Wiki source code of Create Automatically Updating Repo in GitHub

Version 2.5 by chrisby on 2025/04/22 14:33

version	line-number	content
2.2	1	### GitHub Actions
	2
	3	The GitHub actions are used for CI purposes. One job is auto update, which can be enabled as follows:
2.3	4
2.2	5	* Repo > Settings >
2.3	6	* General >
	7	* Pull Requests > enable "Allow auto-merge".
	8	* Branches > Add classic branch protection rule
	9	* Branch name pattern: main
	10	* Enable "Require status checks to pass before merging".
	11	* Actions > General > Workflow permissions > enable "Allow GitHub Actions to create and approve pull requests"
	12	* If option is greyed out, then probably the project policy is dictated by the repository policy. Simply do this in repository settings then.
2.2	13	* Copy the workflow file from this project. The key configs are the "permissions" to include "contents: write, pull-requests: write" and the "auto-merge" step.
	14
	15	If you don't need a private module from the same repository, you must delete the "Authenticate for private modules" job. Otherwise, the following steps are necessary:
2.3	16
2.2	17	* GitHub > Profile > Settings > Developer Settings > Personal Access Tokens > Tokens (classic) > Generate new token
2.3	18	* Name: ACTIONS_TOKEN
	19	* Select scopes: "repo"
	20	* Copy the token
2.2	21	* Repo > Settings > Secrets and variables > Actions > New repository secret >
2.3	22	* Name: MY_TOKEN
	23	* You need to set "environment: MY_TOKEN" in the workflow file to use its environment secrets
	24	* Environment Secrets > Add environment secret
	25	* Name: ACTIONS_TOKEN
	26	* Value:
2.2	27
	28	Add this to the workflow file:
	29
2.3	30	- name: Authenticate for private modules
	31	env:
	32	ACTIONS_TOKEN: ${{ secrets.ACTIONS_TOKEN }}
	33	run: \|
	34	git config --global url."https://${ACTIONS_TOKEN}:x-oauth-basic@github.com/".insteadOf "https://github.com/"
	35	go env -w GOPRIVATE=github.com/ocelot-cloud/*
2.2	36
2.4	37	This is a sample file how the weekly updates can be conducted via GitHub Actions. Create `.github/workflows/weekly-update.yml`:
	38
2.5	39	name: Weekly Update
	40
	41	on:
	42	schedule:
	43	- cron: '0 2 * * 3'
	44	workflow_dispatch:
	45
	46	permissions:
	47	contents: write
	48	pull-requests: write
	49
	50	jobs:
	51	weekly-update:
	52	runs-on: ubuntu-latest
	53	steps:
	54	- uses: actions/checkout@v4
	55
	56	- uses: ./.github/actions/setup
	57
	58	- name: Run ci-runner update
	59	run: \|
	60	go get -u ./...
	61	go mod tidy
	62	go build
	63	# execute the test suite to check whether the updates did not break anything
	64
	65	- name: Commit and create PR
	66	id: cpr
	67	uses: peter-evans/create-pull-request@v5
	68	with:
	69	commit-message: "chore: weekly ci-runner update"
	70	branch: weekly/ci-update
	71	title: "Weekly CI Runner Update"
	72	delete-branch: true
	73	token: ${{ secrets.GITHUB_TOKEN }}
	74
	75	- name: Enable Auto-Merge
	76	if: steps.cpr.outputs.pull-request-operation == 'created'
	77	uses: peter-evans/enable-pull-request-automerge@v3
	78	with:
	79	pull-request-number: ${{ steps.cpr.outputs.pull-request-number }}
	80	merge-method: squash
2.4	81
2.5	82	### Git Configuration
2.4	83
2.5	84	On your local PC, you need to tell the SDK to use SSH instead of HTTPS to get access.
2.4	85
2.3	86	git config --global url."ssh://git@github.com/".insteadOf "https://github.com/"
	87	go env -w GOPRIVATE=github.com/ocelot-cloud/*