Skip to content

ci: use a GitHub App and repository bypass rules for pushing to protected branch #228

ci: use a GitHub App and repository bypass rules for pushing to protected branch

ci: use a GitHub App and repository bypass rules for pushing to protected branch #228

Workflow file for this run

"on":
push:
branches:
- master
pull_request:
types:
- opened
- synchronize
workflow_dispatch: {}
name: Test
jobs:
happyPath:
name: "[TEST] Update existing pull request"
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
persist-credentials: false
- uses: actions/setup-node@v4
with:
node-version: 20
cache: npm
- run: date > test.txt
- run: npm ci
- run: npm run build
- uses: ./
id: run
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
ACTIONS_STEP_DEBUG: true
with:
commit-message: Just testing [skip ci]
- if: ${{ steps.run.outputs.result != 'updated' }}
run: >-
echo "Action result output is \"${{ steps.run.outputs.result }}\" but
expected \"updated\"" && exit 1
- if: ${{ !(steps.run.outputs.pull-request-number > 0) }}
run: >-
echo "Action pull-request-number output is
\"${{steps.run.outputs.pull-request-number}}\" but expected a number"
&& exit 1
createNewPullRequest:
name: "[TEST] Create new pull request"
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
persist-credentials: false
- uses: actions/setup-node@v4
with:
node-version: 20
cache: npm
- run: date > test.txt
- run: npm ci
- run: npm run build
- uses: ./
id: run
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
ACTIONS_STEP_DEBUG: true
with:
title: Test pull request
body: This pull request is part of the CI - please ignore.
branch: test-create-new-pull-request-${{ github.run_number }}
commit-message: Just testing [skip ci]
author: J. Doe <j@example.com>
labels: test1, test2
assignees: gr2m
- run: >-
git push
https://x-access-token:${GITHUB_TOKEN}@github.com/${GITHUB_REPOSITORY}.git
:test-create-new-pull-request-${{ github.run_number }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- if: ${{ steps.run.outputs.result != 'created' }}
run: >-
echo "result output is \"${{ steps.run.outputs.result }}\" but
expected \"created\"" && exit 1
- if: ${{ !(steps.run.outputs.pull-request-number > 0) }}
run: >-
echo "pull-request-number output is \"${{
steps.run.outputs.pull-request-number }}\" but expected a number" &&
exit 1
multipleCommits:
name: "[TEST] Create multiple commits"
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
persist-credentials: false
- uses: actions/setup-node@v4
with:
node-version: 20
cache: npm
- run: date > file1.txt
- run: date > file2.txt
- run: npm ci
- run: npm run build
- uses: ./
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
ACTIONS_STEP_DEBUG: true
with:
title: Test pull request with multiple commits
body: This pull request is part of the CI - please ignore.
branch: >-
test-create-new-pull-request-with-multiple-commits-${{
github.run_number }}
author: J. Doe <j@example.com>
path: file1.txt
commit-message: file 1 created [skip ci]
- uses: ./
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
ACTIONS_STEP_DEBUG: true
with:
title: Test pull request
body: This pull request is part of the CI - please ignore.
branch: >-
test-create-new-pull-request-with-multiple-commits-${{
github.run_number }}
author: J. Doe <j@example.com>
path: file2.txt
commit-message: file 2 created [skip ci]
- uses: ./
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
ACTIONS_STEP_DEBUG: true
with:
title: Test pull request
body: This pull request is part of the CI - please ignore.
branch: >-
test-create-new-pull-request-with-multiple-commits-${{
github.run_number }}
author: J. Doe <j@example.com>
path: does_not_exist.txt
commit-message: this should fail silently, not commit should be created
- run: >-
git push
https://x-access-token:${GITHUB_TOKEN}@github.com/${GITHUB_REPOSITORY}.git
:test-create-new-pull-request-with-multiple-commits-${{
github.run_number }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
autoMerge:
name: "[TEST] Auto merge"
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
persist-credentials: false
- uses: actions/setup-node@v4
with:
node-version: 20
cache: npm
- run: date > test.txt
- run: npm ci
- run: npm run build
- uses: ./
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
ACTIONS_STEP_DEBUG: true
with:
title: Test pull request for `auto-merge` option
commit-message: Testing auto-merge
auto-merge: squash
branch: test-auto-merge-${{ github.run_number }}
- run: >-
git push
https://x-access-token:${GITHUB_TOKEN}@github.com/${GITHUB_REPOSITORY}.git
:test-auto-merge-${{ github.run_number }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
hiddenFile:
name: "[TEST] Create or update pull request for hidden file"
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
persist-credentials: false
- uses: actions/setup-node@v4
with:
node-version: 20
cache: npm
- run: date > .github/test.txt
- run: npm ci
- run: npm run build
- uses: ./
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
ACTIONS_STEP_DEBUG: true
with:
commit-message: Just testing [skip ci]
updatePRTitleAndBody:
name: "[TEST] Update PR title and body"
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
persist-credentials: false
- uses: actions/setup-node@v4
with:
node-version: 20
cache: npm
- run: date > test.txt
- run: npm ci
- run: npm run build
- uses: ./
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
ACTIONS_STEP_DEBUG: true
with:
title: Test pull request
body: This pull request is part of the CI - please ignore.
branch: test-update-pr-title-and-body-${{ github.run_number }}
commit-message: Just testing [skip ci]
- run: echo updated >> test.txt
- uses: ./
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
ACTIONS_STEP_DEBUG: true
with:
title: Skipped Updated test pull request
body: >-
This Skipped updated pull request is part of the CI - please
ignore.
branch: test-update-pr-title-and-body-${{ github.run_number }}
commit-message: Just testing [skip ci]
- run: echo updated >> test.txt
- uses: ./
id: run
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
ACTIONS_STEP_DEBUG: true
with:
title: Updated test pull request
body: This updated pull request is part of the CI - please ignore.
branch: test-update-pr-title-and-body-${{ github.run_number }}
commit-message: Just testing [skip ci]
update-pull-request-title-and-body: true
- uses: octokit/request-action@v2.x
id: get-pull-request
with:
route: GET /repos/{owner}/{repo}/pulls/{pull_number}
owner: gr2m
repo: create-or-update-pull-request-action
pull_number: ${{ steps.run.outputs.pull-request-number }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- run: >-
git push
https://x-access-token:${GITHUB_TOKEN}@github.com/${GITHUB_REPOSITORY}.git
:test-update-pr-title-and-body-${{ github.run_number }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- if: >-
${{ fromJson(steps.get-pull-request.outputs.data).title != 'Updated
test pull request' }}
run: >-
echo "Pull request title is \"${{
fromJson(steps.get-pull-request.outputs.data).title }}\" but expected
\"Updated test pull request\"" && exit 1
addReviewers:
name: "[TEST] Add Reviewers"
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
persist-credentials: false
- uses: actions/setup-node@v4
with:
node-version: 20
cache: npm
- run: date > test.txt
- run: npm ci
- run: npm run build
- uses: ./
id: run
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
ACTIONS_STEP_DEBUG: true
with:
title: Test Add Reviewers
body: This pull request is part of the CI - please ignore.
branch: test-add-reviewers-${{ github.run_number }}
commit-message: Just testing [skip ci]
reviewers: gr2m
team_reviewers: test-reviewers
- uses: octokit/request-action@v2.x
id: get-pull-request
with:
route: GET /repos/{owner}/{repo}/pulls/{pull_number}
owner: gr2m
repo: create-or-update-pull-request-action
pull_number: ${{ steps.run.outputs.pull-request-number }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- run: >-
git push
https://x-access-token:${GITHUB_TOKEN}@github.com/${GITHUB_REPOSITORY}.git
:test-add-reviewers-${{ github.run_number }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- if: >-
${{
!contains(toJson(fromJson(steps.get-pull-request.outputs.data).requested_reviewers.*.login),
'gr2m') }}
run: >-
echo "Requested reviewers are \"${{
toJson(fromJson(steps.get-pull-request.outputs.data).requested_reviewers.*.login)
}}\" but expected \"[\n gr2m \n]\"" && exit 1