12345678910111213141516171819202122232425262728293031323334353637383940414243444546 |
- name: Write changelog for dependabot PR
- on:
- pull_request:
- types:
- - opened
- - reopened # For debugging!
- permissions:
- # Needed to be able to push the commit. See
- # https://docs.github.com/en/code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions#enable-auto-merge-on-a-pull-request
- # for a similar example
- contents: write
- jobs:
- add-changelog:
- runs-on: 'ubuntu-latest'
- if: ${{ github.actor == 'dependabot[bot]' }}
- steps:
- - uses: actions/checkout@v3
- with:
- ref: ${{ github.event.pull_request.head.ref }}
- - name: Write, commit and push changelog
- run: |
- echo "${{ github.event.pull_request.title }}." > "changelog.d/${{ github.event.pull_request.number }}".misc
- git add changelog.d
- git config user.email "github-actions[bot]@users.noreply.github.com"
- git config user.name "GitHub Actions"
- git commit -m "Changelog"
- git push
- shell: bash
- # The `git push` above does not trigger CI on the dependabot PR.
- #
- # By default, workflows can't trigger other workflows when they're just using the
- # default `GITHUB_TOKEN` access token. (This is intended to stop you from writing
- # recursive workflow loops by accident, because that'll get very expensive very
- # quickly.) Instead, you have to manually call out to another workflow, or else
- # make your changes (i.e. the `git push` above) using a personal access token.
- # See
- # https://docs.github.com/en/actions/using-workflows/triggering-a-workflow#triggering-a-workflow-from-a-workflow
- #
- # I have tried and failed to find a way to trigger CI on the "merge ref" of the PR.
- # See git commit history for previous attempts. If anyone desperately wants to try
- # again in the future, make a matrix-bot account and use its access token to git push.
- # THIS WORKFLOW HAS WRITE PERMISSIONS---do not add other jobs here unless they
- # are sufficiently locked down to dependabot only as above.
|