: "update test result data" - author_name: opentelemetrybot - author_email: 107717825+opentelemetrybot@users.noreply.github.com - committer_name: opentelemetrybot - committer_email: 107717825+opentelemetrybot@users.noreply.github.com + author_name: otelbot + author_email: 197425009+otelbot@users.noreply.github.com + committer_name: otelbot + committer_email: 197425009+otelbot@users.noreply.github.com workflow-notification: permissions: diff --git a/.github/workflows/prepare-patch-release.yml b/.github/workflows/prepare-patch-release.yml index 277618de28fd..5224fe6ad8c0 100644 --- a/.github/workflows/prepare-patch-release.yml +++ b/.github/workflows/prepare-patch-release.yml @@ -48,16 +48,22 @@ jobs: date=$(date "+%Y-%m-%d") sed -Ei "s/^## Unreleased$/## Version $VERSION ($date)/" CHANGELOG.md - - name: Use CLA approved github bot - run: .github/scripts/use-cla-approved-github-bot.sh + - name: Use CLA approved bot + run: .github/scripts/use-cla-approved-bot.sh + + - uses: actions/create-github-app-token@67e27a7eb7db372a1c61a7f9bdab8699e9ee57f7 # v1.11.3 + id: otelbot-token + with: + app-id: ${{ vars.OTELBOT_APP_ID }} + private-key: ${{ secrets.OTELBOT_PRIVATE_KEY }} - name: Create pull request env: # not using secrets.GITHUB_TOKEN since pull requests from that token do not run workflows - GH_TOKEN: ${{ secrets.OPENTELEMETRYBOT_GITHUB_TOKEN }} + GH_TOKEN: ${{ steps.otelbot-token.outputs.token }} run: | message="Prepare release $VERSION" - branch="opentelemetrybot/prepare-release-${VERSION}" + branch="otelbot/prepare-release-${VERSION}" git checkout -b $branch git commit -a -m "$message" diff --git a/.github/workflows/prepare-release-branch.yml b/.github/workflows/prepare-release-branch.yml index 59183e754624..1ce07dc3c7d1 100644 --- a/.github/workflows/prepare-release-branch.yml +++ b/.github/workflows/prepare-release-branch.yml @@ -60,16 +60,22 @@ jobs: date=$(date "+%Y-%m-%d") sed -Ei "s/^## Unreleased$/## Version $VERSION ($date)/" CHANGELOG.md - - name: Use CLA approved github bot - run: .github/scripts/use-cla-approved-github-bot.sh + - name: Use CLA approved bot + run: .github/scripts/use-cla-approved-bot.sh + + - uses: actions/create-github-app-token@67e27a7eb7db372a1c61a7f9bdab8699e9ee57f7 # v1.11.3 + id: otelbot-token + with: + app-id: ${{ vars.OTELBOT_APP_ID }} + private-key: ${{ secrets.OTELBOT_PRIVATE_KEY }} - name: Create pull request against the release branch env: # not using secrets.GITHUB_TOKEN since pull requests from that token do not run workflows - GH_TOKEN: ${{ secrets.OPENTELEMETRYBOT_GITHUB_TOKEN }} + GH_TOKEN: ${{ steps.otelbot-token.outputs.token }} run: | message="Prepare release $VERSION" - branch="opentelemetrybot/prepare-release-${VERSION}" + branch="otelbot/prepare-release-${VERSION}" git checkout -b $branch git commit -a -m "$message" @@ -111,17 +117,23 @@ jobs: date=$(date "+%Y-%m-%d") sed -Ei "s/^## Unreleased$/## Unreleased\n\n## Version $VERSION ($date)/" CHANGELOG.md - - name: Use CLA approved github bot - run: .github/scripts/use-cla-approved-github-bot.sh + - name: Use CLA approved bot + run: .github/scripts/use-cla-approved-bot.sh + + - uses: actions/create-github-app-token@67e27a7eb7db372a1c61a7f9bdab8699e9ee57f7 # v1.11.3 + id: otelbot-token + with: + app-id: ${{ vars.OTELBOT_APP_ID }} + private-key: ${{ secrets.OTELBOT_PRIVATE_KEY }} - name: Create pull request against main env: # not using secrets.GITHUB_TOKEN since pull requests from that token do not run workflows - GH_TOKEN: ${{ secrets.OPENTELEMETRYBOT_GITHUB_TOKEN }} + GH_TOKEN: ${{ steps.otelbot-token.outputs.token }} run: | message="Update version to $NEXT_VERSION" body="Update version to \`$NEXT_VERSION\`." - branch="opentelemetrybot/update-version-to-${NEXT_VERSION}" + branch="otelbot/update-version-to-${NEXT_VERSION}" git checkout -b $branch git commit -a -m "$message" diff --git a/.github/workflows/release-update-cloudfoundry-index.yml b/.github/workflows/release-update-cloudfoundry-index.yml index ba8b5d367e53..3b315846713d 100644 --- a/.github/workflows/release-update-cloudfoundry-index.yml +++ b/.github/workflows/release-update-cloudfoundry-index.yml @@ -19,15 +19,12 @@ jobs: steps: - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - - name: Use CLA approved github bot - run: .github/scripts/use-cla-approved-github-bot.sh - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: ref: 'cloudfoundry' - name: create working branch - run: git checkout -b opentelemetrybot/cloudfoundry-${{ github.run_number }}-${{ github.run_attempt }} + run: git checkout -b otelbot/cloudfoundry-${{ github.run_number }}-${{ github.run_attempt }} - name: install xq (which is part of yq) run: | @@ -42,7 +39,19 @@ jobs: - name: display changes run: git diff + - name: Use CLA approved bot + run: .github/scripts/use-cla-approved-bot.sh + + - uses: actions/create-github-app-token@67e27a7eb7db372a1c61a7f9bdab8699e9ee57f7 # v1.11.3 + id: otelbot-token + with: + app-id: ${{ vars.OTELBOT_APP_ID }} + private-key: ${{ secrets.OTELBOT_PRIVATE_KEY }} + - name: create pr with repo changes + env: + # not using secrets.GITHUB_TOKEN since pull requests from that token do not run workflows + GH_TOKEN: ${{ steps.otelbot-token.outputs.token }} run: | git add index.yml if git diff-index --quiet --cached HEAD ; then @@ -50,11 +59,8 @@ jobs: exit 0 fi git commit -m "Updated index.yml" - git push --set-upstream origin opentelemetrybot/cloudfoundry-${{ github.run_number }}-${{ github.run_attempt }} + git push --set-upstream origin otelbot/cloudfoundry-${{ github.run_number }}-${{ github.run_attempt }} gh pr create --base cloudfoundry \ - --head opentelemetrybot/cloudfoundry-${{ github.run_number }}-${{ github.run_attempt }} \ + --head otelbot/cloudfoundry-${{ github.run_number }}-${{ github.run_attempt }} \ --title 'Release updates for Cloudfoundry Repo' \ --body '[Created by Github action]' - env: - # not using secrets.GITHUB_TOKEN since pull requests from that token do not run workflows - GITHUB_TOKEN: ${{ secrets.OPENTELEMETRYBOT_GITHUB_TOKEN }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 9901e938f5df..0408fdc3e3eb 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -215,14 +215,20 @@ jobs: release_date=$(gh release view v$VERSION --json publishedAt --jq .publishedAt | sed 's/T.*//') RELEASE_DATE=$release_date .github/scripts/merge-change-log-after-release.sh - - name: Use CLA approved github bot - run: .github/scripts/use-cla-approved-github-bot.sh + - name: Use CLA approved bot + run: .github/scripts/use-cla-approved-bot.sh + + - uses: actions/create-github-app-token@67e27a7eb7db372a1c61a7f9bdab8699e9ee57f7 # v1.11.3 + id: otelbot-token + with: + app-id: ${{ vars.OTELBOT_APP_ID }} + private-key: ${{ secrets.OTELBOT_PRIVATE_KEY }} - name: Create pull request against main env: VERSION: ${{ needs.release.outputs.version }} # not using secrets.GITHUB_TOKEN since pull requests from that token do not run workflows - GH_TOKEN: ${{ secrets.OPENTELEMETRYBOT_GITHUB_TOKEN }} + GH_TOKEN: ${{ steps.otelbot-token.outputs.token }} run: | if git diff --quiet; then if [[ $VERSION == *.0 ]]; then @@ -236,7 +242,7 @@ jobs: message="Merge change log updates from $GITHUB_REF_NAME" body="Merge change log updates from \`$GITHUB_REF_NAME\`." - branch="opentelemetrybot/merge-change-log-updates-from-${GITHUB_REF_NAME//\//-}" + branch="otelbot/merge-change-log-updates-from-${GITHUB_REF_NAME//\//-}" git checkout -b $branch git commit -a -m "$message" @@ -254,9 +260,6 @@ jobs: with: ref: main - - name: Use CLA approved github bot - run: .github/scripts/use-cla-approved-github-bot.sh - - name: Wait for release to be available in maven central env: VERSION: ${{ needs.release.outputs.version }} @@ -279,15 +282,24 @@ jobs: ./gradlew japicmp -PapiBaseVersion=$PRIOR_VERSION -PapiNewVersion=$VERSION ./gradlew --refresh-dependencies japicmp + - name: Use CLA approved bot + run: .github/scripts/use-cla-approved-bot.sh + + - uses: actions/create-github-app-token@67e27a7eb7db372a1c61a7f9bdab8699e9ee57f7 # v1.11.3 + id: otelbot-token + with: + app-id: ${{ vars.OTELBOT_APP_ID }} + private-key: ${{ secrets.OTELBOT_PRIVATE_KEY }} + - name: Create pull request against main env: VERSION: ${{ needs.release.outputs.version }} # not using secrets.GITHUB_TOKEN since pull requests from that token do not run workflows - GH_TOKEN: ${{ secrets.OPENTELEMETRYBOT_GITHUB_TOKEN }} + GH_TOKEN: ${{ steps.otelbot-token.outputs.token }} run: | message="Update apidiff baseline to released version $VERSION" body="Update apidiff baseline to released version \`$version\`." - branch="opentelemetrybot/update-apidiff-baseline-to-released-version-${VERSION}" + branch="otelbot/update-apidiff-baseline-to-released-version-${VERSION}" git checkout -b $branch git add docs/apidiffs diff --git a/RELEASING.md b/RELEASING.md index 8f04c8218977..832ff76b43ca 100644 --- a/RELEASING.md +++ b/RELEASING.md @@ -49,7 +49,7 @@ and deadlocks. - Review and merge the backport pull request that it generates. - Note: if the PR contains any changes to workflow files, it will have to be manually backported, because the default `GITHUB_TOKEN` does not have permission to update workflow files (and the - `opentelemetrybot` token doesn't have write permission to this repository at all, so while it + `otelbot` token doesn't have write permission to this repository at all, so while it can be used to open a PR, it can't be used to push to a local branch). - Merge a pull request to the release branch updating the `CHANGELOG.md`. - The heading for the unreleased entries should be `## Unreleased`.