OSSForks/node
1
0
Fork 0
mirror of https://github.com/zebrajr/node.git synced 2026-01-15 12:15:26 +00:00
Code Issues Actions 8 Packages Projects Releases Wiki Activity
Files
14d9c38c097b59451d5b76913dda0770a830a47b
node/.github/workflows/commit-queue.yml
Rich Trott 1217087110 build: set persist-credentials: false on workflows 
Out of extra caution, instruct `actions/checkout` to not save GitHub
authentication credentials in the git config for use by future steps.

PR-URL: https://github.com/nodejs/node/pull/40972
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
2021-11-27 22:12:26 +00:00

85 lines
3.2 KiB
YAML
Raw Blame History

# This action requires the following secrets to be set on the repository:
# GH_USER_NAME: GitHub user whose Jenkins and GitHub token are defined below
# GH_USER_TOKEN: GitHub user token, to be used by ncu and to push changes
# JENKINS_TOKEN: Jenkins token, to be used to check CI status
name: Commit Queue
on:
# `schedule` event is used instead of `pull_request` because when a
# `pull_request` event is triggered on a PR from a fork, GITHUB_TOKEN will
# be read-only, and the Action won't have access to any other repository
# secrets, which it needs to access Jenkins API.
schedule:
- cron: "*/5 * * * *"
env:
NODE_VERSION: lts/*
jobs:
commitQueue:
if: github.repository == 'nodejs/node'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
with:
# Needs the whole git history for ncu to work
# See https://github.com/nodejs/node-core-utils/pull/486
fetch-depth: 0
persist-credentials: false
# A personal token is required because pushing with GITHUB_TOKEN will
# prevent commits from running CI after they land. It needs
# to be set here because `checkout` configures GitHub authentication
# for push as well.
token: ${{ secrets.GH_USER_TOKEN }}
# Install dependencies
- name: Install Node.js
uses: actions/setup-node@v2
with:
node-version: ${{ env.NODE_VERSION }}
- name: Install node-core-utils
run: npm install -g node-core-utils@latest
- name: Set variables
run: |
echo "REPOSITORY=$(echo ${{ github.repository }} | cut -d/ -f2)" >> $GITHUB_ENV
echo "OWNER=${{ github.repository_owner }}" >> $GITHUB_ENV
echo "DEFAULT_BRANCH=${GITHUB_REF#refs/heads/}" >> $GITHUB_ENV
- name: Get Pull Requests
uses: octokit/graphql-action@v2.x
id: get_mergable_pull_requests
with:
query: |
query release($owner:String!,$repo:String!, $base_ref:String!) {
repository(owner:$owner, name:$repo) {
pullRequests(baseRefName: $base_ref, labels: ["commit-queue"], states: OPEN, last: 100) {
nodes {
number
}
}
}
}
owner: ${{ env.OWNER }}
repo: ${{ env.REPOSITORY }}
# Commit queue is only enabled for the default branch on the repository
base_ref: ${{ env.DEFAULT_BRANCH }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Configure node-core-utils
run: |
ncu-config set branch ${DEFAULT_BRANCH}
ncu-config set upstream origin
ncu-config set username "${{ secrets.GH_USER_NAME }}"
ncu-config set token "${{ secrets.GH_USER_TOKEN }}"
ncu-config set jenkins_token "${{ secrets.JENKINS_TOKEN }}"
ncu-config set repo "${REPOSITORY}"
ncu-config set owner "${OWNER}"
- name: Start the commit queue
run: ./tools/actions/commit-queue.sh ${OWNER} ${REPOSITORY} $(echo '${{ steps.get_mergable_pull_requests.outputs.data }}' | jq '.repository.pullRequests.nodes | map(.number) | .[]')
env:
GITHUB_TOKEN: ${{ secrets.GH_USER_TOKEN }}
Reference in New Issue View Git Blame Copy Permalink