Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

git operation without system git command #96

Merged
merged 2 commits into from Sep 21, 2019

Conversation

@sue445
Copy link
Contributor

commented Sep 16, 2019

I replaced system git operation (e.g. git commit) with GitHub API.

Context 1

circleci-bundle-update-pr is implicitly dependent on system git.

https://github.com/masutaka/circleci-bundle-update-pr/blob/v1.16.1/lib/circleci/bundle/update/pr.rb#L105-L111

So I want to remove this implicitly dependent.

Context 2

I want to run circleci-bundle-update-pr on GitHub Actions.

secrets.GITHUB_TOKEN (default token on GitHub Actions) has given permission to GitHub API , but hasn't given permission to syetem git push.

https://help.github.com/en/articles/virtual-environments-for-github-actions#github_token-secret

So I replaced system git operation to GitHub API operation.

Example

image

@sue445 sue445 force-pushed the sue445:git-push-via-api branch from 163686f to e18f4cb Sep 16, 2019
Copy link
Owner

left a comment

Thank you for your PR. 🙏

If the bundle update of this repository succeeds at next Friday, I'll release v1.17.0.

nightly:
triggers:
- schedule:
cron: "00 10 * * 5"
filters:
branches:
only: master
jobs:
- continuous_bundle_update

- run:
name: Install edge circleci-bundle-update-pr
command: |
gem install -N specific_install
gem specific_install https://github.com/masutaka/circleci-bundle-update-pr.git

@@ -53,7 +53,7 @@ jobs:
name: Install System Dependencies
command: |
# See also https://circleci.com/docs/2.0/custom-images/#adding-required-and-custom-tools-or-files
apk add --update --no-cache git openssh-client tar gzip ca-certificates \
apk add --update --no-cache openssh-client tar gzip ca-certificates \

This comment has been minimized.

Copy link
@masutaka

masutaka Sep 21, 2019

Owner

I think it's better not to remove git from here.

Actually, git command is one of the tools required for CircleCI.
https://circleci.com/docs/2.0/custom-images/#required-tools-for-primary-containers

If it removed, the checkout succeeds. However, the following message is outputted.

https://circleci.com/gh/masutaka/circleci-bundle-update-pr/410
-> Checkout code

Either git or ssh (required by git to clone through SSH) is not installed in the image. Falling back to CircleCI's native git client but the behavior may be different from official git. If this is an issue, please use an image that has official git and ssh installed.

It doesn't really matter this time, but the bundle check fails in this repository.

https://circleci.com/gh/masutaka/circleci-bundle-update-pr/410
-> bundle install

So I've reverted it by a153859.

@@ -153,6 +153,57 @@ Powered by [circleci-bundle-update-pr](https://rubygems.org/gems/circleci-bundle

`.circleci/BUNDLE_UPDATE_NOTE.md` or `CIRCLECI_BUNDLE_UPDATE_NOTE.md`, either one is OK. It gives priority `.circleci/BUNDLE_UPDATE_NOTE.md` over `CIRCLECI_BUNDLE_UPDATE_NOTE.md`.

### Run on GitHub Actions

This comment has been minimized.

Copy link
@masutaka

masutaka Sep 21, 2019

Owner

Although the name of this gem is circleci-bundle-update-pr, it's OK because this section is in Tips.

@@ -101,14 +105,42 @@ def self.need_to_commit?
# @return [String] remote branch name. e.g. bundle-update-20180929154455
def self.create_branch(git_username, git_email)
branch = "#{BRANCH_PREFIX}#{now.strftime('%Y%m%d%H%M%S')}"
remote = "https://#{github_access_token}@#{github_host}/#{repo_full_name}"

This comment has been minimized.

Copy link
@masutaka

masutaka Sep 21, 2019

Owner

I've removed the class method github_access_token by 584a2e6.

},
)

client.update_ref(repo_full_name, "heads/#{branch}", commit.sha)

This comment has been minimized.

Copy link
@masutaka

masutaka Sep 21, 2019

Owner

I think the above is complex. However, I'm glad to be removed 'git push -q'.

If I forget to add -q, the access token can leak.

@masutaka masutaka merged commit e18f4cb into masutaka:master Sep 21, 2019
@sue445 sue445 deleted the sue445:git-push-via-api branch Sep 21, 2019
@masutaka

This comment has been minimized.

Copy link
Owner

commented Sep 27, 2019

@sue445

If the bundle update of this repository succeeds at next Friday, I'll release v1.17.0.

Just released. thx!
https://github.com/masutaka/circleci-bundle-update-pr/releases/tag/v1.17.0

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
2 participants
You can’t perform that action at this time.