Use native gh CLI for requirements actions#453
Conversation
* update UV setup to version 7 * update Dependabot configuration
Packing analysis reportAnalysis for packing results located at cellpack/tests/outputs/test_spheres/spheresSST
Packing imageDistance analysisExpected minimum distance: 50.00
|
rugeli
force-pushed
the
admin/native-gh-cli
branch
from
a0df65f to
3d6b2fd
Compare
rugeli
left a comment
rugeli
left a comment
There was a problem hiding this comment.
Thanks for the quick workaround on this! I did some testing(sorry for the force-push noise on this branch and the pr I just closed)
just one minor comment, otherwise it works great!
| permissions: | ||
| contents: write | ||
| pull-requests: write |
There was a problem hiding this comment.
we can safely remove this block now since the permissions are defined when the token(WORKFLOW_PAT) is created
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 4 out of 4 changed files in this pull request and generated 2 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
You can also share your feedback on Copilot code review. Take the survey.
| git remote set-url origin https://x-access-token:${{ secrets.WORKFLOW_PAT }}@github.com/${{ github.repository }} | ||
| BRANCH="admin/requirements-update_${{ steps.timestamp.outputs.timestamp }}" | ||
| git checkout -b "$BRANCH" |
There was a problem hiding this comment.
Branch/PR name is only unique to the minute (timestamp format %Y-%m-%d_%H-%M). If this workflow is re-run within the same minute (or two runs start in the same minute), git checkout -b / git push and gh pr create can fail due to an existing branch/PR name collision. Consider incorporating github.run_id/github.run_number or seconds in the branch and title to guarantee uniqueness per run.
| run: | | ||
| git config user.name "github-actions[bot]" | ||
| git config user.email "github-actions[bot]@users.noreply.github.com" | ||
| git remote set-url origin https://x-access-token:${{ secrets.WORKFLOW_PAT }}@github.com/${{ github.repository }} |
There was a problem hiding this comment.
WORKFLOW_PAT is referenced both via GH_TOKEN and embedded directly in the git remote set-url command. To reduce the chance of accidental token exposure and make future edits safer, prefer referencing the token via an env var (e.g. reuse GH_TOKEN) rather than repeating ${{ secrets.WORKFLOW_PAT }} in the script.
| git remote set-url origin https://x-access-token:${{ secrets.WORKFLOW_PAT }}@github.com/${{ github.repository }} | |
| git remote set-url origin https://x-access-token:${GH_TOKEN}@github.com/${{ github.repository }} |
Problem
closes #452
Solution
Used native gh CLI implementation to create pull requests instead of a third party action
with @rugeli
Type of change
Change summary:
Steps to Verify:
Actions should run as expected