Wiki source code of Create Automatically Updating Repo in GitHub
Show last authors
| author | version | line-number | content |
|---|---|---|---|
| 1 | ### GitHub Actions | ||
| 2 | |||
| 3 | The GitHub actions are used for CI purposes. One job is auto update, which can be enabled as follows: | ||
| 4 | |||
| 5 | * Repo > Settings > | ||
| 6 | * General > | ||
| 7 | * Pull Requests > enable "Allow auto-merge". | ||
| 8 | * Branches > Add classic branch protection rule | ||
| 9 | * Branch name pattern: main | ||
| 10 | * Enable "Require status checks to pass before merging". | ||
| 11 | * Actions > General > Workflow permissions > enable "Allow GitHub Actions to create and approve pull requests" | ||
| 12 | * If option is greyed out, then probably the project policy is dictated by the repository policy. Simply do this in repository settings then. | ||
| 13 | * Copy the workflow file from this project. The key configs are the "permissions" to include "contents: write, pull-requests: write" and the "auto-merge" step. | ||
| 14 | |||
| 15 | If you don't need a private module from the same repository, you must delete the "Authenticate for private modules" job. Otherwise, the following steps are necessary: | ||
| 16 | |||
| 17 | * GitHub > Profile > Settings > Developer Settings > Personal Access Tokens > Tokens (classic) > Generate new token | ||
| 18 | * Name: ACTIONS_TOKEN | ||
| 19 | * Select scopes: "repo" | ||
| 20 | * Copy the token | ||
| 21 | * Repo > Settings > Secrets and variables > Actions > New repository secret > | ||
| 22 | * Name: MY_TOKEN | ||
| 23 | * You need to set "environment: MY_TOKEN" in the workflow file to use its environment secrets | ||
| 24 | * Environment Secrets > Add environment secret | ||
| 25 | * Name: ACTIONS_TOKEN | ||
| 26 | * Value: | ||
| 27 | |||
| 28 | Add this to the workflow file: | ||
| 29 | |||
| 30 | - name: Authenticate for private modules | ||
| 31 | env: | ||
| 32 | ACTIONS_TOKEN: ${{ secrets.ACTIONS_TOKEN }} | ||
| 33 | run: | | ||
| 34 | git config --global url."https://${ACTIONS_TOKEN}:x-oauth-basic@github.com/".insteadOf "https://github.com/" | ||
| 35 | go env -w GOPRIVATE=github.com/ocelot-cloud/* | ||
| 36 | |||
| 37 | This is a sample file how the weekly updates can be conducted via GitHub Actions. Create `.github/workflows/weekly-update.yml`: | ||
| 38 | |||
| 39 | name: Weekly Update | ||
| 40 | |||
| 41 | on: | ||
| 42 | schedule: | ||
| 43 | - cron: '0 2 * * 3' | ||
| 44 | workflow_dispatch: | ||
| 45 | |||
| 46 | permissions: | ||
| 47 | contents: write | ||
| 48 | pull-requests: write | ||
| 49 | |||
| 50 | jobs: | ||
| 51 | weekly-update: | ||
| 52 | runs-on: ubuntu-latest | ||
| 53 | steps: | ||
| 54 | - uses: actions/checkout@v4 | ||
| 55 | |||
| 56 | - uses: ./.github/actions/setup | ||
| 57 | |||
| 58 | - name: Run ci-runner update | ||
| 59 | run: | | ||
| 60 | go get -u ./... | ||
| 61 | go mod tidy | ||
| 62 | go build | ||
| 63 | # execute the test suite to check whether the updates did not break anything | ||
| 64 | |||
| 65 | - name: Commit and create PR | ||
| 66 | id: cpr | ||
| 67 | uses: peter-evans/create-pull-request@v5 | ||
| 68 | with: | ||
| 69 | commit-message: "chore: weekly ci-runner update" | ||
| 70 | branch: weekly/ci-update | ||
| 71 | title: "Weekly CI Runner Update" | ||
| 72 | delete-branch: true | ||
| 73 | token: ${{ secrets.GITHUB_TOKEN }} | ||
| 74 | |||
| 75 | - name: Enable Auto-Merge | ||
| 76 | if: steps.cpr.outputs.pull-request-operation == 'created' | ||
| 77 | uses: peter-evans/enable-pull-request-automerge@v3 | ||
| 78 | with: | ||
| 79 | pull-request-number: ${{ steps.cpr.outputs.pull-request-number }} | ||
| 80 | merge-method: squash | ||
| 81 | |||
| 82 | ### Git Configuration | ||
| 83 | |||
| 84 | On your local PC, you need to tell the SDK to use SSH instead of HTTPS to get access. | ||
| 85 | |||
| 86 | git config --global url."ssh://git@github.com/".insteadOf "https://github.com/" | ||
| 87 | go env -w GOPRIVATE=github.com/ocelot-cloud/* |