From 76ecd7396c5ca0b0d0a2986f396de97a179f5aa7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Franti=C5=A1ek=20Nesveda?= Date: Thu, 14 May 2026 12:11:55 +0200 Subject: [PATCH 1/5] chore: Use custom action to commit changes in CI instead of `git commit` --- .../check-execute-workflow-dist.yaml | 19 +++++++++---- .github/workflows/claude-md-maintenance.yml | 27 +++++++++++++------ .../python_bump_and_update_changelog.yaml | 22 ++++++++++----- .github/workflows/sync_branches_push.yaml | 18 +++++-------- git-cliff-release/README.md | 20 +++++++------- 5 files changed, 67 insertions(+), 39 deletions(-) diff --git a/.github/workflows/check-execute-workflow-dist.yaml b/.github/workflows/check-execute-workflow-dist.yaml index 61c379e..5f8e789 100644 --- a/.github/workflows/check-execute-workflow-dist.yaml +++ b/.github/workflows/check-execute-workflow-dist.yaml @@ -32,10 +32,19 @@ jobs: - name: Rebuild dist run: pnpm --filter execute-workflow build + - name: Stage dist changes + id: stage + run: | + git add 'execute-workflow/dist/' + if git diff --cached --quiet; then + echo "has-changes=false" >> "$GITHUB_OUTPUT" + else + echo "has-changes=true" >> "$GITHUB_OUTPUT" + fi + - name: Commit and push if changed - uses: EndBug/add-and-commit@v10 + if: steps.stage.outputs.has-changes == 'true' + uses: ./commit with: - author_name: github-actions[bot] - author_email: 41898282+github-actions[bot]@users.noreply.github.com - message: "chore: rebuild execute-workflow dist [skip ci]" - add: 'execute-workflow/dist/' + commit-message: "chore: rebuild execute-workflow dist [skip ci]" + github-token: ${{ secrets.APIFY_SERVICE_ACCOUNT_GITHUB_TOKEN }} diff --git a/.github/workflows/claude-md-maintenance.yml b/.github/workflows/claude-md-maintenance.yml index 708c809..6961190 100644 --- a/.github/workflows/claude-md-maintenance.yml +++ b/.github/workflows/claude-md-maintenance.yml @@ -97,24 +97,35 @@ jobs: echo "changed=false" >> "$GITHUB_OUTPUT" fi + - name: Prepare branch name + if: steps.diff.outputs.changed == 'true' + id: branch + run: echo "name=chore/update-claude-md-$(date +%Y%m%d%H%M%S)" >> "$GITHUB_OUTPUT" + + - name: Stage CLAUDE.md + if: steps.diff.outputs.changed == 'true' + run: git add CLAUDE.md + + - name: Commit CLAUDE.md + if: steps.diff.outputs.changed == 'true' + uses: apify/workflows/commit@main + with: + commit-message: "docs: update CLAUDE.md [skip ci]" + github-token: ${{ github.token }} + branch: ${{ steps.branch.outputs.name }} + create-branch: 'true' + - name: Create PR with updated CLAUDE.md if: steps.diff.outputs.changed == 'true' id: create-pr env: GH_TOKEN: ${{ github.token }} run: | - git config user.name "github-actions[bot]" - git config user.email "github-actions[bot]@users.noreply.github.com" - BRANCH="chore/update-claude-md-$(date +%Y%m%d%H%M%S)" - git checkout -b "$BRANCH" - git add CLAUDE.md - git commit -m "docs: update CLAUDE.md [skip ci]" - git push origin "$BRANCH" PR_URL=$(gh pr create \ --title "docs: update CLAUDE.md" \ --body "Automated update of CLAUDE.md generated by the Claude MD Maintenance workflow." \ --base "${{ github.ref_name }}" \ - --head "$BRANCH") + --head "${{ steps.branch.outputs.name }}") echo "pr_url=$PR_URL" >> "$GITHUB_OUTPUT" - name: Assign PR and request review diff --git a/.github/workflows/python_bump_and_update_changelog.yaml b/.github/workflows/python_bump_and_update_changelog.yaml index 7c33413..14e9771 100644 --- a/.github/workflows/python_bump_and_update_changelog.yaml +++ b/.github/workflows/python_bump_and_update_changelog.yaml @@ -27,7 +27,7 @@ jobs: bump_and_update_changelog: runs-on: ubuntu-latest outputs: - changelog_commitish: ${{ steps.commit.outputs.commit_long_sha || github.sha }} + changelog_commitish: ${{ steps.commit.outputs.commit-sha || github.sha }} steps: - name: Checkout repository @@ -59,11 +59,21 @@ jobs: write-mode: overwrite contents: ${{ inputs.changelog }} + - name: Stage changes + id: stage + run: | + git pull --rebase --autostash + git add -A + if git diff --cached --quiet; then + echo "has-changes=false" >> "$GITHUB_OUTPUT" + else + echo "has-changes=true" >> "$GITHUB_OUTPUT" + fi + - name: Commit changes id: commit - uses: EndBug/add-and-commit@v10 + if: steps.stage.outputs.has-changes == 'true' + uses: apify/workflows/commit@main with: - author_name: github-actions[bot] - author_email: 41898282+github-actions[bot]@users.noreply.github.com - message: "chore(release): Update changelog and package version [skip ci]" - pull: '--rebase --autostash' + commit-message: "chore(release): Update changelog and package version [skip ci]" + github-token: ${{ secrets.APIFY_SERVICE_ACCOUNT_GITHUB_TOKEN }} diff --git a/.github/workflows/sync_branches_push.yaml b/.github/workflows/sync_branches_push.yaml index 0dc8193..ee94eca 100644 --- a/.github/workflows/sync_branches_push.yaml +++ b/.github/workflows/sync_branches_push.yaml @@ -45,7 +45,9 @@ jobs: push: runs-on: ubuntu-latest steps: - - name: git + - name: Merge head branch into base branch via GitHub API + env: + GH_TOKEN: ${{ secrets.githubToken }} run: | if [ "${GITHUB_EVENT_NAME}" = "pull_request" ]; then HEAD_BRANCH="${GITHUB_BASE_REF}" @@ -55,17 +57,11 @@ jobs: echo ">>> Don't know how to handle event name: ${GITHUB_EVENT_NAME}" exit 1 fi - mkdir repo - cd repo - git clone https://github-actions:${{ secrets.githubToken }}@github.com/${{ github.repository }}.git . - git config --global user.email "${{ inputs.gitConfigEmail }}" - git config --global user.name "${{ inputs.gitConfigUsername }}" - git config pull.rebase false - - git switch ${{ inputs.baseBranch }} - git pull origin ${HEAD_BRANCH} --no-edit --no-ff - git push https://github-actions:${{ secrets.githubToken }}@github.com/${{ github.repository }}.git ${{ inputs.baseBranch }}:${{ inputs.baseBranch }} + gh api -X POST "repos/${GITHUB_REPOSITORY}/merges" \ + -f base="${{ inputs.baseBranch }}" \ + -f head="${HEAD_BRANCH}" \ + -f commit_message="Merge ${HEAD_BRANCH} into ${{ inputs.baseBranch }}" - name: report failure to slack if: ${{ failure() }} diff --git a/git-cliff-release/README.md b/git-cliff-release/README.md index c9e1b30..b6b7760 100644 --- a/git-cliff-release/README.md +++ b/git-cliff-release/README.md @@ -47,12 +47,13 @@ jobs: path: CHANGELOG.md write-mode: overwrite contents: ${{ steps.metadata.outputs.changelog }} + - name: Stage changes + run: git add -A - name: Commit changes - uses: EndBug/add-and-commit@v10 + uses: apify/workflows/commit@main with: - author_name: Foo - author_email: foo@bar.com - message: "chore(release): Update changelog and package version [skip ci]" + commit-message: "chore(release): Update changelog and package version [skip ci]" + github-token: ${{ secrets.GITHUB_TOKEN }} ``` Manually trigger a release: @@ -93,18 +94,19 @@ jobs: path: CHANGELOG.md write-mode: overwrite contents: ${{ steps.metadata.outputs.changelog }} + - name: Stage changes + run: git add -A - name: Commit changes id: commit - uses: EndBug/add-and-commit@v10 + uses: apify/workflows/commit@main with: - author_name: Foo - author_email: foo@bar.com - message: "chore(release): Update changelog and package version [skip ci]" + commit-message: "chore(release): Update changelog and package version [skip ci]" + github-token: ${{ secrets.GITHUB_TOKEN }} - name: Create release uses: softprops/action-gh-release@v2 with: tag_name: ${{ steps.metadata.outputs.tag_name }} name: ${{ steps.metadata.outputs.version_number }} - target_commitish: ${{ steps.commit.commit_long_sha || github.sha }} + target_commitish: ${{ steps.commit.outputs.commit-sha || github.sha }} body: ${{ steps.metadata.outputs.release_notes }} ``` From 8c33ef8f22ab4f052bdedb4e423d86de1b97574c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Franti=C5=A1ek=20Nesveda?= Date: Fri, 15 May 2026 16:47:29 +0200 Subject: [PATCH 2/5] Use `apify/actions/signed-commit`, simplify logic --- .../check-execute-workflow-dist.yaml | 16 +++------------- .github/workflows/claude-md-maintenance.yml | 9 +++------ .../python_bump_and_update_changelog.yaml | 19 ++++--------------- 3 files changed, 10 insertions(+), 34 deletions(-) diff --git a/.github/workflows/check-execute-workflow-dist.yaml b/.github/workflows/check-execute-workflow-dist.yaml index 5f8e789..d4b2533 100644 --- a/.github/workflows/check-execute-workflow-dist.yaml +++ b/.github/workflows/check-execute-workflow-dist.yaml @@ -32,19 +32,9 @@ jobs: - name: Rebuild dist run: pnpm --filter execute-workflow build - - name: Stage dist changes - id: stage - run: | - git add 'execute-workflow/dist/' - if git diff --cached --quiet; then - echo "has-changes=false" >> "$GITHUB_OUTPUT" - else - echo "has-changes=true" >> "$GITHUB_OUTPUT" - fi - - name: Commit and push if changed - if: steps.stage.outputs.has-changes == 'true' - uses: ./commit + uses: apify/actions/signed-commit@v1.0.0 with: - commit-message: "chore: rebuild execute-workflow dist [skip ci]" + message: "chore: rebuild execute-workflow dist [skip ci]" + add: 'execute-workflow/dist/' github-token: ${{ secrets.APIFY_SERVICE_ACCOUNT_GITHUB_TOKEN }} diff --git a/.github/workflows/claude-md-maintenance.yml b/.github/workflows/claude-md-maintenance.yml index 6961190..d6bfc2d 100644 --- a/.github/workflows/claude-md-maintenance.yml +++ b/.github/workflows/claude-md-maintenance.yml @@ -102,15 +102,12 @@ jobs: id: branch run: echo "name=chore/update-claude-md-$(date +%Y%m%d%H%M%S)" >> "$GITHUB_OUTPUT" - - name: Stage CLAUDE.md - if: steps.diff.outputs.changed == 'true' - run: git add CLAUDE.md - - name: Commit CLAUDE.md if: steps.diff.outputs.changed == 'true' - uses: apify/workflows/commit@main + uses: apify/actions/signed-commit@v1.0.0 with: - commit-message: "docs: update CLAUDE.md [skip ci]" + message: "docs: update CLAUDE.md [skip ci]" + add: CLAUDE.md github-token: ${{ github.token }} branch: ${{ steps.branch.outputs.name }} create-branch: 'true' diff --git a/.github/workflows/python_bump_and_update_changelog.yaml b/.github/workflows/python_bump_and_update_changelog.yaml index 14e9771..340a4fa 100644 --- a/.github/workflows/python_bump_and_update_changelog.yaml +++ b/.github/workflows/python_bump_and_update_changelog.yaml @@ -27,7 +27,7 @@ jobs: bump_and_update_changelog: runs-on: ubuntu-latest outputs: - changelog_commitish: ${{ steps.commit.outputs.commit-sha || github.sha }} + changelog_commitish: ${{ steps.commit.outputs.commit_sha || github.sha }} steps: - name: Checkout repository @@ -59,21 +59,10 @@ jobs: write-mode: overwrite contents: ${{ inputs.changelog }} - - name: Stage changes - id: stage - run: | - git pull --rebase --autostash - git add -A - if git diff --cached --quiet; then - echo "has-changes=false" >> "$GITHUB_OUTPUT" - else - echo "has-changes=true" >> "$GITHUB_OUTPUT" - fi - - name: Commit changes id: commit - if: steps.stage.outputs.has-changes == 'true' - uses: apify/workflows/commit@main + uses: apify/actions/signed-commit@v1.0.0 with: - commit-message: "chore(release): Update changelog and package version [skip ci]" + message: "chore(release): Update changelog and package version [skip ci]" + pull: '--rebase --autostash' github-token: ${{ secrets.APIFY_SERVICE_ACCOUNT_GITHUB_TOKEN }} From 635606199f2ff43af3f03667ecc9563ffd7e05f0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Franti=C5=A1ek=20Nesveda?= Date: Fri, 15 May 2026 16:56:24 +0200 Subject: [PATCH 3/5] Remove unneeded fallback to `github.sha` --- .github/workflows/python_bump_and_update_changelog.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/python_bump_and_update_changelog.yaml b/.github/workflows/python_bump_and_update_changelog.yaml index 340a4fa..b9e1b15 100644 --- a/.github/workflows/python_bump_and_update_changelog.yaml +++ b/.github/workflows/python_bump_and_update_changelog.yaml @@ -27,7 +27,7 @@ jobs: bump_and_update_changelog: runs-on: ubuntu-latest outputs: - changelog_commitish: ${{ steps.commit.outputs.commit_sha || github.sha }} + changelog_commitish: ${{ steps.commit.outputs.commit_sha }} steps: - name: Checkout repository From 84d88175bfa512c6abc35699ff9d83f9456e824e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Franti=C5=A1ek=20Nesveda?= Date: Fri, 15 May 2026 17:10:23 +0200 Subject: [PATCH 4/5] Remove unneeded fallback to `github.sha` --- git-cliff-release/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/git-cliff-release/README.md b/git-cliff-release/README.md index b6b7760..bb5a0e3 100644 --- a/git-cliff-release/README.md +++ b/git-cliff-release/README.md @@ -107,6 +107,6 @@ jobs: with: tag_name: ${{ steps.metadata.outputs.tag_name }} name: ${{ steps.metadata.outputs.version_number }} - target_commitish: ${{ steps.commit.outputs.commit-sha || github.sha }} + target_commitish: ${{ steps.commit.outputs.commit_sha }} body: ${{ steps.metadata.outputs.release_notes }} ``` From b604def45de2a674a7a7aab249b81849e1eb03a3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Franti=C5=A1ek=20Nesveda?= Date: Fri, 15 May 2026 18:36:43 +0200 Subject: [PATCH 5/5] Use long SHA when appropriate --- .github/workflows/python_bump_and_update_changelog.yaml | 2 +- git-cliff-release/README.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/python_bump_and_update_changelog.yaml b/.github/workflows/python_bump_and_update_changelog.yaml index b9e1b15..ccf9b90 100644 --- a/.github/workflows/python_bump_and_update_changelog.yaml +++ b/.github/workflows/python_bump_and_update_changelog.yaml @@ -27,7 +27,7 @@ jobs: bump_and_update_changelog: runs-on: ubuntu-latest outputs: - changelog_commitish: ${{ steps.commit.outputs.commit_sha }} + changelog_commitish: ${{ steps.commit.outputs.commit_long_sha }} steps: - name: Checkout repository diff --git a/git-cliff-release/README.md b/git-cliff-release/README.md index bb5a0e3..2dc6af6 100644 --- a/git-cliff-release/README.md +++ b/git-cliff-release/README.md @@ -107,6 +107,6 @@ jobs: with: tag_name: ${{ steps.metadata.outputs.tag_name }} name: ${{ steps.metadata.outputs.version_number }} - target_commitish: ${{ steps.commit.outputs.commit_sha }} + target_commitish: ${{ steps.commit.outputs.commit_long_sha }} body: ${{ steps.metadata.outputs.release_notes }} ```