-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Update the workflows so they utilize the reusable workflows which have been refactored to work better in multiple scenarios.
- Loading branch information
1 parent
ca1d509
commit efd2f5a
Showing
2 changed files
with
20 additions
and
90 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,62 +1,24 @@ | ||
name: Auto update readme for code changes | ||
name: Review PR | ||
on: | ||
# This workflow uses the pull_request trigger which prevents write permissions and secrets | ||
# access to the target repository from public forks. This should remain as a pull_request | ||
# trigger because checkout, build, format and checking for changes do not need elevated | ||
# permissions to the repository. The reduced permissions for public forks is adequate. | ||
# Since this will commit readme/recompile changes back to the branch, special attention | ||
# should be paid to changes made to this workflow when reviewing the PR and granting | ||
# permission to first time contributors to run the workflow. | ||
# This workflow uses the pull_request trigger which prevents write permissions on the | ||
# GH_TOKEN and secrets access from public forks. This should remain as a pull_request | ||
# trigger to protect org-level secrets which are utilized when the workflow automatically | ||
# updates the readme with the latest version changes in branches. The reduced permissions | ||
# for public forks is adequate but does mean re-compiles and readme changes will have to | ||
# be made manually when the PR comes from a fork. | ||
pull_request: | ||
# Don't include any specific paths here so we always get a build that produces a status | ||
# check that our Branch Protection Rules can use. Having a status check also allows us | ||
# to require that branches be up to date before they are merged. | ||
|
||
jobs: | ||
update-readme: | ||
runs-on: ubuntu-latest | ||
|
||
steps: | ||
- name: Checkout | ||
uses: actions/checkout@v3 | ||
with: | ||
ref: ${{ github.head_ref }} | ||
fetch-depth: 0 | ||
|
||
- name: Check for code changes to the action | ||
id: action-code | ||
uses: im-open/did-custom-action-code-change@v1.0.1 | ||
with: | ||
files-with-code: 'action.yml' # TODO: Verify this comma separated list contains each of the files that contains code the action uses | ||
folders-with-code: '' # TODO: Add a comma separated list of folders that contain code the action uses | ||
token: ${{ secrets.GITHUB_TOKEN }} | ||
|
||
- name: Get the next version for the readme if there are code changes to the action | ||
if: steps.action-code.outputs.HAS_CHANGES == 'true' | ||
id: version | ||
uses: im-open/git-version-lite@v2.1.2 | ||
with: | ||
create-ref: false | ||
default-release-type: major | ||
|
||
- name: Update readme with next version if there are code changes to the action | ||
if: steps.action-code.outputs.HAS_CHANGES == 'true' | ||
uses: im-open/update-action-version-in-file@v1.0.0 | ||
with: | ||
file-to-update: './README.md' | ||
action-name: ${{ github.repository }} | ||
updated-version: ${{ steps.version.outputs.NEXT_VERSION }} | ||
|
||
- name: Commit unstaged readme changes if there are code changes to the action | ||
if: steps.action-code.outputs.HAS_CHANGES == 'true' | ||
run: | | ||
if [[ "$(git status --porcelain)" != "" ]]; then | ||
echo "There are changes to commit" | ||
git config user.name github-actions | ||
git config user.email github-actions@github.com | ||
git add . | ||
git commit -m "Update readme with next version." | ||
git push origin HEAD:${{ github.head_ref }} | ||
else | ||
echo "There were no changes to commit" | ||
fi | ||
ci: | ||
uses: im-open/.github/.github/workflows/reusable-javascript-build.yml@v1 | ||
with: | ||
action-name: ${{ github.repository }} | ||
default-branch: main | ||
readme-location: './README.md' | ||
files-with-code: 'action.yml' # TODO: Update if there are additional files or scripts that contain source code for the action | ||
folders-with-code: 'src' # TODO: Update if there are additional directories that contain source code for the action | ||
secrets: | ||
PIPELINE_BOT_PAT: ${{ secrets.PIPELINE_BOT_PAT }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters