-
Notifications
You must be signed in to change notification settings - Fork 45
49 lines (47 loc) · 2.02 KB
/
ci-renovate.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
# NOTE: This name appears in GitHub's Checks API and in workflow's status badge.
name: ci-renovate
# Trigger the workflow when:
on:
# When a pull request event occurs for a pull request against one of the
# matched branches.
pull_request:
branches: [master]
jobs:
add-changelog:
# NOTE: This name appears in GitHub's Checks API.
name: add-changelog
# Trigger job only for dependency update bot.
if: github.actor == 'renovate[bot]'
runs-on: ubuntu-latest
# Permissions needed to update PR.
permissions:
# Enable creating, updating files.
contents: write
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
# Needed for correct git commit --amend.
fetch-depth: 0
# Checkout pull request HEAD commit instead of merge commit.
ref: ${{ github.event.pull_request.head.sha }}
# Needed to enable checks re-run.
token: ${{ secrets.PAT || secrets.GITHUB_TOKEN }}
- name: Create and commit Change Log fragment if it does not exist
env:
# There's no support for escaping this for use in a shell command.
# GitHub's recommendation is to pass it through the environment.
# https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-an-intermediate-environment-variable
FILE_NAME: .changelog/${{ github.event.pull_request.number }}.internal.md
HEAD_REF: ${{ github.head_ref }}
run: |
if [[ ! -f "$FILE_NAME" ]]; then
echo "Update dependencies" > "$FILE_NAME"
# Set git user email and name to match author of the last commit.
git config --local user.email "$(git log --pretty='%ae' -1)"
git config --local user.name "$(git log --pretty=format:'%an' -1)"
git add "$FILE_NAME"
git commit --amend --no-edit
git push --force-with-lease origin "HEAD:refs/heads/$HEAD_REF"
echo "FILE_EXISTS=false" >> "$GITHUB_OUTPUT"
fi