From abc3ff352908611fefbf59811e1e20124b65fe42 Mon Sep 17 00:00:00 2001 From: Ludy Date: Mon, 20 Jan 2025 20:59:17 +0100 Subject: [PATCH] changes the bot from github-action to stirlingbot (#2755) # Description of Changes This PR introduces updates to the GitHub Actions workflow for `pre_commit.yml`. The main changes are: - **What was changed:** - Removed the conditional check to exclude `dependabot[bot]` from triggering the workflow. - Added a step to generate a GitHub App token using `actions/create-github-app-token`. - Added a step to retrieve the user ID for the GitHub App bot. - Updated the git configuration to use the GitHub App credentials for commits. - Improved commit logic to check for changes before attempting a pull request. - Updated the pull request creation step to use the dynamically generated GitHub App credentials. - **Why the change was made:** - To enhance security and ensure that commits and pull requests are made using GitHub App credentials instead of the default `github-actions[bot]`. - To provide better traceability and reduce reliance on static tokens. - **Challenges encountered:** - Adjusting the logic to dynamically generate tokens and handle changes without disrupting existing workflows. - Ensuring compatibility with the `peter-evans/create-pull-request` action. Closes # (issue_number) --- ## Checklist ### General - [x] I have read the [Contribution Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md) - [x] I have read the [Stirling-PDF Developer Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md) (if applicable) - [x] I have read the [How to add new languages to Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md) (if applicable) - [x] I have performed a self-review of my own code - [x] My changes generate no new warnings ### Documentation - [ ] I have updated relevant docs on [Stirling-PDF's doc repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/) (if functionality has heavily changed) - [ ] I have read the section [Add New Translation Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags) (for new translation tags only) ### UI Changes (if applicable) - [ ] Screenshots or videos demonstrating the UI changes are attached (e.g., as comments or direct attachments in the PR) ### Testing (if applicable) - [x] I have tested my changes locally. Refer to the [Testing Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md#6-testing) for more details. --- .github/workflows/pre_commit.yml | 38 +++++++++++++++++++++++--------- 1 file changed, 27 insertions(+), 11 deletions(-) diff --git a/.github/workflows/pre_commit.yml b/.github/workflows/pre_commit.yml index 27d7ac3e..e0d94e6a 100644 --- a/.github/workflows/pre_commit.yml +++ b/.github/workflows/pre_commit.yml @@ -8,7 +8,6 @@ permissions: jobs: pre-commit: - if: ${{ github.event.pull_request.user.login != 'dependabot[bot]' }} runs-on: ubuntu-latest permissions: contents: write @@ -19,6 +18,23 @@ jobs: with: egress-policy: audit + - name: Generate GitHub App Token + id: generate-token + uses: actions/create-github-app-token@c1a285145b9d317df6ced56c09f525b5c2b6f755 # v1.11.1 + with: + app-id: ${{ secrets.GH_APP_ID }} + private-key: ${{ secrets.GH_APP_PRIVATE_KEY }} + + - name: Get GitHub App User ID + id: get-user-id + run: echo "user-id=$(gh api "/users/${{ steps.generate-token.outputs.app-slug }}[bot]" --jq .id)" >> $GITHUB_OUTPUT + env: + GH_TOKEN: ${{ steps.generate-token.outputs.token }} + + - id: committer + run: | + echo "string=${{ steps.generate-token.outputs.app-slug }}[bot] <${{ steps.get-user-id.outputs.user-id }}+${{ steps.generate-token.outputs.app-slug }}[bot]@users.noreply.github.com>" >> "$GITHUB_OUTPUT" + - name: Checkout repository uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: @@ -35,25 +51,25 @@ jobs: continue-on-error: true - name: Set up git config run: | - git config --global user.name "github-actions[bot]" - git config --global user.email "github-actions[bot]@users.noreply.github.com" + git config --global user.name ${{ steps.generate-token.outputs.app-slug }}[bot] + git config --global user.email "${{ steps.get-user-id.outputs.user-id }}+${{ steps.generate-token.outputs.app-slug }}[bot]@users.noreply.github.com" - name: git add run: | git add . - git diff --staged --quiet || git commit -m ":file_folder: pre-commit - > Made via .github/workflows/pre_commit.yml" || echo "pre-commit: no changes" + git diff --staged --quiet || echo "CHANGES_DETECTED=true" >> $GITHUB_ENV - name: Create Pull Request + if: env.CHANGES_DETECTED == 'true' uses: peter-evans/create-pull-request@67ccf781d68cd99b580ae25a5c18a1cc84ffff1f # v7.0.6 with: - token: ${{ secrets.GITHUB_TOKEN }} - commit-message: "ci: 🤖 format everything with pre-commit" - committer: GitHub Action - author: GitHub Action + token: ${{ steps.generate-token.outputs.token }} + commit-message: ":file_folder: pre-commit" + committer: ${{ steps.committer.outputs.string }} + author: ${{ steps.committer.outputs.string }} signoff: true branch: pre-commit - title: "🤖 format everything with pre-commit by " + title: "🤖 format everything with pre-commit by <${{ steps.generate-token.outputs.app-slug }}>" body: | - Auto-generated by [create-pull-request][1] + Auto-generated by [create-pull-request][1] with **${{ steps.generate-token.outputs.app-slug }}** [1]: https://github.com/peter-evans/create-pull-request draft: false