Using PAT with limited scope #40
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Check PR | |
| on: | |
| pull_request: | |
| branches: | |
| - main | |
| jobs: | |
| check: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: write | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Get changed files | |
| id: changed-files | |
| uses: tj-actions/changed-files@v44 | |
| with: | |
| files_ignore: | | |
| README.md | |
| ci/** | |
| .github/** | |
| - name: List all changed files | |
| id: list_changed_files | |
| env: | |
| ALL_CHANGED_FILES: ${{ steps.changed-files.outputs.all_changed_files }} | |
| ALL_MODIFIED_FILES_COUNT: ${{ steps.changed-files.outputs.all_modified_files_count }} | |
| run: | | |
| echo "${ALL_MODIFIED_FILES_COUNT} files" | |
| for file in ${ALL_CHANGED_FILES}; do | |
| echo "$file was changed" | |
| done | |
| - name: auto_pass | |
| if: steps.changed-files.outputs.all_modified_files_count == '0' | |
| id: check_if_only_ignored | |
| run: | | |
| echo "Version bump not required." > comment.txt | |
| exit 0 | |
| - name: Get version from file | |
| if: steps.changed-files.outputs.all_modified_files_count != '0' | |
| id: get_version | |
| run: echo "version=$(cat VERSION)" >> $GITHUB_OUTPUT | |
| - name: 'Get Previous tag' | |
| if: steps.changed-files.outputs.all_modified_files_count != '0' | |
| id: previoustag | |
| uses: "WyriHaximus/[email protected]" | |
| - name: Checking for version bump | |
| if: steps.changed-files.outputs.all_modified_files_count != '0' | |
| id: check_vbump | |
| run: | | |
| LAST_TAG="${{ steps.previoustag.outputs.tag }}" | |
| NEW_TAG="v${{ steps.get_version.outputs.version }}" | |
| RESULT=$(ci/assets/checksemver.sh ${NEW_TAG} ${LAST_TAG}) | |
| if [ "${RESULT}" == "1" ]; then | |
| echo "Version bump found." > comment.txt | |
| exit 0 | |
| elif [ "${RESULT}" == "0" ]; then | |
| echo "Version bump did not happen. ${LAST_TAG} is the same as ${NEW_TAG}" > comment.txt | |
| exit 1 | |
| else | |
| echo "Version bump did not happen. ${LAST_TAG} is higher than ${NEW_TAG}" > comment.txt | |
| exit 1 | |
| fi | |
| - name: Upload html diff ⬆️ | |
| id: artifact-upload | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: CommentMsg | |
| path: comment.txt | |
| retention-days: 7 | |
| - name: Dispatch information to repository 🗣️ | |
| uses: peter-evans/repository-dispatch@v2 | |
| with: | |
| token: ${{ secrets.TOKENFORCOMMENT }} | |
| repository: typositoire/concourse-helm3-resource | |
| event-type: pr-comment | |
| client-payload: '{"pr_number": "${{ github.event.number }}", "artifact_url": "${{ steps.artifact-upload.outputs.artifact-url }}", "run_id": "${{ github.run_id }}"}' | |