Skip to Content
Last modified by chrisby on 2025/04/22 14:54
From version 2.6
edited by chrisby
on 2025/04/22 14:54
Change comment: There is no comment for this version
To version 2.2
edited by chrisby
on 2025/04/22 14:13
Change comment: There is no comment for this version

Summary

Details

Page properties
Content
... ... @@ -1,92 +2,45 @@
1 -### Use Case
2 2  
3 -* Private GitHub repo, with other private repositories as dependencies
4 -* Need for fully automated dependency updates, including testing and merging them to main branch
5 -
6 6  ### GitHub Actions
7 7  
8 8  The GitHub actions are used for CI purposes. One job is auto update, which can be enabled as follows:
9 -
10 10  * Repo > Settings >
11 - * General >
12 - * Pull Requests > enable "Allow auto-merge".
13 - * Branches > Add classic branch protection rule
14 - * Branch name pattern: main
15 - * Enable "Require status checks to pass before merging".
16 - * Actions > General > Workflow permissions > enable "Allow GitHub Actions to create and approve pull requests"
17 - * If option is greyed out, then probably the project policy is dictated by the repository policy. Simply do this in repository settings then.
6 + * General >
7 + * Pull Requests > enable "Allow auto-merge".
8 + * Branches > Add classic branch protection rule
9 + * Branch name pattern: main
10 + * Enable "Require status checks to pass before merging".
11 + * Actions > General > Workflow permissions > enable "Allow GitHub Actions to create and approve pull requests"
12 + * If option is greyed out, then probably the project policy is dictated by the repository policy. Simply do this in repository settings then.
18 18  * Copy the workflow file from this project. The key configs are the "permissions" to include "contents: write, pull-requests: write" and the "auto-merge" step.
19 19  
20 20  If you don't need a private module from the same repository, you must delete the "Authenticate for private modules" job. Otherwise, the following steps are necessary:
21 -
22 22  * GitHub > Profile > Settings > Developer Settings > Personal Access Tokens > Tokens (classic) > Generate new token
23 - * Name: ACTIONS_TOKEN
24 - * Select scopes: "repo"
25 - * Copy the token
17 + * Name: ACTIONS_TOKEN
18 + * Select scopes: "repo"
19 + * Copy the token
26 26  * Repo > Settings > Secrets and variables > Actions > New repository secret >
27 - * Name: MY_TOKEN
28 - * You need to set "environment: MY_TOKEN" in the workflow file to use its environment secrets
29 - * Environment Secrets > Add environment secret
30 - * Name: ACTIONS_TOKEN
31 - * Value:
21 + * Name: MY_TOKEN
22 + * You need to set "environment: MY_TOKEN" in the workflow file to use its environment secrets
23 + * Environment Secrets > Add environment secret
24 + * Name: ACTIONS_TOKEN
25 + * Value: <the token you copied before>
32 32  
33 33  Add this to the workflow file:
34 34  
35 - - name: Authenticate for private modules
36 - env:
37 - ACTIONS_TOKEN: ${{ secrets.ACTIONS_TOKEN }}
38 - run: |
39 - git config --global url."https://${ACTIONS_TOKEN}:x-oauth-basic@github.com/".insteadOf "https://github.com/"
40 - go env -w GOPRIVATE=github.com/ocelot-cloud/*
29 +```yaml
30 + - name: Authenticate for private modules
31 + env:
32 + ACTIONS_TOKEN: ${{ secrets.ACTIONS_TOKEN }}
33 + run: |
34 + git config --global url."https://${ACTIONS_TOKEN}:x-oauth-basic@github.com/".insteadOf "https://github.com/"
35 + go env -w GOPRIVATE=github.com/ocelot-cloud/*
36 +```
41 41  
42 -This is a sample file how the weekly updates can be conducted via GitHub Actions. Create `.github/workflows/weekly-update.yml`:
38 +### Private Go Repository Dependency
43 43  
44 - name: Weekly Update
45 -
46 - on:
47 - schedule:
48 - - cron: '0 2 * * 3'
49 - workflow_dispatch:
50 -
51 - permissions:
52 - contents: write
53 - pull-requests: write
54 -
55 - jobs:
56 - weekly-update:
57 - runs-on: ubuntu-latest
58 - steps:
59 - - uses: actions/checkout@v4
60 -
61 - - uses: ./.github/actions/setup
62 -
63 - - name: Run ci-runner update
64 - run: |
65 - go get -u ./...
66 - go mod tidy
67 - go build
68 - # execute the test suite to check whether the updates did not break anything
69 -
70 - - name: Commit and create PR
71 - id: cpr
72 - uses: peter-evans/create-pull-request@v5
73 - with:
74 - commit-message: "chore: weekly ci-runner update"
75 - branch: weekly/ci-update
76 - title: "Weekly CI Runner Update"
77 - delete-branch: true
78 - token: ${{ secrets.GITHUB_TOKEN }}
79 -
80 - - name: Enable Auto-Merge
81 - if: steps.cpr.outputs.pull-request-operation == 'created'
82 - uses: peter-evans/enable-pull-request-automerge@v3
83 - with:
84 - pull-request-number: ${{ steps.cpr.outputs.pull-request-number }}
85 - merge-method: squash
40 +If you are developing with Go and need a private repository as a dependency, you need to tell the SDK to use SSH instead of HTTPS to get access.
86 86  
87 -### Git Configuration
88 -
89 -On your local PC, you need to tell the SDK to use SSH instead of HTTPS to get access.
90 -
91 - git config --global url."ssh://git@github.com/".insteadOf "https://github.com/"
92 - go env -w GOPRIVATE=github.com/ocelot-cloud/*
42 +```bash
43 +git config --global url."ssh://git@github.com/".insteadOf "https://github.com/"
44 +go env -w GOPRIVATE=github.com/ocelot-cloud/*
45 +```