-
Notifications
You must be signed in to change notification settings - Fork 326
57 lines (48 loc) · 2.33 KB
/
permissions-tables-generation-pr.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
# This action will automatically create a pull request against master if the pushed branch
# has a branch path spec like permissions-tables-update/*.
name: "Permissions Tables Generation Pull Request"
# Controls when the action will run. Triggers the workflow on push
# events but only for branches with the following branch spec: "permissions-tables-update/*"
on:
push:
branches:
- "permissions-tables-update/*"
permissions:
contents: read # to fetch code (actions/checkout)
jobs:
create-pull-request:
# GitHub Actions don't support skip ci yet like Azure Pipelines so this check will do the same.
if: github.event_name == 'push' && !contains(toJson(github.event.commits), 'NO_CI') && !contains(toJson(github.event.commits), '[ci skip]') && !contains(toJson(github.event.commits), '[skip ci]')
runs-on: ubuntu-latest # https://github.com/actions/virtual-environments/blob/master/images/linux/Ubuntu1804-README.md
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 10 # number of commits to fetch so that we can query history
- name: Get token
id: get_token
uses: microsoftgraph/[email protected]
with:
application-id: ${{ secrets.APPLICATION_ID }}
application-private-key: ${{ secrets.APPLICATION_PRIVATE_KEY }}
# Create a pull request [0]
- name: Create PR using the GitHub REST API via hub
shell: bash
env:
GITHUB_TOKEN: ${{ steps.get_token.outputs.app-token }}
MESSAGE_TITLE: "Permissions tables update"
MESSAGE_BODY: "Scheduled permissions tables update"
REVIEWERS: millicentachieng
ASSIGNEDTO: millicentachieng
BASE: main
run: |
git fetch origin main
commitCount=`git rev-list origin/main.. --count`
if [ $commitCount == 1 ]; then
curl -fsSL https://github.com/github/hub/raw/master/script/get | bash -s 2.14.1
bin/hub pull-request -b "$BASE" -h "$GITHUB_REF" -m "$MESSAGE_TITLE" -m "$MESSAGE_BODY" -r "$REVIEWERS" -a "$ASSIGNEDTO"
else
echo "this is a subsequent commit to the permissions-tables-update branch, so ignoring PR generation request.."
fi
# References
# [0] https://hub.github.com/hub-pull-request.1.html
# https://help.github.com/en/actions/configuring-and-managing-workflows/authenticating-with-the-github_token