|
1 | | -name: Update Nock files |
| 1 | +name: Update Nock file |
2 | 2 |
|
3 | 3 | on: |
4 | 4 | workflow_dispatch: |
|
11 | 11 | description: Commit SHA of the head of the PR branch (only required for PRs from forks) |
12 | 12 | type: string |
13 | 13 | required: false |
| 14 | + fix_conflicts: |
| 15 | + description: Tick this if there are conflicts on the nock file on the targeted PR |
| 16 | + type: boolean |
| 17 | + required: false |
14 | 18 |
|
15 | 19 | env: |
16 | 20 | YARN_ENABLE_GLOBAL_CACHE: false |
17 | 21 |
|
| 22 | +permissions: |
| 23 | + contents: read |
| 24 | + |
18 | 25 | jobs: |
19 | 26 | build-and-update-nock-files: |
20 | 27 | permissions: |
21 | 28 | contents: write |
| 29 | + pull-requests: read |
22 | 30 | runs-on: ubuntu-latest |
23 | 31 |
|
24 | 32 | steps: |
25 | | - - name: Get PR info |
26 | | - id: pr_info |
| 33 | + - name: Reject if SHA was not provided for PR from forks |
| 34 | + if: ${{ !inputs.head_sha }} |
27 | 35 | run: | |
28 | | - { |
29 | | - echo 'DATA<<""EOF""' |
30 | | - gh api \ |
31 | | - -H "Accept: application/vnd.github+json" \ |
32 | | - /repos/${{ github.repository }}/pulls/${{ inputs.pr_id }} \ |
33 | | - --jq '{ repo: .head.repo.full_name, clone_url: .head.repo.clone_url, head_sha: .head.sha, head_ref: .head.ref }' |
34 | | - echo '""EOF""' |
35 | | - } >> "$GITHUB_OUTPUT" |
| 36 | + set -x |
| 37 | + [ "$(gh pr view "$GITHUB_SERVER/$GITHUB_REPOSITORY/pull/$PR_ID" \ |
| 38 | + --json headRepositoryOwner --jq '.headRepositoryOwner.name') = "$GITHUB_REPOSITORY_OWNER" ] |
36 | 39 | env: |
| 40 | + PR_ID: ${{ inputs.pr_id }} |
37 | 41 | GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} |
38 | | - - name: Validate HEAD SHA |
39 | | - if: ${{ fromJson(steps.pr_info.outputs.DATA).repo != github.repository || inputs.head_sha }} |
40 | | - run: > |
41 | | - [[ "$EXPECTED" == "$ACTUAL" ]] || exit 1 |
42 | | - env: |
43 | | - ACTUAL: ${{ fromJson(steps.pr_info.outputs.DATA).head_sha }} |
44 | | - EXPECTED: ${{ inputs.head_sha }} |
45 | 42 |
|
46 | 43 | - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 |
47 | 44 | with: |
48 | | - ref: ${{ fromJson(steps.pr_info.outputs.DATA).head_sha }} |
| 45 | + ref: refs/pulls/${{ inputs.pr_id }}/head |
| 46 | + |
| 47 | + - name: Verify if provided SHA matches PR head |
| 48 | + if: ${{ inputs.head_sha }} |
| 49 | + run: | |
| 50 | + set -x |
| 51 | + [ "$EXPECTED" = "$(git rev-parse HEAD)" ] |
| 52 | + env: |
| 53 | + EXPECTED: ${{ inputs.head_sha }} |
| 54 | + |
| 55 | + - name: Git config |
| 56 | + run: | |
| 57 | + git config --global user.email "41898282+github-actions[bot]@users.noreply.github.com" |
| 58 | + git config --global user.name "github-actions[bot]" |
| 59 | +
|
| 60 | + - name: Merge base branch |
| 61 | + if: ${{ inputs.fix_conflicts }} |
| 62 | + run: | |
| 63 | + git fetch "$GITHUB_SERVER/$GITHUB_REPOSITORY.git" HEAD |
| 64 | + git merge FETCH_HEAD --no-edit -s ours |
49 | 65 |
|
50 | 66 | - name: Install Node |
51 | 67 | uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0 |
@@ -90,16 +106,11 @@ jobs: |
90 | 106 | if: ${{ steps.contains-changes.outputs.result == 'yes' }} |
91 | 107 | run: | |
92 | 108 | git add tests/nocks.db |
93 | | - git config --global user.email "actions@github.com" |
94 | | - git config --global user.name "GitHub Actions" |
95 | 109 | git commit -m "update Nock files" |
96 | 110 |
|
97 | 111 | - name: Push changes |
98 | | - if: ${{ steps.contains-changes.outputs.result == 'yes' }} |
99 | | - run: git push "$REMOTE" "HEAD:refs/heads/$REMOTE_REF" |
100 | | - env: |
101 | | - REMOTE: ${{ fromJson(steps.pr_info.outputs.DATA).clone_url }} |
102 | | - REMOTE_REF: ${{ fromJson(steps.pr_info.outputs.DATA).head_ref }} |
| 112 | + if: ${{ steps.contains-changes.outputs.result == 'yes' || inputs.fix_conflicts }} |
| 113 | + run: git push |
103 | 114 |
|
104 | 115 | - name: Upload `tests/nocks.db` in case of failure |
105 | 116 | uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 |
|
0 commit comments