GitHub Actions
The GitHub actions are used for CI purposes. One job is auto update, which can be enabled as follows:
- Repo > Settings >
- General >
- Pull Requests > enable "Allow auto-merge".
- Branches > Add classic branch protection rule
- Branch name pattern: main
- Enable "Require status checks to pass before merging".
- Actions > General > Workflow permissions > enable "Allow GitHub Actions to create and approve pull requests"
- If option is greyed out, then probably the project policy is dictated by the repository policy. Simply do this in repository settings then.
- General >
- Copy the workflow file from this project. The key configs are the "permissions" to include "contents: write, pull-requests: write" and the "auto-merge" step.
If you don't need a private module from the same repository, you must delete the "Authenticate for private modules" job. Otherwise, the following steps are necessary:
- GitHub > Profile > Settings > Developer Settings > Personal Access Tokens > Tokens (classic) > Generate new token
- Name: ACTIONS_TOKEN
- Select scopes: "repo"
- Copy the token
- Repo > Settings > Secrets and variables > Actions > New repository secret >
- Name: MY_TOKEN
- You need to set "environment: MY_TOKEN" in the workflow file to use its environment secrets
- Environment Secrets > Add environment secret
- Name: ACTIONS_TOKEN
- Value:
- Name: MY_TOKEN
Add this to the workflow file:
- name: Authenticate for private modules
env:
ACTIONS_TOKEN: ${{ secrets.ACTIONS_TOKEN }}
run: |
git config --global url."https://${ACTIONS_TOKEN}:x-oauth-basic@github.com/".insteadOf "https://github.com/"
go env -w GOPRIVATE=github.com/ocelot-cloud/*
env:
ACTIONS_TOKEN: ${{ secrets.ACTIONS_TOKEN }}
run: |
git config --global url."https://${ACTIONS_TOKEN}:x-oauth-basic@github.com/".insteadOf "https://github.com/"
go env -w GOPRIVATE=github.com/ocelot-cloud/*
This is a sample file how the weekly updates can be conducted via GitHub Actions. Create .github/workflows/weekly-update.yml:
name: Weekly Update
on:
schedule:
- cron: '0 2 * * 3'
workflow_dispatch:
permissions:
contents: write
pull-requests: write
jobs:
weekly-update:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: ./.github/actions/setup
- name: Run ci-runner update
run: |
go get -u ./...
go mod tidy
go build
# execute the test suite to check whether the updates did not break anything
- name: Commit and create PR
id: cpr
uses: peter-evans/create-pull-request@v5
with:
commit-message: "chore: weekly ci-runner update"
branch: weekly/ci-update
title: "Weekly CI Runner Update"
delete-branch: true
token: ${{ secrets.GITHUB_TOKEN }}
- name: Enable Auto-Merge
if: steps.cpr.outputs.pull-request-operation == 'created'
uses: peter-evans/enable-pull-request-automerge@v3
with:
pull-request-number: ${{ steps.cpr.outputs.pull-request-number }}
merge-method: squash
on:
schedule:
- cron: '0 2 * * 3'
workflow_dispatch:
permissions:
contents: write
pull-requests: write
jobs:
weekly-update:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: ./.github/actions/setup
- name: Run ci-runner update
run: |
go get -u ./...
go mod tidy
go build
# execute the test suite to check whether the updates did not break anything
- name: Commit and create PR
id: cpr
uses: peter-evans/create-pull-request@v5
with:
commit-message: "chore: weekly ci-runner update"
branch: weekly/ci-update
title: "Weekly CI Runner Update"
delete-branch: true
token: ${{ secrets.GITHUB_TOKEN }}
- name: Enable Auto-Merge
if: steps.cpr.outputs.pull-request-operation == 'created'
uses: peter-evans/enable-pull-request-automerge@v3
with:
pull-request-number: ${{ steps.cpr.outputs.pull-request-number }}
merge-method: squash
Private Go Repository Dependency
If you are developing with Go and need a private repository as a dependency, you need to tell the SDK to use SSH instead of HTTPS to get access.
git config --global url."ssh://git@github.com/".insteadOf "https://github.com/"
go env -w GOPRIVATE=github.com/ocelot-cloud/*
go env -w GOPRIVATE=github.com/ocelot-cloud/*