Automating GitHub to Adobe Git Repo Sync with GitHub Actions

In modern software development, automating workflows is crucial for maintaining efficiency and reducing manual tasks. At Constellar, we are using Adobe Experience Manager (AEM) and storing our repositories on Adobe Git. As we transition to GitHub, we need a reliable solution to synchronize code between Adobe Git and GitHub. One of our solutions is to use GitHub Actions to automate this synchronization process. The provided script enables seamless synchronization whenever a pull request is merged into specified branches or when manually triggered. Let’s dive into the details of this automation script and how it can benefit your development workflow.

Overview of the Workflow Configuration

The script is defined in a YAML file which specifies the conditions under which the workflow runs, the jobs it performs, and the steps within those jobs. Here’s a breakdown of the key components:

Triggers

The workflow is set to trigger under two conditions:

1. When a pull request is closed on the main or develop branches.
2. Manually via the workflow_dispatch event.

on:
  pull_request:
    types: [closed]
    branches:
      - main
      - develop
  workflow_dispatch: # This config is to enables manual triggering of the workflow

Job: push-to-adobe

The job named push-to-adobe runs on the latest Ubuntu environment (ubuntu-latest). It includes a conditional statement to ensure it runs only when a pull request is merged or the workflow is manually triggered.

jobs:
  push-to-adobe:
    runs-on: ubuntu-latest
    if: >
      github.event_name == 'pull_request' && 
      github.event.pull_request.merged == true || 
      github.event_name == 'workflow_dispatch'

Steps within the Job

1. Checkout the GitHub Repository

This step uses the actions/checkout@v4 action to checkout the repository, with a fetch-depth of 0 to ensure the full history is fetched.

steps:
      - name: Checkout GitHub repo
        uses: actions/checkout@v4
        with:
          fetch-depth: 0

2. Setup Git Configuration

Configures Git with a username and email, pulled from GitHub secrets for security.

- name: Setup git configuration
        env:
          GIT_USERNAME: ${{ secrets.GIT_USERNAME }}
          GIT_EMAIL: ${{ secrets.GIT_EMAIL }}
        run: |
          git config user.name "$GIT_USERNAME"
          git config user.email "$GIT_EMAIL"

3. Restricted Branches (optional)

Ensures the workflow does not run on restricted branches like production to minimise mistake to the branches that we decided to use as archive branch.

- name: Checking restricted branches
        env:
          GITHUB_REF: ${{ github.ref }}
        run: |
          RESTRICTED_BRANCHES=("production" "production-gitlab" "production-backup" "dev-gitlab")
          CURRENT_BRANCH=$(echo $GITHUB_REF | sed 's/refs\/heads\///g')

          for branch in "${RESTRICTED_BRANCHES[@]}"; do
            if [[ "$CURRENT_BRANCH" == "$branch" ]]; then
              echo "You are not allowed to run this workflow on the $CURRENT_BRANCH branch."
              exit 1
            fi
          done

4. Push to Adobe Git Repository

Adds the Adobe Git repository as a remote, then attempts to push changes with a retry mechanism to handle potential failures.

- name: Push to Adobe Git Repo
        env:
          GIT_USERNAME: ${{ secrets.GIT_USERNAME }}
          GIT_TOKEN: ${{ secrets.GIT_TOKEN }}
          TARGET_GIT_REPO_URL: ${{ vars.GIT_REPO_URL }}
          MAX_RETRY_ATTEMPTS: ${{ vars.MAX_RETRY_ATTEMPTS }}
        run: |
          retry() {
            local -r -i max_attempts="$1"; shift
            local -r cmd="$@"
            local -i attempt_num=1

            until $cmd
            do
              if ((attempt_num == max_attempts))
              then
                  echo "Attempt $attempt_num failed. Not retrying anymore."
                  exit 1
              fi

              echo "Attempt $attempt_num failed. Retrying in $attempt_num seconds..."
              sleep $((attempt_num++))
            done
          }
          # Extract branch name from the ref
          BRANCH_NAME=${GITHUB_REF#refs/heads/}
          git remote add adobe https://$GIT_USERNAME:$GIT_TOKEN@$ADOBE_GIT_REPO_URL
          retry $MAX_RETRY_ATTEMPTS git push --tags --force --prune adobe HEAD:$BRANCH_NAME

Conclusion

By leveraging GitHub Actions, this script automates the process of syncing code from a GitHub repository to an Adobe Git repository. This not only saves time but also ensures consistency and reliability in your code deployment processes. The conditional triggers, security measures with GitHub secrets, and retry logic enhance the robustness of the workflow, making it a valuable tool for development teams.