Home Explore Help
Sign In
RISCI_ATOM
/
synapse
mirror of https://github.com/matrix-org/synapse.git
1
0
Fork 0
Files Issues 3 Wiki
Tree: 59246802ab
Branches Tags
synapse
/
.github
/
workflows
/
dependabot_changelog.yml

dependabot_changelog.yml 2.1 KB
History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849 
  1. name: Write changelog for dependabot PR
    2. 

  2. on:
    3. 

  3.   pull_request:
    4. 

  4.     types:
    5. 

  5.       - opened
    6. 

  6.       - reopened  # For debugging!
    7. 

  7. 

  8. permissions:
    9. 

  9.   # Needed to be able to push the commit. See
    10. 

  10.   #     https://docs.github.com/en/code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions#enable-auto-merge-on-a-pull-request
    11. 

  11.   # for a similar example
    12. 

  12.   contents: write
    13. 

  13. 

  14. jobs:
    15. 

  15.   add-changelog:
    16. 

  16.     runs-on: 'ubuntu-latest'
    17. 

  17.     if: ${{ github.actor == 'dependabot[bot]' }}
    18. 

  18.     steps:
    19. 

  19.       - uses: actions/checkout@v3
    20. 

  20.         with:
    21. 

  21.           ref: ${{ github.event.pull_request.head.ref }}
    22. 

  22.       - name: Write, commit and push changelog
    23. 

  23.         env:
    24. 

  24.           PR_TITLE: ${{ github.event.pull_request.title }}
    25. 

  25.           PR_NUMBER: ${{ github.event.pull_request.number }}
    26. 

  26.         run: |
    27. 

  27.           echo "${PR_TITLE}." > "changelog.d/${PR_NUMBER}".misc
    28. 

  28.           git add changelog.d
    29. 

  29.           git config user.email "github-actions[bot]@users.noreply.github.com"
    30. 

  30.           git config user.name "GitHub Actions"
    31. 

  31.           git commit -m "Changelog"
    32. 

  32.           git push
    33. 

  33.         shell: bash
    34. 

  34.       # The `git push` above does not trigger CI on the dependabot PR.
    35. 

  35.       #
    36. 

  36.       # By default, workflows can't trigger other workflows when they're just using the
    37. 

  37.       # default `GITHUB_TOKEN` access token. (This is intended to stop you from writing
    38. 

  38.       # recursive workflow loops by accident, because that'll get very expensive very
    39. 

  39.       # quickly.) Instead, you have to manually call out to another workflow, or else
    40. 

  40.       # make your changes (i.e. the `git push` above) using a personal access token.
    41. 

  41.       # See
    42. 

  42.       # https://docs.github.com/en/actions/using-workflows/triggering-a-workflow#triggering-a-workflow-from-a-workflow
    43. 

  43.       #
    44. 

  44.       # I have tried and failed to find a way to trigger CI on the "merge ref" of the PR.
    45. 

  45.       # See git commit history for previous attempts. If anyone desperately wants to try
    46. 

  46.       # again in the future, make a matrix-bot account and use its access token to git push.
    47. 

  47. 

  48.   # THIS WORKFLOW HAS WRITE PERMISSIONS---do not add other jobs here unless they
    49. 

  49.   # are sufficiently locked down to dependabot only as above.
    50.