-
Notifications
You must be signed in to change notification settings - Fork 8
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #141 from OutSystems/ROU-4580-SIGN-COMMITS
ROU-4580: Make the bot commits signed
- Loading branch information
Showing
5 changed files
with
221 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,30 @@ | ||
| name: 'manual-git-commit' | ||
| description: 'Runs the git command to commit' | ||
| inputs: | ||
| branch: | ||
| description: 'Branch where to commit.' | ||
| required: true | ||
| default: '' | ||
| message: | ||
| description: 'Commit message.' | ||
| required: true | ||
| default: '' | ||
| newFiles: | ||
| description: 'Defines if a `git add.` should be made or not.' | ||
| required: false | ||
| default: false | ||
|
|
||
| runs: | ||
| using: composite | ||
| steps: | ||
| - name: Add new files (if needed) | ||
| shell: bash | ||
| if: ${{ inputs.newFiles }} | ||
| run: | | ||
| git add . | ||
| - name: Manual git commit | ||
| shell: bash | ||
| run: | | ||
| git commit -m "${{ inputs.message }}" | ||
| git push origin ${{ inputs.branch }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,22 @@ | ||
| name: 'setup-gpg' | ||
| description: 'Prepare to get following commits signed' | ||
| inputs: | ||
| gpgPriv: | ||
| description: 'GPG Private key' | ||
| required: true | ||
| default: '' | ||
| gpgPassPhrase: | ||
| description: 'GPG passphrase' | ||
| required: false | ||
| default: '""' | ||
|
|
||
| runs: | ||
| using: composite | ||
| steps: | ||
| - name: Import and load GPG key | ||
| uses: crazy-max/ghaction-import-gpg@v6 | ||
| with: | ||
| gpg_private_key: ${{ inputs.gpgPriv }} | ||
| passphrase: ${{ inputs.gpgPassPhrase }} | ||
| git_user_signingkey: true | ||
| git_commit_gpgsign: true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,39 @@ | ||
| name: 'signed-gpg-commit' | ||
| description: 'Prepare and sign the commit signed' | ||
| inputs: | ||
| branch: | ||
| description: 'Branch where to commit.' | ||
| required: true | ||
| default: '' | ||
| message: | ||
| description: 'Commit message.' | ||
| required: true | ||
| default: '' | ||
| newFiles: | ||
| description: 'Defines if a `git add.` should be made or not.' | ||
| required: false | ||
| default: false | ||
| gpgPriv: | ||
| description: 'GPG Private key' | ||
| required: true | ||
| default: '' | ||
| gpgPassPhrase: | ||
| description: 'GPG passphrase' | ||
| required: false | ||
| default: '""' | ||
|
|
||
| runs: | ||
| using: composite | ||
| steps: | ||
| - name: Setup GPG to sign commits | ||
| uses: ./.github/setup-gpg/ | ||
| with: | ||
| gpgPriv: ${{ inputs.gpgPriv }} | ||
| gpgPassPhrase: ${{ inputs.gpgPassPhrase }} | ||
|
|
||
| - name: Perform git commit | ||
| uses: ./.github/manual-commit/ | ||
| with: | ||
| branch: ${{ inputs.branch }} | ||
| message: ${{ inputs.message }} | ||
| newFiles: ${{ inputs.newFiles }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,44 @@ | ||
| name: DEV_PR | ||
| on: | ||
| # Triggers the workflow on push events but only for the "dev" branch. | ||
| pull_request: | ||
| branches: ['dev'] | ||
|
|
||
| workflow_dispatch: | ||
|
|
||
| jobs: | ||
| eslint: | ||
| runs-on: ubuntu-latest | ||
| defaults: | ||
| run: | ||
| working-directory: ./ | ||
| steps: | ||
| - name: Checkout branch dev | ||
| uses: actions/checkout@v2 | ||
|
|
||
| - uses: actions/setup-node@v1 | ||
| with: | ||
| node-version: '16.x' | ||
|
|
||
| - name: Install project dependencies | ||
| run: npm install | ||
|
|
||
| - name: Run lint | ||
| run: npm run lint | ||
|
|
||
| compile-code: | ||
| needs: eslint | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Checkout branch dev | ||
| uses: actions/checkout@v2 | ||
|
|
||
| - uses: actions/setup-node@v1 | ||
| with: | ||
| node-version: '16.x' | ||
|
|
||
| - name: Install project dependencies | ||
| run: npm install | ||
|
|
||
| - name: Compile code | ||
| run: npm run build |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,86 @@ | ||
| # This is a basic workflow to help you get started with Actions | ||
|
|
||
| name: MAIN_PUSH | ||
|
|
||
| # Controls when the action will run. | ||
| on: | ||
| # Triggers the workflow on push or pull request events but only for the dev branch | ||
| push: | ||
| branches: ['main'] | ||
|
|
||
| # Allows you to run this workflow manually from the Actions tab | ||
| workflow_dispatch: | ||
|
|
||
| # A workflow run is made up of one or more jobs that can run sequentially or in parallel | ||
| jobs: | ||
| eslint: | ||
| runs-on: ubuntu-latest | ||
| defaults: | ||
| run: | ||
| working-directory: ./ | ||
| steps: | ||
| - name: Checkout branch main | ||
| uses: actions/checkout@v2 | ||
|
|
||
| - uses: actions/setup-node@v1 | ||
| with: | ||
| node-version: '16.x' | ||
|
|
||
| - name: Install project dependencies | ||
| run: npm install | ||
|
|
||
| - name: Run lint | ||
| run: npm run lint | ||
|
|
||
| compile-code: | ||
| needs: eslint | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Checkout branch dev | ||
| uses: actions/checkout@v2 | ||
|
|
||
| - uses: actions/setup-node@v1 | ||
| with: | ||
| node-version: '16.x' | ||
|
|
||
| - name: Install project dependencies | ||
| run: npm install | ||
|
|
||
| - name: Compile code | ||
| run: npm run build | ||
|
|
||
| documentation: | ||
| needs: compile-code | ||
| runs-on: ubuntu-latest | ||
|
|
||
| # Steps represent a sequence of tasks that will be executed as part of the job | ||
| steps: | ||
| # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it | ||
| - name: Checkout branch main | ||
| uses: actions/checkout@v3 | ||
| with: | ||
| ref: dev | ||
| token: ${{ secrets.PAT }} | ||
|
|
||
| - name: Install graphviz | ||
| run: sudo apt install -y graphviz | ||
|
|
||
| - uses: actions/setup-node@v3 | ||
| with: | ||
| node-version: 16 | ||
| cache: 'npm' | ||
|
|
||
| - name: Install project dependencies | ||
| run: npm install | ||
|
|
||
| - name: Generate documentation | ||
| run: npm run docs | ||
|
|
||
| - name: Sign and commit documentation to branch dev | ||
| uses: ./.github/os-git-actions/signed-commit/ | ||
| with: | ||
| branch: main | ||
| message: 'Update documentation [skip ci]' | ||
| newFiles: true | ||
| gpgPriv: ${{ secrets.GPG_SIGN_KEY }} | ||
| gpgPassPhrase: ${{ secrets.GPG_PASSPHRASE }} |