From b5736698be1dae39ebcaf771641a66503f3a87a9 Mon Sep 17 00:00:00 2001 From: Christian Clason Date: Sun, 28 Jan 2024 11:47:45 +0100 Subject: [PATCH] ci: use token for automated PRs * Use a Github App token to allow CI to run automatically (Following https://github.com/peter-evans/create-pull-request/blob/main/docs/concepts-guidelines.md#authenticating-with-github-app-generated-tokens) * Enable automerge * make lint workflow only run once on PRs to master --- .github/workflows/lint.yml | 3 ++- .github/workflows/update-lockfile.yml | 23 ++++++++++++++--------- .github/workflows/update-readme.yml | 19 +++++++++++++------ 3 files changed, 29 insertions(+), 16 deletions(-) diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 3092c418f..47a2ee386 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -1,8 +1,9 @@ name: Linting and style checking on: - push: pull_request: + branches: + - "master" jobs: luacheck: diff --git a/.github/workflows/update-lockfile.yml b/.github/workflows/update-lockfile.yml index e44d7c954..f12ca893f 100644 --- a/.github/workflows/update-lockfile.yml +++ b/.github/workflows/update-lockfile.yml @@ -14,6 +14,12 @@ jobs: with: ref: master + - uses: actions/create-github-app-token@v1 + id: app-token + with: + app-id: ${{ vars.TOKEN_ID }} + private-key: ${{ secrets.TOKEN_PRIVATE_KEY }} + - name: Prepare env: NVIM_TAG: stable @@ -32,21 +38,20 @@ jobs: # Pretty print cp lockfile.json /tmp/lockfile.json cat /tmp/lockfile.json | jq --sort-keys > lockfile.json - - - name: Commit changes - run: | - git config user.name 'GitHub' - git config user.email 'noreply@github.com' - git add lockfile.json UPDATED_PARSERS=$(/tmp/jd -f merge /tmp/old_lockfile.json lockfile.json | jq -r 'keys | join(", ")') echo "UPDATED_PARSERS=$UPDATED_PARSERS" >> $GITHUB_ENV - git commit -m "Update parsers: $UPDATED_PARSERS" || echo 'No commit necessary!' - git clean -xf - name: Create Pull Request uses: peter-evans/create-pull-request@v5 with: + token: ${{ steps.app-token.outputs.token }} + commit-message: "Update parsers: ${{ env.UPDATED_PARSERS }}" title: "Update lockfile.json: ${{ env.UPDATED_PARSERS }}" + body: "[beep boop](https://github.com/peter-evans/create-pull-request)" branch: update-lockfile-pr base: ${{ github.head_ref }} - draft: true + + - name: Enable Pull Request Automerge + env: + GH_TOKEN: ${{ steps.app-token.outputs.token }} + run: gh pr merge --rebase --auto update-lockfile-pr diff --git a/.github/workflows/update-readme.yml b/.github/workflows/update-readme.yml index 6708ad103..1569e16a5 100644 --- a/.github/workflows/update-readme.yml +++ b/.github/workflows/update-readme.yml @@ -13,6 +13,12 @@ jobs: steps: - uses: actions/checkout@v4 + - uses: actions/create-github-app-token@v1 + id: app-token + with: + app-id: ${{ vars.TOKEN_ID }} + private-key: ${{ secrets.TOKEN_PRIVATE_KEY }} + - name: Prepare env: NVIM_TAG: stable @@ -21,18 +27,19 @@ jobs: - name: Check README run: | - git config user.email 'actions@github' - git config user.name 'Github Actions' nvim -l scripts/update-readme.lua || echo 'Needs update' - git add README.md - git commit -m 'Update README' || echo 'No commit necessary!' - git clean -xf - name: Create Pull Request uses: peter-evans/create-pull-request@v5 with: + token: ${{ steps.app-token.outputs.token }} commit-message: Update README title: Update README + body: "[beep boop](https://github.com/peter-evans/create-pull-request)" branch: update-readme-pr base: ${{ github.head_ref }} - draft: true + + - name: Enable Pull Request Automerge + env: + GH_TOKEN: ${{ steps.app-token.outputs.token }} + run: gh pr merge --rebase --auto update-readme-pr