From 0049e3fa4059ca715255fbbcb7dea4516f02ce0a Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Wed, 26 Oct 2022 18:55:42 +0200 Subject: [PATCH 001/127] Use deprecated set-output syntax if GITHUB_OUTPUT environment is not available (#255) * Fallback to set-output if GITHUB_OUTPUT not available * Add Tests to cover old syntax --- entrypoint.sh | 25 ++++++++++++++++++--- tests/git-auto-commit.bats | 46 +++++++++++++++++++++++++++++++++++++- 2 files changed, 67 insertions(+), 4 deletions(-) diff --git a/entrypoint.sh b/entrypoint.sh index 026b8791..fc8ba436 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -11,7 +11,13 @@ _main() { if _git_is_dirty || "$INPUT_SKIP_DIRTY_CHECK"; then - echo "changes_detected=true" >> $GITHUB_OUTPUT; + # Check if $GITHUB_OUTPUT is available + # (Feature detection will be removed in late December 2022) + if [ -z ${GITHUB_OUTPUT+x} ]; then + echo "::set-output name=changes_detected::true"; + else + echo "changes_detected=true" >> $GITHUB_OUTPUT; + fi _switch_to_branch @@ -24,7 +30,13 @@ _main() { _push_to_github else - echo "changes_detected=false" >> $GITHUB_OUTPUT; + # Check if $GITHUB_OUTPUT is available + # (Feature detection will be removed in late December 2022) + if [ -z ${GITHUB_OUTPUT+x} ]; then + echo "::set-output name=changes_detected::false"; + else + echo "changes_detected=false" >> $GITHUB_OUTPUT; + fi echo "Working tree clean. Nothing to commit."; fi @@ -101,7 +113,14 @@ _local_commit() { --author="$INPUT_COMMIT_AUTHOR" \ ${INPUT_COMMIT_OPTIONS:+"${INPUT_COMMIT_OPTIONS_ARRAY[@]}"}; - echo "commit_hash=$(git rev-parse HEAD)" >> $GITHUB_OUTPUT; + + # Check if $GITHUB_OUTPUT is available + # (Feature detection will be removed in late December 2022) + if [ -z ${GITHUB_OUTPUT+x} ]; then + echo "::set-output name=commit_hash::$(git rev-parse HEAD)"; + else + echo "commit_hash=$(git rev-parse HEAD)" >> $GITHUB_OUTPUT; + fi } _tag_commit() { diff --git a/tests/git-auto-commit.bats b/tests/git-auto-commit.bats index 61fc407a..f0b23245 100644 --- a/tests/git-auto-commit.bats +++ b/tests/git-auto-commit.bats @@ -57,7 +57,12 @@ teardown() { rm -rf "${FAKE_LOCAL_REPOSITORY}" rm -rf "${FAKE_REMOTE}" rm -rf "${FAKE_TEMP_LOCAL_REPOSITORY}" - rm "${GITHUB_OUTPUT}" + + if [ -z ${GITHUB_OUTPUT+x} ]; then + echo "GITHUB_OUTPUT is not set" + else + rm "${GITHUB_OUTPUT}" + fi } # Create a fake remote repository which tests can push against @@ -997,3 +1002,42 @@ cat_github_output() { refute_line --partial "new-file-2.txt" refute_line --partial "new-file-3.txt" } + + +@test "It uses old set-output syntax if GITHUB_OUTPUT environment is not available when changes are committed" { + unset GITHUB_OUTPUT + + touch "${FAKE_LOCAL_REPOSITORY}"/new-file-{1,2,3}.txt + + run git_auto_commit + + assert_success + + assert_line "INPUT_REPOSITORY value: ${INPUT_REPOSITORY}" + assert_line "INPUT_BRANCH value: ${FAKE_DEFAULT_BRANCH}" + assert_line "INPUT_FILE_PATTERN: ." + assert_line "INPUT_COMMIT_OPTIONS: " + assert_line "::debug::Apply commit options " + assert_line "INPUT_TAGGING_MESSAGE: " + assert_line "No tagging message supplied. No tag will be added." + assert_line "INPUT_PUSH_OPTIONS: " + assert_line "::debug::Apply push options " + assert_line "::debug::Push commit to remote branch ${FAKE_DEFAULT_BRANCH}" + + assert_line "::set-output name=changes_detected::true" + assert_line -e "::set-output name=commit_hash::[0-9a-f]{40}$" +} + +@test "It uses old set-output syntax if GITHUB_OUTPUT environment is not available when no changes have been detected" { + unset GITHUB_OUTPUT + + run git_auto_commit + + assert_success + + assert_line "INPUT_REPOSITORY value: ${INPUT_REPOSITORY}" + assert_line "Working tree clean. Nothing to commit." + + assert_line "::set-output name=changes_detected::false" + refute_line -e "::set-output name=commit_hash::[0-9a-f]{40}$" +} From 393fea59ef5a2abd01392e79a8270682226ddf04 Mon Sep 17 00:00:00 2001 From: stefanzweifel Date: Wed, 26 Oct 2022 16:57:18 +0000 Subject: [PATCH 002/127] Update CHANGELOG --- CHANGELOG.md | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index d7244c87..5d702073 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,10 +5,16 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html). -## [Unreleased](https://github.com/stefanzweifel/git-auto-commit-action/compare/v4.15.2...HEAD) +## [Unreleased](https://github.com/stefanzweifel/git-auto-commit-action/compare/v4.15.3...HEAD) > TBD +## [v4.15.3](https://github.com/stefanzweifel/git-auto-commit-action/compare/v4.15.2...v4.15.3) - 2022-10-26 + +### Changed + +- Use deprecated set-output syntax if GITHUB_OUTPUT environment is not available ([#255](https://github.com/stefanzweifel/git-auto-commit-action/pull/255)) [@stefanzweifel](https://github.com/@stefanzweifel) + ## [v4.15.2](https://github.com/stefanzweifel/git-auto-commit-action/compare/v4.15.1...v4.15.2) - 2022-10-22 ### Changed From 38864a638f5566c1499a79a33f1eead7a49770cb Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Wed, 26 Oct 2022 19:02:41 +0200 Subject: [PATCH 003/127] Create dependabot.yml --- .github/dependabot.yml | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 .github/dependabot.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 00000000..782a0ad7 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,10 @@ +version: 2 +updates: + - package-ecosystem: "npm" + directory: "/" + schedule: + interval: "weekly" + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "weekly" From 021a6363fa4b642fd389ad43257c695985831f3a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 26 Oct 2022 19:03:57 +0200 Subject: [PATCH 004/127] Bump actions/checkout from 2 to 3 (#257) Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v2...v3) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/git-auto-commit.yml | 2 +- .github/workflows/linter.yml | 2 +- .github/workflows/tests.yml | 2 +- .github/workflows/update-changelog.yaml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/git-auto-commit.yml b/.github/workflows/git-auto-commit.yml index f3265f52..038521e4 100644 --- a/.github/workflows/git-auto-commit.yml +++ b/.github/workflows/git-auto-commit.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Use git-auto-commit-action id: "auto-commit-action" diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml index 57d44fdc..086f4c83 100644 --- a/.github/workflows/linter.yml +++ b/.github/workflows/linter.yml @@ -9,7 +9,7 @@ jobs: steps: - name: Checkout Code - uses: actions/checkout@v2 + uses: actions/checkout@v3 - name: Lint Code Base uses: github/super-linter@v3 diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 0f5808a3..48f3a84b 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Install testing dependencies run: yarn install diff --git a/.github/workflows/update-changelog.yaml b/.github/workflows/update-changelog.yaml index ddeaa42b..a5d65093 100644 --- a/.github/workflows/update-changelog.yaml +++ b/.github/workflows/update-changelog.yaml @@ -10,7 +10,7 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@v2 + uses: actions/checkout@v3 with: ref: master From f16613020889d152b7e58a4fb8be93614e9e8825 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 26 Oct 2022 19:04:33 +0200 Subject: [PATCH 005/127] Bump bats from 1.7.0 to 1.8.2 (#259) Bumps [bats](https://github.com/bats-core/bats-core) from 1.7.0 to 1.8.2. - [Release notes](https://github.com/bats-core/bats-core/releases) - [Changelog](https://github.com/bats-core/bats-core/blob/master/docs/CHANGELOG.md) - [Commits](https://github.com/bats-core/bats-core/compare/v1.7.0...v1.8.2) --- updated-dependencies: - dependency-name: bats dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- package.json | 2 +- yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package.json b/package.json index 21ea2e23..b012db72 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "devDependencies": { - "bats": "^1.1.0", + "bats": "^1.8.2", "bats-assert": "ztombol/bats-assert", "bats-support": "ztombol/bats-support" }, diff --git a/yarn.lock b/yarn.lock index efbe05d5..dad53d06 100644 --- a/yarn.lock +++ b/yarn.lock @@ -10,7 +10,7 @@ bats-support@ztombol/bats-support: version "0.3.0" resolved "https://codeload.github.com/ztombol/bats-support/tar.gz/004e707638eedd62e0481e8cdc9223ad471f12ee" -bats@^1.1.0: - version "1.7.0" - resolved "https://registry.yarnpkg.com/bats/-/bats-1.7.0.tgz#caae958b1d211eda6b1322ac7792515de40165a2" - integrity sha512-pt5zjJQUB4+JI8Si+z/IAWc8yhMyhdZs6IXMCKgzF768dUIyW5xyBstWtDI5uGSa80v7UQOhh+w0GA4p4+01Bg== +bats@^1.8.2: + version "1.8.2" + resolved "https://registry.yarnpkg.com/bats/-/bats-1.8.2.tgz#bdbaa7690a18f04291b35144a8ce5435cffb8dc5" + integrity sha512-KLUIaPYuIMjqui8MbZmK84+CiwhjFVFAhFy5PXP0prLbkovc5faVzc+Qaowbz76F97zP573JrF31ODFAH7vzhg== From 7106b2184ab582ac5e5bc2099c8b6b195b81d706 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 26 Oct 2022 19:05:48 +0200 Subject: [PATCH 006/127] Bump github/super-linter from 3 to 4 (#258) Bumps [github/super-linter](https://github.com/github/super-linter) from 3 to 4. - [Release notes](https://github.com/github/super-linter/releases) - [Changelog](https://github.com/github/super-linter/blob/main/docs/release-process.md) - [Commits](https://github.com/github/super-linter/compare/v3...v4) --- updated-dependencies: - dependency-name: github/super-linter dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/linter.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml index 086f4c83..a01cc3fa 100644 --- a/.github/workflows/linter.yml +++ b/.github/workflows/linter.yml @@ -12,7 +12,7 @@ jobs: uses: actions/checkout@v3 - name: Lint Code Base - uses: github/super-linter@v3 + uses: github/super-linter@v4 env: VALIDATE_ALL_CODEBASE: false VALIDATE_MARKDOWN: false From 0b007fbd1180b8e3a3668b21c6517392fe8f26eb Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Sat, 5 Nov 2022 11:53:46 +0100 Subject: [PATCH 007/127] Let Action fail if git binary can't be located (#261) * Check if git binary exists * Add Tests --- action.yml | 3 +++ entrypoint.sh | 10 ++++++++++ tests/git-auto-commit.bats | 12 ++++++++++++ 3 files changed, 25 insertions(+) diff --git a/action.yml b/action.yml index 64797216..4e745269 100644 --- a/action.yml +++ b/action.yml @@ -70,6 +70,9 @@ inputs: create_branch: description: Create new branch with the name of `branch`-input in local and remote repository, if it doesn't exist yet. default: false + internal_git_binary: + description: Internal use only! Path to git binary used to check if git is available. (Don't change this!) + default: git outputs: changes_detected: diff --git a/entrypoint.sh b/entrypoint.sh index fc8ba436..52449a64 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -7,6 +7,8 @@ if "$INPUT_DISABLE_GLOBBING"; then fi _main() { + _check_if_git_is_available + _switch_to_repository if _git_is_dirty || "$INPUT_SKIP_DIRTY_CHECK"; then @@ -42,6 +44,14 @@ _main() { fi } +_check_if_git_is_available() { + if hash -- "$INPUT_INTERNAL_GIT_BINARY" 2> /dev/null; then + echo "::debug::git binary found."; + else + echo "::error ::git-auto-commit could not find git binary. Please make sure git is available." + exit 1; + fi +} _switch_to_repository() { echo "INPUT_REPOSITORY value: $INPUT_REPOSITORY"; diff --git a/tests/git-auto-commit.bats b/tests/git-auto-commit.bats index f0b23245..92a3434e 100644 --- a/tests/git-auto-commit.bats +++ b/tests/git-auto-commit.bats @@ -37,6 +37,7 @@ setup() { export INPUT_SKIP_CHECKOUT=false export INPUT_DISABLE_GLOBBING=false export INPUT_CREATE_BRANCH=false + export INPUT_INTERNAL_GIT_BINARY=git # Set GitHub environment variables used by the GitHub Action temp_github_output_file=$(mktemp -t github_output_test.XXXXX) @@ -1041,3 +1042,14 @@ cat_github_output() { assert_line "::set-output name=changes_detected::false" refute_line -e "::set-output name=commit_hash::[0-9a-f]{40}$" } + +@test "It fails hard if git is not available" { + INPUT_INTERNAL_GIT_BINARY=binary-does-not-exist + + touch "${FAKE_LOCAL_REPOSITORY}"/new-file-{1,2,3}.txt + + run git_auto_commit + + assert_failure; + assert_line "::error ::git-auto-commit could not find git binary. Please make sure git is available." +} From 3dce995a134560077670102252dbfc19025f8af6 Mon Sep 17 00:00:00 2001 From: stefanzweifel Date: Sat, 5 Nov 2022 10:56:08 +0000 Subject: [PATCH 008/127] Update CHANGELOG --- CHANGELOG.md | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 5d702073..8238615a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,10 +5,22 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html). -## [Unreleased](https://github.com/stefanzweifel/git-auto-commit-action/compare/v4.15.3...HEAD) +## [Unreleased](https://github.com/stefanzweifel/git-auto-commit-action/compare/v4.15.4...HEAD) > TBD +## [v4.15.4](https://github.com/stefanzweifel/git-auto-commit-action/compare/v4.15.3...v4.15.4) - 2022-11-05 + +### Fixed + +- Let Action fail if git binary can't be located ([#261](https://github.com/stefanzweifel/git-auto-commit-action/pull/261)) [@stefanzweifel](https://github.com/@stefanzweifel) + +### Dependency Updates + +- Bump github/super-linter from 3 to 4 ([#258](https://github.com/stefanzweifel/git-auto-commit-action/pull/258)) [@dependabot](https://github.com/@dependabot) +- Bump bats from 1.7.0 to 1.8.2 ([#259](https://github.com/stefanzweifel/git-auto-commit-action/pull/259)) [@dependabot](https://github.com/@dependabot) +- Bump actions/checkout from 2 to 3 ([#257](https://github.com/stefanzweifel/git-auto-commit-action/pull/257)) [@dependabot](https://github.com/@dependabot) + ## [v4.15.3](https://github.com/stefanzweifel/git-auto-commit-action/compare/v4.15.2...v4.15.3) - 2022-10-26 ### Changed From ebb57560423c39cbe37e0620f5653ed953658014 Mon Sep 17 00:00:00 2001 From: Teko <112829523+Teko012@users.noreply.github.com> Date: Sun, 13 Nov 2022 10:06:41 +0100 Subject: [PATCH 009/127] Fix link and text for workflow limitation (#263) --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 28725ca6..7bda4472 100644 --- a/README.md +++ b/README.md @@ -399,7 +399,7 @@ If you go the "force pushes" route, you have to enable force pushes to a protect ### No new workflows are triggered by the commit of this action -This is due to limitations set up by GitHub, [commits of this Action do not trigger new Workflow runs](#commits-of-this-action-do-not-trigger-new-workflow-runs). +This is due to limitations set up by GitHub, [commits made by this Action do not trigger new Workflow runs](#commits-made-by-this-action-do-not-trigger-new-workflow-runs). ### Pathspec 'x' did not match any files From 976f22029fe5ee84057c18c4807b8c727952a393 Mon Sep 17 00:00:00 2001 From: Teko <112829523+Teko012@users.noreply.github.com> Date: Tue, 15 Nov 2022 20:12:31 +0100 Subject: [PATCH 010/127] Fix github-actions[bot] email address (#264) --- README.md | 2 +- action.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 7bda4472..b2497660 100644 --- a/README.md +++ b/README.md @@ -53,7 +53,7 @@ The following is an extended example with all available options. # Optional commit user and author settings commit_user_name: My GitHub Actions Bot # defaults to "github-actions[bot]" - commit_user_email: my-github-actions-bot@example.org # defaults to "github-actions[bot]@users.noreply.github.com" + commit_user_email: my-github-actions-bot@example.org # defaults to "41898282+github-actions[bot]@users.noreply.github.com" commit_author: Author # defaults to author of the commit that triggered the run # Optional. Tag name being created in the local repository and diff --git a/action.yml b/action.yml index 4e745269..afc4bf2b 100644 --- a/action.yml +++ b/action.yml @@ -39,7 +39,7 @@ inputs: commit_user_email: description: Email address used for the commit user required: false - default: github-actions[bot]@users.noreply.github.com + default: 41898282+github-actions[bot]@users.noreply.github.com commit_author: description: Value used for the commit author. Defaults to the username of whoever triggered this workflow run. required: false From 3ea6ae190baf489ba007f7c92608f33ce20ef04a Mon Sep 17 00:00:00 2001 From: ZeroRin Date: Fri, 2 Dec 2022 03:47:06 +0800 Subject: [PATCH 011/127] Fix "nothing to commit" error with LF/CRLF changes #241 (#265) * fix crlf test * add diff check before commit * add dirty check flag (not sure if needed) * Update test name and add more assertions Update test name to make it clear that the Action no longer fails to detect CRLF changes. * Add Comment to explain why we use git-diff again * Add test to confirm content changes are commited * Closes #241 Co-authored-by: Stefan Zweifel --- entrypoint.sh | 23 +++++++++++++--- tests/git-auto-commit.bats | 55 ++++++++++++++++++++++++++++++++------ 2 files changed, 67 insertions(+), 11 deletions(-) diff --git a/entrypoint.sh b/entrypoint.sh index 52449a64..3c858317 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -25,11 +25,28 @@ _main() { _add_files - _local_commit + # Check dirty state of repo again using git-diff. + # (git-diff detects beter if CRLF of files changes and does NOT + # proceed, if only CRLF changes are detected. See #241 and #265 + # for more details.) + if [ -n "$(git diff --staged)" ] || "$INPUT_SKIP_DIRTY_CHECK"; then + _local_commit - _tag_commit + _tag_commit - _push_to_github + _push_to_github + else + + # Check if $GITHUB_OUTPUT is available + # (Feature detection will be removed in late December 2022) + if [ -z ${GITHUB_OUTPUT+x} ]; then + echo "::set-output name=changes_detected::false"; + else + echo "changes_detected=false" >> $GITHUB_OUTPUT; + fi + + echo "Working tree clean. Nothing to commit."; + fi else # Check if $GITHUB_OUTPUT is available diff --git a/tests/git-auto-commit.bats b/tests/git-auto-commit.bats index 92a3434e..ead4db75 100644 --- a/tests/git-auto-commit.bats +++ b/tests/git-auto-commit.bats @@ -974,7 +974,7 @@ cat_github_output() { assert_line --partial "another-subdirectory/new-file-3.txt" } -@test "fails to detect crlf change in files and does not detect change or commit changes" { +@test "detects if crlf in files change and does not create commit" { # Set autocrlf to true cd "${FAKE_LOCAL_REPOSITORY}" git config core.autocrlf true @@ -982,26 +982,65 @@ cat_github_output() { assert_line "true" # Add more .txt files - touch "${FAKE_LOCAL_REPOSITORY}"/new-file-2.txt - touch "${FAKE_LOCAL_REPOSITORY}"/new-file-3.txt + echo -ne "crlf test1\r\n" > "${FAKE_LOCAL_REPOSITORY}"/new-file-2.txt + echo -ne "crlf test1\n" > "${FAKE_LOCAL_REPOSITORY}"/new-file-3.txt # Run git-auto-commit to add new files to repository run git_auto_commit # Change control characters in files - sed 's/^M$//' "${FAKE_LOCAL_REPOSITORY}"/new-file-2.txt - sed 's/$/^M/' "${FAKE_LOCAL_REPOSITORY}"/new-file-3.txt + echo -ne "crlf test1\n" > "${FAKE_LOCAL_REPOSITORY}"/new-file-2.txt + echo -ne "crlf test1\r\n" > "${FAKE_LOCAL_REPOSITORY}"/new-file-3.txt # Run git-auto-commit to commit the 2 changes files run git_auto_commit assert_success - # Changes are not detected + refute_line --partial "2 files changed, 2 insertions(+), 2 deletions(-)" + assert_line --partial "warning: in the working copy of 'new-file-2.txt', LF will be replaced by CRLF the next time Git touches it" + assert_line --partial "Working tree clean. Nothing to commit." + assert_line --partial "new-file-2.txt" + assert_line --partial "new-file-3.txt" + + # Changes are not detected + run cat_github_output + assert_line "changes_detected=false" +} + +@test "detects if crlf in files change and creates commit if the actual content of the files change" { + # Set autocrlf to true + cd "${FAKE_LOCAL_REPOSITORY}" + git config core.autocrlf true + run git config --get-all core.autocrlf + assert_line "true" + + # Add more .txt files + echo -ne "crlf test1\r\n" > "${FAKE_LOCAL_REPOSITORY}"/new-file-2.txt + echo -ne "crlf test1\n" > "${FAKE_LOCAL_REPOSITORY}"/new-file-3.txt - refute_line --partial "new-file-2.txt" - refute_line --partial "new-file-3.txt" + # Run git-auto-commit to add new files to repository + run git_auto_commit + + # Change control characters in files + echo -ne "crlf test2\n" > "${FAKE_LOCAL_REPOSITORY}"/new-file-2.txt + echo -ne "crlf test2\r\n" > "${FAKE_LOCAL_REPOSITORY}"/new-file-3.txt + + # Run git-auto-commit to commit the 2 changes files + run git_auto_commit + + assert_success + + assert_line --partial "2 files changed, 2 insertions(+), 2 deletions(-)" + assert_line --partial "warning: in the working copy of 'new-file-2.txt', LF will be replaced by CRLF the next time Git touches it" + + assert_line --partial "new-file-2.txt" + assert_line --partial "new-file-3.txt" + + # Changes are detected + run cat_github_output + assert_line "changes_detected=true" } From 925bbcaef30b3bb8918437735cff69dffcc3de4a Mon Sep 17 00:00:00 2001 From: stefanzweifel Date: Fri, 2 Dec 2022 06:50:39 +0000 Subject: [PATCH 012/127] Update CHANGELOG --- CHANGELOG.md | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 8238615a..3658910a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,10 +5,21 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html). -## [Unreleased](https://github.com/stefanzweifel/git-auto-commit-action/compare/v4.15.4...HEAD) +## [Unreleased](https://github.com/stefanzweifel/git-auto-commit-action/compare/v4.16.0...HEAD) > TBD +## [v4.16.0](https://github.com/stefanzweifel/git-auto-commit-action/compare/v4.15.4...v4.16.0) - 2022-12-02 + +### Changed + +- Don't commit files when only LF/CRLF changes ([#265](https://github.com/stefanzweifel/git-auto-commit-action/pull/265)) [@ZeroRin](https://github.com/@ZeroRin) +- Update default email address of github-actions[bot] ([#264](https://github.com/stefanzweifel/git-auto-commit-action/pull/264)) [@Teko012](https://github.com/@Teko012) + +### Fixed + +- Fix link and text for workflow limitation ([#263](https://github.com/stefanzweifel/git-auto-commit-action/pull/263)) [@Teko012](https://github.com/@Teko012) + ## [v4.15.4](https://github.com/stefanzweifel/git-auto-commit-action/compare/v4.15.3...v4.15.4) - 2022-11-05 ### Fixed From aeb1802648f7edfed48c9a530eea1a74d58dc2f4 Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Thu, 22 Dec 2022 19:45:17 +0100 Subject: [PATCH 013/127] Add _log and _set_github_output functions (#273) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Add _set_github_output function * Use _set_github_output in Action * Add _log function * Use _log in Action and fix Test Cases * Update wording in log messages * Update note about removal of old output syntax Logic is now encapuslated in a single function. I don’t mind keeping it around until spring / June 2023 --- entrypoint.sh | 79 +++++++++++++++++--------------------- tests/git-auto-commit.bats | 6 +-- 2 files changed, 39 insertions(+), 46 deletions(-) diff --git a/entrypoint.sh b/entrypoint.sh index 3c858317..a964e7f8 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -6,6 +6,26 @@ if "$INPUT_DISABLE_GLOBBING"; then set -o noglob; fi +_set_github_output() { + local name=${1} + local value=${2} + + # Check if $GITHUB_OUTPUT is available + # (Feature detection will be removed in spring 2023) + if [ -z ${GITHUB_OUTPUT+x} ]; then + echo "::set-output name=$name::$value"; + else + echo "$name=$value" >> $GITHUB_OUTPUT; + fi +} + +_log() { + local level=${1} + local message=${2} + + echo "::$level::$message"; +} + _main() { _check_if_git_is_available @@ -13,13 +33,7 @@ _main() { if _git_is_dirty || "$INPUT_SKIP_DIRTY_CHECK"; then - # Check if $GITHUB_OUTPUT is available - # (Feature detection will be removed in late December 2022) - if [ -z ${GITHUB_OUTPUT+x} ]; then - echo "::set-output name=changes_detected::true"; - else - echo "changes_detected=true" >> $GITHUB_OUTPUT; - fi + _set_github_output "changes_detected" "true" _switch_to_branch @@ -36,26 +50,12 @@ _main() { _push_to_github else - - # Check if $GITHUB_OUTPUT is available - # (Feature detection will be removed in late December 2022) - if [ -z ${GITHUB_OUTPUT+x} ]; then - echo "::set-output name=changes_detected::false"; - else - echo "changes_detected=false" >> $GITHUB_OUTPUT; - fi + _set_github_output "changes_detected" "false" echo "Working tree clean. Nothing to commit."; fi else - - # Check if $GITHUB_OUTPUT is available - # (Feature detection will be removed in late December 2022) - if [ -z ${GITHUB_OUTPUT+x} ]; then - echo "::set-output name=changes_detected::false"; - else - echo "changes_detected=false" >> $GITHUB_OUTPUT; - fi + _set_github_output "changes_detected" "false" echo "Working tree clean. Nothing to commit."; fi @@ -63,9 +63,9 @@ _main() { _check_if_git_is_available() { if hash -- "$INPUT_INTERNAL_GIT_BINARY" 2> /dev/null; then - echo "::debug::git binary found."; + _log "debug" "git binary found."; else - echo "::error ::git-auto-commit could not find git binary. Please make sure git is available." + _log "error" "git-auto-commit could not find git binary. Please make sure git is available." exit 1; fi } @@ -77,7 +77,7 @@ _switch_to_repository() { _git_is_dirty() { echo "INPUT_STATUS_OPTIONS: ${INPUT_STATUS_OPTIONS}"; - echo "::debug::Apply status options ${INPUT_STATUS_OPTIONS}"; + _log "debug" "Apply status options ${INPUT_STATUS_OPTIONS}"; echo "INPUT_FILE_PATTERN: ${INPUT_FILE_PATTERN}"; read -r -a INPUT_FILE_PATTERN_EXPANDED <<< "$INPUT_FILE_PATTERN"; @@ -91,14 +91,14 @@ _switch_to_branch() { # Fetch remote to make sure that repo can be switched to the right branch. if "$INPUT_SKIP_FETCH"; then - echo "::debug::git-fetch has not been executed"; + _log "debug" "git-fetch will not be executed."; else git fetch --depth=1; fi # If `skip_checkout`-input is true, skip the entire checkout step. if "$INPUT_SKIP_CHECKOUT"; then - echo "::debug::git-checkout has not been executed"; + _log "debug" "git-checkout will not be executed."; else # Create new local branch if `create_branch`-input is true if "$INPUT_CREATE_BRANCH"; then @@ -114,7 +114,7 @@ _switch_to_branch() { _add_files() { echo "INPUT_ADD_OPTIONS: ${INPUT_ADD_OPTIONS}"; - echo "::debug::Apply add options ${INPUT_ADD_OPTIONS}"; + _log "debug" "Apply add options ${INPUT_ADD_OPTIONS}"; echo "INPUT_FILE_PATTERN: ${INPUT_FILE_PATTERN}"; read -r -a INPUT_FILE_PATTERN_EXPANDED <<< "$INPUT_FILE_PATTERN"; @@ -125,7 +125,7 @@ _add_files() { _local_commit() { echo "INPUT_COMMIT_OPTIONS: ${INPUT_COMMIT_OPTIONS}"; - echo "::debug::Apply commit options ${INPUT_COMMIT_OPTIONS}"; + _log "debug" "Apply commit options ${INPUT_COMMIT_OPTIONS}"; # shellcheck disable=SC2206 INPUT_COMMIT_OPTIONS_ARRAY=( $INPUT_COMMIT_OPTIONS ); @@ -140,14 +140,7 @@ _local_commit() { --author="$INPUT_COMMIT_AUTHOR" \ ${INPUT_COMMIT_OPTIONS:+"${INPUT_COMMIT_OPTIONS_ARRAY[@]}"}; - - # Check if $GITHUB_OUTPUT is available - # (Feature detection will be removed in late December 2022) - if [ -z ${GITHUB_OUTPUT+x} ]; then - echo "::set-output name=commit_hash::$(git rev-parse HEAD)"; - else - echo "commit_hash=$(git rev-parse HEAD)" >> $GITHUB_OUTPUT; - fi + _set_github_output "commit_hash" $(git rev-parse HEAD) } _tag_commit() { @@ -155,7 +148,7 @@ _tag_commit() { if [ -n "$INPUT_TAGGING_MESSAGE" ] then - echo "::debug::Create tag $INPUT_TAGGING_MESSAGE"; + _log "debug" "Create tag $INPUT_TAGGING_MESSAGE"; git -c user.name="$INPUT_COMMIT_USER_NAME" -c user.email="$INPUT_COMMIT_USER_EMAIL" tag -a "$INPUT_TAGGING_MESSAGE" -m "$INPUT_TAGGING_MESSAGE"; else echo "No tagging message supplied. No tag will be added."; @@ -165,7 +158,7 @@ _tag_commit() { _push_to_github() { echo "INPUT_PUSH_OPTIONS: ${INPUT_PUSH_OPTIONS}"; - echo "::debug::Apply push options ${INPUT_PUSH_OPTIONS}"; + _log "debug" "Apply push options ${INPUT_PUSH_OPTIONS}"; # shellcheck disable=SC2206 INPUT_PUSH_OPTIONS_ARRAY=( $INPUT_PUSH_OPTIONS ); @@ -175,15 +168,15 @@ _push_to_github() { # Only add `--tags` option, if `$INPUT_TAGGING_MESSAGE` is set if [ -n "$INPUT_TAGGING_MESSAGE" ] then - echo "::debug::git push origin --tags"; + _log "debug" "git push origin --tags"; git push origin --follow-tags --atomic ${INPUT_PUSH_OPTIONS:+"${INPUT_PUSH_OPTIONS_ARRAY[@]}"}; else - echo "::debug::git push origin"; + _log "debug" "git push origin"; git push origin ${INPUT_PUSH_OPTIONS:+"${INPUT_PUSH_OPTIONS_ARRAY[@]}"}; fi else - echo "::debug::Push commit to remote branch $INPUT_BRANCH"; + _log "debug" "Push commit to remote branch $INPUT_BRANCH"; git push --set-upstream origin "HEAD:$INPUT_BRANCH" --follow-tags --atomic ${INPUT_PUSH_OPTIONS:+"${INPUT_PUSH_OPTIONS_ARRAY[@]}"}; fi } diff --git a/tests/git-auto-commit.bats b/tests/git-auto-commit.bats index ead4db75..9ca1014e 100644 --- a/tests/git-auto-commit.bats +++ b/tests/git-auto-commit.bats @@ -417,7 +417,7 @@ cat_github_output() { assert_success - assert_line "::debug::git-fetch has not been executed" + assert_line "::debug::git-fetch will not be executed." } @test "If SKIP_CHECKOUT is true git-checkout will not be called" { @@ -430,7 +430,7 @@ cat_github_output() { assert_success - assert_line "::debug::git-checkout has not been executed" + assert_line "::debug::git-checkout will not be executed." } @test "It pushes generated commit and tag to remote and actually updates the commit shas" { @@ -1090,5 +1090,5 @@ cat_github_output() { run git_auto_commit assert_failure; - assert_line "::error ::git-auto-commit could not find git binary. Please make sure git is available." + assert_line "::error::git-auto-commit could not find git binary. Please make sure git is available." } From 86fb2e11b29e925e8f69e11ea53599e56383379e Mon Sep 17 00:00:00 2001 From: cong Date: Tue, 3 Jan 2023 15:17:32 +0800 Subject: [PATCH 014/127] Fix git-auto-commit.yml (#277) --- .github/workflows/git-auto-commit.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/git-auto-commit.yml b/.github/workflows/git-auto-commit.yml index 038521e4..0334115f 100644 --- a/.github/workflows/git-auto-commit.yml +++ b/.github/workflows/git-auto-commit.yml @@ -18,9 +18,9 @@ jobs: uses: ./ - name: "no changes detected" - if: steps.auto-commit-action.outputs.changes_detected == false + if: steps.auto-commit-action.outputs.changes_detected == 'false' run: "echo \"No changes detected\"" - name: "changes detected" - if: steps.auto-commit-action.outputs.changes_detected == true + if: steps.auto-commit-action.outputs.changes_detected == 'true' run: "echo \"Changes detected\"" From fe00d258677e45d1f05473557e57bdfe865370fc Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Sat, 7 Jan 2023 12:06:10 +0100 Subject: [PATCH 015/127] Add test for multi-line commit messages --- tests/git-auto-commit.bats | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/tests/git-auto-commit.bats b/tests/git-auto-commit.bats index 9ca1014e..179a5c7b 100644 --- a/tests/git-auto-commit.bats +++ b/tests/git-auto-commit.bats @@ -1092,3 +1092,23 @@ cat_github_output() { assert_failure; assert_line "::error::git-auto-commit could not find git binary. Please make sure git is available." } + +@test "It creates multi-line commit messages" { + touch "${FAKE_LOCAL_REPOSITORY}"/new-file-{1,2,3}.txt + + COMMIT_MESSAGE=$(cat <<-END + this commit message + has multiple lines +END +) + + INPUT_COMMIT_MESSAGE=$COMMIT_MESSAGE + + run git_auto_commit + + assert_success + + # Assert last commit was signed off + run git log -n 1 + assert_output --partial $COMMIT_MESSAGE +} From 3663a6fa3ebeb37c44d95a85b93c3d3cc7083b69 Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Sat, 14 Jan 2023 18:05:16 +0100 Subject: [PATCH 016/127] Update README.md --- README.md | 89 ++++++++++++++++++++++++++++++++++--------------------- 1 file changed, 56 insertions(+), 33 deletions(-) diff --git a/README.md b/README.md index b2497660..7ac5232b 100644 --- a/README.md +++ b/README.md @@ -198,17 +198,61 @@ If you work in an organization and don't want to create a PAT from your personal ### Change to file is not detected -Does your workflow change a file but "git-auto-commit" does not detect the change? Check the `.gitignore` that applies to the respective file. You might have accidentally marked the file to be ignored by git. +Does your workflow change a file, but "git-auto-commit" does not detect the change? Check the `.gitignore` that applies to the respective file. You might have accidentally marked the file to be ignored by git. ## Advanced Uses -
-Use in forks from public repositories +### Multiline Commit Messages + +If your commit message should span multiple lines, you have to create a separate step to generate the string. + +The example below can be used as a starting point to generate a multiline commit meesage. Learn more how multiline strings in GitHub Actions work in the [GitHub documentation](https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings). + +```yaml + # Building a multiline commit message + # Adjust to your liking + - run: echo "Commit Message 1" >> commitmessage.txt + - run: echo "Commit Message 2" >> commitmessage.txt + - run: echo "Commit Message 3" >> commitmessage.txt + + # Create a multiline string to be used by the git-auto-commit Action + - name: Set commit message + id: commit_message_step + run: | + echo 'commit_message<> $GITHUB_OUTPUT + cat commitmessage.txt >> $GITHUB_OUTPUT + echo 'EOF' >> $GITHUB_OUTPUT + + # Quick and dirty step to get rid of the temporary file holding the commit message + - run: rm -rf commitmessage.txt + + - uses: stefanzweifel/git-auto-commit-action@v4 + id: commit + with: + commit_message: ${{ steps.commit_message_step.outputs.commit_message }} +``` + +### Signing Commits & Other Git Command Line Options + +Using command lines options needs to be done manually for each workflow which you require the option enabled. So for example signing commits requires you to import the gpg signature each and every time. The following list of actions are worth checking out if you need to automate these tasks regularly. + +- [Import GPG Signature](https://github.com/crazy-max/ghaction-import-gpg) (Suggested by [TGTGamer](https://github.com/tgtgamer)) + +### Push to forks from private repositories + +By default, GitHub Actions doesn't run Workflows on forks from private repositories. To enable Actions for **private** repositories enable "Run workflows from pull requests" in your repository settings. + +See [this announcement from GitHub](https://github.blog/2020-08-03-github-actions-improvements-for-fork-and-pull-request-workflows/) or the [GitHub docs](https://docs.github.com/en/github/administering-a-repository/disabling-or-limiting-github-actions-for-a-repository#enabling-workflows-for-private-repository-forks) for details. -**☝️ Important Notice**: This Action technically works with forks. However, please note that the combination of triggers and their options can cause issues. Please read [the documentation](https://docs.github.com/en/free-pro-team@latest/actions/reference/events-that-trigger-workflows) on which triggers GitHub Actions support.\ -If you use this Action in combination with a linter/fixer, it's easier if you run the Action on `push` on your `main`-branch. ---- +### Use in forks from public repositories + +
+Expand to learn more + +> **Note** +> This Action technically works with forks. However, please note that the combination of triggers and their options can cause issues. Please read [the documentation](https://docs.github.com/en/free-pro-team@latest/actions/reference/events-that-trigger-workflows) on which triggers GitHub Actions support.\ +> If you use this Action in combination with a linter/fixer, it's easier if you run the Action on `push` on your `main`-branch. By default, this Action will not run on Pull Requests which have been opened by forks. (This is a limitation by GitHub, not by us.) However, there are a couple of ways to use this Actions in Workflows that should be triggered by forked repositories. @@ -295,37 +339,15 @@ For more information about running Actions on forks, see [this announcement from
-
-Push to forks from private repositories - -By default, GitHub Actions doesn't run Workflows on forks from private repositories. To enable Actions for **private** repositories enable "Run workflows from pull requests" in your repository settings. - -See [this announcement from GitHub](https://github.blog/2020-08-03-github-actions-improvements-for-fork-and-pull-request-workflows/) or the [GitHub docs](https://docs.github.com/en/github/administering-a-repository/disabling-or-limiting-github-actions-for-a-repository#enabling-workflows-for-private-repository-forks) for details. - -
+### Using `--amend` and `--no-edit` as commit options
- - Signing Commits & Other Git Command Line Options - - -Using command lines options needs to be done manually for each workflow which you require the option enabled. So for example signing commits requires you to import the gpg signature each and every time. The following list of actions are worth checking out if you need to automate these tasks regularly. - -- [Import GPG Signature](https://github.com/crazy-max/ghaction-import-gpg) (Suggested by [TGTGamer](https://github.com/tgtgamer)) - -
- -
- - Using `--amend` and `--no-edit` as commit options - - - - +Expand to learn more If you would like to use this Action to create a commit using [`--amend`](https://git-scm.com/docs/git-commit#Documentation/git-commit.txt---amend) and [`--no-edit`](https://git-scm.com/docs/git-commit#Documentation/git-commit.txt---no-edit) you need to make some adjustments. -**☝️ Important Notice:** You should understand the implications of rewriting history if you amend a commit that has already been published. [See rebasing](https://git-scm.com/docs/git-rebase#_recovering_from_upstream_rebase) +> **Warning** +> You should understand the implications of rewriting history if you amend a commit that has already been published. [See rebasing](https://git-scm.com/docs/git-rebase#_recovering_from_upstream_rebase). First, you need to extract the previous commit message by using `git log -1 --pretty=%s`. Then you need to provide this last commit message to the Action through the `commit_message` input option. @@ -385,7 +407,8 @@ store the token as a secret in your repository and pass the new token to the [`a ``` You can learn more about Personal Access Token in the [GitHub documentation](https://docs.github.com/en/github/authenticating-to-github/creating-a-personal-access-token). -**Note:** If you're working in an organisation, and you don't want to create the PAT from your personal account, we recommend using a bot-account for such tokens. +> **Note** +> If you're working in an organisation, and you don't want to create the PAT from your personal account, we recommend using a bot-account for such tokens. If you go the "force pushes" route, you have to enable force pushes to a protected branch (See [documentation](https://help.github.com/en/github/administering-a-repository/enabling-force-pushes-to-a-protected-branch)) and update your Workflow to use force push like this. From 3b94e3d0179a57791345521ad5d33f91396a25f6 Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Fri, 20 Jan 2023 15:31:53 +0100 Subject: [PATCH 017/127] Update README.md Closes #281 --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index 7ac5232b..451c9b6f 100644 --- a/README.md +++ b/README.md @@ -252,6 +252,8 @@ See [this announcement from GitHub](https://github.blog/2020-08-03-github-action > **Note** > This Action technically works with forks. However, please note that the combination of triggers and their options can cause issues. Please read [the documentation](https://docs.github.com/en/free-pro-team@latest/actions/reference/events-that-trigger-workflows) on which triggers GitHub Actions support.\ +> Ensure your contributors enable "Allow edits by maintainers" when opening a pull request. ([Learn more](https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/working-with-forks/allowing-changes-to-a-pull-request-branch-created-from-a-fork)) \ +> \ > If you use this Action in combination with a linter/fixer, it's easier if you run the Action on `push` on your `main`-branch. By default, this Action will not run on Pull Requests which have been opened by forks. (This is a limitation by GitHub, not by us.) From 92b3981e0b7e212ae8de76e5c0ebbae9213d1db8 Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Wed, 25 Jan 2023 19:57:43 +0100 Subject: [PATCH 018/127] Update Author Email Address --- CODE_OF_CONDUCT.md | 2 +- action.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md index ed87d512..9cd1debc 100644 --- a/CODE_OF_CONDUCT.md +++ b/CODE_OF_CONDUCT.md @@ -55,7 +55,7 @@ further defined and clarified by project maintainers. ## Enforcement Instances of abusive, harassing, or otherwise unacceptable behavior may be -reported by contacting the project team at hello@stefanzweifel.io. All +reported by contacting the project team at stefan@stefanzweifel.dev. All complaints will be reviewed and investigated and will result in a response that is deemed necessary and appropriate to the circumstances. The project team is obligated to maintain confidentiality with regard to the reporter of an incident. diff --git a/action.yml b/action.yml index afc4bf2b..5e67a1f7 100644 --- a/action.yml +++ b/action.yml @@ -1,7 +1,7 @@ name: Git Auto Commit description: 'Automatically commits files which have been changed during the workflow run and push changes back to remote repository.' -author: Stefan Zweifel +author: Stefan Zweifel inputs: commit_message: From 94d6bf9d2205442189681a51f429ab9143657007 Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Sat, 11 Feb 2023 12:23:24 +0100 Subject: [PATCH 019/127] Add permissions block to Workflows --- .github/workflows/git-auto-commit.yml | 6 ++++++ .github/workflows/release-drafter.yml | 7 +++++++ .github/workflows/update-changelog.yaml | 6 ++++++ .github/workflows/versioning.yml | 7 +++++++ 4 files changed, 26 insertions(+) diff --git a/.github/workflows/git-auto-commit.yml b/.github/workflows/git-auto-commit.yml index 0334115f..bf9bbcdd 100644 --- a/.github/workflows/git-auto-commit.yml +++ b/.github/workflows/git-auto-commit.yml @@ -10,6 +10,12 @@ jobs: git-auto-commit: runs-on: ubuntu-latest + permissions: + # Give the default GITHUB_TOKEN write permission to commit and push the + # updaetd CHANGELOG back to the repository. + # https://github.blog/changelog/2023-02-02-github-actions-updating-the-default-github_token-permissions-to-read-only/ + contents: write + steps: - uses: actions/checkout@v3 diff --git a/.github/workflows/release-drafter.yml b/.github/workflows/release-drafter.yml index 17fdb961..152a5099 100644 --- a/.github/workflows/release-drafter.yml +++ b/.github/workflows/release-drafter.yml @@ -8,6 +8,13 @@ on: jobs: update_release_draft: runs-on: ubuntu-latest + + permissions: + # Give the default GITHUB_TOKEN write permission to commit and push the + # updaetd CHANGELOG back to the repository. + # https://github.blog/changelog/2023-02-02-github-actions-updating-the-default-github_token-permissions-to-read-only/ + contents: write + steps: - uses: release-drafter/release-drafter@v5 env: diff --git a/.github/workflows/update-changelog.yaml b/.github/workflows/update-changelog.yaml index a5d65093..e8820886 100644 --- a/.github/workflows/update-changelog.yaml +++ b/.github/workflows/update-changelog.yaml @@ -8,6 +8,12 @@ jobs: update: runs-on: ubuntu-latest + permissions: + # Give the default GITHUB_TOKEN write permission to commit and push the + # updaetd CHANGELOG back to the repository. + # https://github.blog/changelog/2023-02-02-github-actions-updating-the-default-github_token-permissions-to-read-only/ + contents: write + steps: - name: Checkout code uses: actions/checkout@v3 diff --git a/.github/workflows/versioning.yml b/.github/workflows/versioning.yml index ad052193..396eface 100644 --- a/.github/workflows/versioning.yml +++ b/.github/workflows/versioning.yml @@ -7,6 +7,13 @@ on: jobs: actions-tagger: runs-on: windows-latest + + permissions: + # Give the default GITHUB_TOKEN write permission to commit and push the + # updaetd CHANGELOG back to the repository. + # https://github.blog/changelog/2023-02-02-github-actions-updating-the-default-github_token-permissions-to-read-only/ + contents: write + steps: - uses: Actions-R-Us/actions-tagger@latest env: From ccd4d054a57846a7f1c0199df66e8fb8a15d6872 Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Sat, 11 Feb 2023 21:14:56 +0100 Subject: [PATCH 020/127] Fix Typo in Workflow comments --- .github/workflows/git-auto-commit.yml | 3 +-- .github/workflows/release-drafter.yml | 3 +-- .github/workflows/update-changelog.yaml | 2 +- .github/workflows/versioning.yml | 3 +-- 4 files changed, 4 insertions(+), 7 deletions(-) diff --git a/.github/workflows/git-auto-commit.yml b/.github/workflows/git-auto-commit.yml index bf9bbcdd..a217b1c8 100644 --- a/.github/workflows/git-auto-commit.yml +++ b/.github/workflows/git-auto-commit.yml @@ -11,8 +11,7 @@ jobs: runs-on: ubuntu-latest permissions: - # Give the default GITHUB_TOKEN write permission to commit and push the - # updaetd CHANGELOG back to the repository. + # Give the default GITHUB_TOKEN write permission. # https://github.blog/changelog/2023-02-02-github-actions-updating-the-default-github_token-permissions-to-read-only/ contents: write diff --git a/.github/workflows/release-drafter.yml b/.github/workflows/release-drafter.yml index 152a5099..6106be2d 100644 --- a/.github/workflows/release-drafter.yml +++ b/.github/workflows/release-drafter.yml @@ -10,8 +10,7 @@ jobs: runs-on: ubuntu-latest permissions: - # Give the default GITHUB_TOKEN write permission to commit and push the - # updaetd CHANGELOG back to the repository. + # Give the default GITHUB_TOKEN write permission. # https://github.blog/changelog/2023-02-02-github-actions-updating-the-default-github_token-permissions-to-read-only/ contents: write diff --git a/.github/workflows/update-changelog.yaml b/.github/workflows/update-changelog.yaml index e8820886..02c4e667 100644 --- a/.github/workflows/update-changelog.yaml +++ b/.github/workflows/update-changelog.yaml @@ -10,7 +10,7 @@ jobs: permissions: # Give the default GITHUB_TOKEN write permission to commit and push the - # updaetd CHANGELOG back to the repository. + # updated CHANGELOG back to the repository. # https://github.blog/changelog/2023-02-02-github-actions-updating-the-default-github_token-permissions-to-read-only/ contents: write diff --git a/.github/workflows/versioning.yml b/.github/workflows/versioning.yml index 396eface..04b1f87c 100644 --- a/.github/workflows/versioning.yml +++ b/.github/workflows/versioning.yml @@ -9,8 +9,7 @@ jobs: runs-on: windows-latest permissions: - # Give the default GITHUB_TOKEN write permission to commit and push the - # updaetd CHANGELOG back to the repository. + # Give the default GITHUB_TOKEN write permission. # https://github.blog/changelog/2023-02-02-github-actions-updating-the-default-github_token-permissions-to-read-only/ contents: write From f0b35f0a731335dde1eadd3dc0c9eefb4c45054f Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Sat, 11 Feb 2023 21:29:07 +0100 Subject: [PATCH 021/127] Mention new permission requirements in usage docs Starting February 2nd 2023, GitHub changed the default permissions of the GITHUB_TOKEN to be read-only in all new repositories.[1] git-auto-commits needs `write`-permissions for the `contents`-key in order to work properly. This commits updates the usage section, to mention the need for the permission requirements. The examples have also been updated to reflect that change. [1]: https://github.blog/changelog/2023-02-02-github-actions-updating-the-default-github_token-permissions-to-read-only/ --- README.md | 40 ++++++++++++++++++++++++++++++++++++---- 1 file changed, 36 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 451c9b6f..28bab232 100644 --- a/README.md +++ b/README.md @@ -13,14 +13,42 @@ If you want to learn more how this Action works under the hood, check out [this ## Usage -Add the following step at the end of your job, after other steps that might add or change files. +Adding git-auto-commit to your Workflow only takes a couple lines of code. + +1. Set the `contents`-permission of the default GITHUB_TOKEN to `true`. (Required to push new commits to the repository) +2. Add the following step at the end of your job, after other steps that might add or change files. ```yaml - uses: stefanzweifel/git-auto-commit-action@v4 ``` -Note that the Action has to be used in a Job that runs on a UNIX system (e.g. `ubuntu-latest`). -If you don't use the default permission of the GITHUB_TOKEN, give the Job or Workflow at least the `contents: write` permission. +Your Workflow should look similar to this example. + +```yaml +name: Format + +on: push + +jobs: + format-code: + runs-on: ubuntu-latest + + permissions: + # Give the default GITHUB_TOKEN write permission to commit and push the + # updated CHANGELOG back to the repository. + contents: write + + steps: + - uses: actions/checkout@v3 + + # Other steps that change files in the repository + + # Commit all changed files back to the repository + - uses: stefanzweifel/git-auto-commit-action@v4 +``` + +> **Note** +> The Action has to be used in a Job that runs on a UNIX system (e.g. `ubuntu-latest`). The following is an extended example with all available options. @@ -111,8 +139,12 @@ jobs: php-cs-fixer: runs-on: ubuntu-latest + permissions: + # Give the default GITHUB_TOKEN write permission to commit and push the changed files back to the repository. + contents: write + steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 with: ref: ${{ github.head_ref }} From 6656e542550b41d845d8d4844044eb181cb6fc6a Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Sat, 11 Feb 2023 21:29:21 +0100 Subject: [PATCH 022/127] Use actions/checkout@v3 in examples --- README.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 28bab232..bc113e1e 100644 --- a/README.md +++ b/README.md @@ -201,7 +201,7 @@ You must use `action/checkout@v2` or later versions to check out the repository. In non-`push` events, such as `pull_request`, make sure to specify the `ref` to check out: ```yaml -- uses: actions/checkout@v2 +- uses: actions/checkout@v3 with: ref: ${{ github.head_ref }} ``` @@ -219,7 +219,7 @@ You can change this by creating a new [Personal Access Token (PAT)](https://gith storing the token as a secret in your repository and then passing the new token to the [`actions/checkout`](https://github.com/actions/checkout#usage) Action step. ```yaml -- uses: actions/checkout@v2 +- uses: actions/checkout@v3 with: token: ${{ secrets.PAT }} ``` @@ -349,7 +349,7 @@ jobs: php-cs-fixer: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Run php-cs-fixer uses: docker://oskarstark/php-cs-fixer-ga @@ -435,7 +435,7 @@ First, you have to create a new [Personal Access Token (PAT)](https://github.com store the token as a secret in your repository and pass the new token to the [`actions/checkout`](https://github.com/actions/checkout#usage) Action step. ```yaml -- uses: actions/checkout@v2 +- uses: actions/checkout@v3 with: token: ${{ secrets.PAT }} ``` From 6436584fbbde9ffb372220e0dd9e42e96e6b03d8 Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Sat, 11 Feb 2023 21:31:27 +0100 Subject: [PATCH 023/127] Fix Comment in README --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index bc113e1e..1ee654a5 100644 --- a/README.md +++ b/README.md @@ -35,7 +35,7 @@ jobs: permissions: # Give the default GITHUB_TOKEN write permission to commit and push the - # updated CHANGELOG back to the repository. + # added or changed files to the repository. contents: write steps: From c8254de74fb2d4577fe54a38cde3186515e9931c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 13 Feb 2023 08:22:21 +0100 Subject: [PATCH 024/127] Bump bats from 1.8.2 to 1.9.0 (#282) Bumps [bats](https://github.com/bats-core/bats-core) from 1.8.2 to 1.9.0. - [Release notes](https://github.com/bats-core/bats-core/releases) - [Changelog](https://github.com/bats-core/bats-core/blob/master/docs/CHANGELOG.md) - [Commits](https://github.com/bats-core/bats-core/compare/v1.8.2...v1.9.0) --- updated-dependencies: - dependency-name: bats dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- package.json | 2 +- yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package.json b/package.json index b012db72..da10b16e 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "devDependencies": { - "bats": "^1.8.2", + "bats": "^1.9.0", "bats-assert": "ztombol/bats-assert", "bats-support": "ztombol/bats-support" }, diff --git a/yarn.lock b/yarn.lock index dad53d06..a81d597e 100644 --- a/yarn.lock +++ b/yarn.lock @@ -10,7 +10,7 @@ bats-support@ztombol/bats-support: version "0.3.0" resolved "https://codeload.github.com/ztombol/bats-support/tar.gz/004e707638eedd62e0481e8cdc9223ad471f12ee" -bats@^1.8.2: - version "1.8.2" - resolved "https://registry.yarnpkg.com/bats/-/bats-1.8.2.tgz#bdbaa7690a18f04291b35144a8ce5435cffb8dc5" - integrity sha512-KLUIaPYuIMjqui8MbZmK84+CiwhjFVFAhFy5PXP0prLbkovc5faVzc+Qaowbz76F97zP573JrF31ODFAH7vzhg== +bats@^1.9.0: + version "1.9.0" + resolved "https://registry.yarnpkg.com/bats/-/bats-1.9.0.tgz#251a255b58b631f210d75db6ba376a7c2be1b9fd" + integrity sha512-Z5BJaAmmHv/ujj7obhjEzJ//OL+ZtjVq0iRnHu+2fE9OeUaPMbJpBgYiOdNbDrG3E2hqe84/AXNnS/UiXl/UcA== From 8e108d701f702a9bfdff0350ee483743ca56b021 Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Wed, 15 Feb 2023 19:44:45 +0100 Subject: [PATCH 025/127] Fix docs about using in public forks Update docs section about using the Action in public forks. Add warning about current issue when the forks lives under an organisation. Mark section about running a workflow in the head repository as outdated, as I was not able to reproduce this in test projects. See https://github.com/stefanzweifel/git-auto-commit-action/issues/211#issuecomment-1428849944 for more details. --- README.md | 23 ++++++++++++++++++++--- 1 file changed, 20 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 1ee654a5..ec585e6b 100644 --- a/README.md +++ b/README.md @@ -282,11 +282,14 @@ See [this announcement from GitHub](https://github.blog/2020-08-03-github-action
Expand to learn more -> **Note** +> **Note** > This Action technically works with forks. However, please note that the combination of triggers and their options can cause issues. Please read [the documentation](https://docs.github.com/en/free-pro-team@latest/actions/reference/events-that-trigger-workflows) on which triggers GitHub Actions support.\ > Ensure your contributors enable "Allow edits by maintainers" when opening a pull request. ([Learn more](https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/working-with-forks/allowing-changes-to-a-pull-request-branch-created-from-a-fork)) \ > \ -> If you use this Action in combination with a linter/fixer, it's easier if you run the Action on `push` on your `main`-branch. +> **If you use this Action in combination with a linter/fixer, it's easier if you run the Action on `push` on your `main`-branch.** + +> **Warning** +> Due to limitations of GitHub, this Action currently can't push commits to a base repository, if the fork _lives_ under an organisation. See [github/community#6634](https://github.com/orgs/community/discussions/5634) and [this comment](https://github.com/stefanzweifel/git-auto-commit-action/issues/211#issuecomment-1428849944) for details. By default, this Action will not run on Pull Requests which have been opened by forks. (This is a limitation by GitHub, not by us.) However, there are a couple of ways to use this Actions in Workflows that should be triggered by forked repositories. @@ -312,10 +315,19 @@ on: jobs: php-cs-fixer: runs-on: ubuntu-latest + permissions: + contents: write + steps: - uses: actions/checkout@v3 with: + # Checkout the fork/head-repository and push changes to the fork. + # If you skip this, the base repository will be checked out and changes + # will be committed to the base repository! repository: ${{ github.event.pull_request.head.repo.full_name }} + + # Checkout the branch made in the fork. Will automatically push changes + # back to this branch. ref: ${{ github.head_ref }} - name: Run php-cs-fixer @@ -326,6 +338,11 @@ jobs: ### Workflow should run in **forked** repository +> **Warning** +> **This part of the documentation is outdated.** +> We were not able to configure a GitHub Action workflow for forks, that the workflow would run in the fork / head repository. +> Please let us know in the [discussions](https://github.com/stefanzweifel/git-auto-commit-action/discussions)-area, if and how you achieved that. + If the workflow should run in the forked repository, follow these steps: 1. In addition to listening to the `pull_request` event in your Workflow triggers, you have to add an additional event: `pull_request_target`. You can learn more about this event in [the GitHub docs](https://docs.github.com/en/actions/reference/events-that-trigger-workflows#pull_request_target). @@ -380,7 +397,7 @@ For more information about running Actions on forks, see [this announcement from If you would like to use this Action to create a commit using [`--amend`](https://git-scm.com/docs/git-commit#Documentation/git-commit.txt---amend) and [`--no-edit`](https://git-scm.com/docs/git-commit#Documentation/git-commit.txt---no-edit) you need to make some adjustments. -> **Warning** +> **Warning** > You should understand the implications of rewriting history if you amend a commit that has already been published. [See rebasing](https://git-scm.com/docs/git-rebase#_recovering_from_upstream_rebase). First, you need to extract the previous commit message by using `git log -1 --pretty=%s`. From 0b5f8a533380e17b84a027ed83497bd5cfe3dfb2 Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Tue, 28 Mar 2023 14:46:47 +0200 Subject: [PATCH 026/127] Update Test --- tests/git-auto-commit.bats | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/git-auto-commit.bats b/tests/git-auto-commit.bats index 179a5c7b..daf5bc0b 100644 --- a/tests/git-auto-commit.bats +++ b/tests/git-auto-commit.bats @@ -259,7 +259,7 @@ cat_github_output() { } @test "It applies commit user and author settings" { - INPUT_COMMIT_USER_NAME="A Single Test" + INPUT_COMMIT_USER_NAME="Custom User Name" INPUT_COMMIT_USER_EMAIL="single-test@github.com" INPUT_COMMIT_AUTHOR="A Single Test " @@ -269,7 +269,7 @@ cat_github_output() { assert_success - assert_line "INPUT_COMMIT_USER_NAME: A Single Test" + assert_line "INPUT_COMMIT_USER_NAME: Custom User Name" assert_line "INPUT_COMMIT_USER_EMAIL: single-test@github.com" assert_line "INPUT_COMMIT_AUTHOR: A Single Test " assert_line "::debug::Push commit to remote branch ${FAKE_DEFAULT_BRANCH}" @@ -282,7 +282,7 @@ cat_github_output() { assert_output --partial "A Single Test" run git log -1 --pretty=format:'%cn' - assert_output --partial "A Single Test" + assert_output --partial "Custom User Name" run git log -1 --pretty=format:'%ce' assert_output --partial "single-test@github.com" From 9cc0a1f55de2aa04a36721ca84463dd520f70f4c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pedro=20Amador=20Rodr=C3=ADguez?= Date: Mon, 3 Apr 2023 08:55:34 +0200 Subject: [PATCH 027/127] Seems like there is an extra space (#288) --- .github/release-drafter.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/release-drafter.yml b/.github/release-drafter.yml index 69cfc0b3..6b9b1759 100644 --- a/.github/release-drafter.yml +++ b/.github/release-drafter.yml @@ -12,7 +12,7 @@ categories: - 'changelog:changed' - title: Deprecated labels: - - 'changelog:deprecated ' + - 'changelog:deprecated' - title: Removed labels: - 'changelog:removed' From 77a7b3fb3cefad3856cb5086bfb157ac1c32b008 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 23 Jun 2023 09:20:59 +0200 Subject: [PATCH 028/127] Bump github/super-linter from 4 to 5 (#289) Bumps [github/super-linter](https://github.com/github/super-linter) from 4 to 5. - [Release notes](https://github.com/github/super-linter/releases) - [Changelog](https://github.com/github/super-linter/blob/main/docs/release-process.md) - [Commits](https://github.com/github/super-linter/compare/v4...v5) --- updated-dependencies: - dependency-name: github/super-linter dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/linter.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml index a01cc3fa..17d4c8e7 100644 --- a/.github/workflows/linter.yml +++ b/.github/workflows/linter.yml @@ -12,7 +12,7 @@ jobs: uses: actions/checkout@v3 - name: Lint Code Base - uses: github/super-linter@v4 + uses: github/super-linter@v5 env: VALIDATE_ALL_CODEBASE: false VALIDATE_MARKDOWN: false From 47a8ad5f38721f4b62f84ddd01aba6b281956891 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 17 Jul 2023 09:56:06 +0200 Subject: [PATCH 029/127] Bump bats from 1.9.0 to 1.10.0 (#293) Bumps [bats](https://github.com/bats-core/bats-core) from 1.9.0 to 1.10.0. - [Release notes](https://github.com/bats-core/bats-core/releases) - [Changelog](https://github.com/bats-core/bats-core/blob/master/docs/CHANGELOG.md) - [Commits](https://github.com/bats-core/bats-core/compare/v1.9.0...v1.10.0) --- updated-dependencies: - dependency-name: bats dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- package.json | 2 +- yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package.json b/package.json index da10b16e..40c35d7a 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "devDependencies": { - "bats": "^1.9.0", + "bats": "^1.10.0", "bats-assert": "ztombol/bats-assert", "bats-support": "ztombol/bats-support" }, diff --git a/yarn.lock b/yarn.lock index a81d597e..50212d43 100644 --- a/yarn.lock +++ b/yarn.lock @@ -10,7 +10,7 @@ bats-support@ztombol/bats-support: version "0.3.0" resolved "https://codeload.github.com/ztombol/bats-support/tar.gz/004e707638eedd62e0481e8cdc9223ad471f12ee" -bats@^1.9.0: - version "1.9.0" - resolved "https://registry.yarnpkg.com/bats/-/bats-1.9.0.tgz#251a255b58b631f210d75db6ba376a7c2be1b9fd" - integrity sha512-Z5BJaAmmHv/ujj7obhjEzJ//OL+ZtjVq0iRnHu+2fE9OeUaPMbJpBgYiOdNbDrG3E2hqe84/AXNnS/UiXl/UcA== +bats@^1.10.0: + version "1.10.0" + resolved "https://registry.yarnpkg.com/bats/-/bats-1.10.0.tgz#d22cb6e2d88fd39302167da237d710406d1587ce" + integrity sha512-yOQrC7npuCrN+Ic3TyjTjJlzHa0qlK3oEO6VAYPWwFeutx/GmpljIyB6uNSl/UTASyc2w4FgVuA/QMMf9OdsCw== From 3d1b5e078a85df99db0cb2441cd4309b09d86253 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 11 Sep 2023 10:32:33 +0200 Subject: [PATCH 030/127] Bump actions/checkout from 3 to 4 (#302) Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v3...v4) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/git-auto-commit.yml | 2 +- .github/workflows/linter.yml | 2 +- .github/workflows/tests.yml | 2 +- .github/workflows/update-changelog.yaml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/git-auto-commit.yml b/.github/workflows/git-auto-commit.yml index a217b1c8..d7db234d 100644 --- a/.github/workflows/git-auto-commit.yml +++ b/.github/workflows/git-auto-commit.yml @@ -16,7 +16,7 @@ jobs: contents: write steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Use git-auto-commit-action id: "auto-commit-action" diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml index 17d4c8e7..e355374d 100644 --- a/.github/workflows/linter.yml +++ b/.github/workflows/linter.yml @@ -9,7 +9,7 @@ jobs: steps: - name: Checkout Code - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Lint Code Base uses: github/super-linter@v5 diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 48f3a84b..35ee1e2c 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Install testing dependencies run: yarn install diff --git a/.github/workflows/update-changelog.yaml b/.github/workflows/update-changelog.yaml index 02c4e667..691e6dc3 100644 --- a/.github/workflows/update-changelog.yaml +++ b/.github/workflows/update-changelog.yaml @@ -16,7 +16,7 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: ref: master From 10944650cd54362ae9200814cbb06c657132951d Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Wed, 4 Oct 2023 15:33:04 +0200 Subject: [PATCH 031/127] Use actions/checkout v4 in examples https://github.com/stefanzweifel/git-auto-commit-action/pull/302#issuecomment-1745974288 --- README.md | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index ec585e6b..9c2d9e0d 100644 --- a/README.md +++ b/README.md @@ -39,7 +39,7 @@ jobs: contents: write steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 # Other steps that change files in the repository @@ -144,7 +144,7 @@ jobs: contents: write steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: ref: ${{ github.head_ref }} @@ -201,7 +201,7 @@ You must use `action/checkout@v2` or later versions to check out the repository. In non-`push` events, such as `pull_request`, make sure to specify the `ref` to check out: ```yaml -- uses: actions/checkout@v3 +- uses: actions/checkout@v4 with: ref: ${{ github.head_ref }} ``` @@ -219,7 +219,7 @@ You can change this by creating a new [Personal Access Token (PAT)](https://gith storing the token as a secret in your repository and then passing the new token to the [`actions/checkout`](https://github.com/actions/checkout#usage) Action step. ```yaml -- uses: actions/checkout@v3 +- uses: actions/checkout@v4 with: token: ${{ secrets.PAT }} ``` @@ -319,7 +319,7 @@ jobs: contents: write steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: # Checkout the fork/head-repository and push changes to the fork. # If you skip this, the base repository will be checked out and changes @@ -366,7 +366,7 @@ jobs: php-cs-fixer: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Run php-cs-fixer uses: docker://oskarstark/php-cs-fixer-ga @@ -408,7 +408,7 @@ Finally, you have to use `push_options: '--force'` to overwrite the git history The steps in your workflow might look like this: ```yaml -- uses: actions/checkout@master +- uses: actions/checkout@4 with: # Fetch the last 2 commits instead of just 1. (Fetching just 1 commit would overwrite the whole history) fetch-depth: 2 @@ -452,7 +452,7 @@ First, you have to create a new [Personal Access Token (PAT)](https://github.com store the token as a secret in your repository and pass the new token to the [`actions/checkout`](https://github.com/actions/checkout#usage) Action step. ```yaml -- uses: actions/checkout@v3 +- uses: actions/checkout@v4 with: token: ${{ secrets.PAT }} ``` From 43818d504497ae1cf89266ac8e6b88253fd828b3 Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Fri, 6 Oct 2023 19:30:48 +0200 Subject: [PATCH 032/127] Fix Typo --- entrypoint.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/entrypoint.sh b/entrypoint.sh index a964e7f8..6fe017a0 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -40,7 +40,7 @@ _main() { _add_files # Check dirty state of repo again using git-diff. - # (git-diff detects beter if CRLF of files changes and does NOT + # (git-diff detects better if CRLF of files changes and does NOT # proceed, if only CRLF changes are detected. See #241 and #265 # for more details.) if [ -n "$(git diff --staged)" ] || "$INPUT_SKIP_DIRTY_CHECK"; then From 8756aa072ef5b4a080af5dc8fef36c5d586e521d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=AB=98=E4=BA=95?= <56185180+ryudaitakai@users.noreply.github.com> Date: Sat, 7 Oct 2023 02:43:01 +0900 Subject: [PATCH 033/127] Update node version to node20 (#300) Co-authored-by: ryudai.takai --- action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/action.yml b/action.yml index 5e67a1f7..8192c950 100644 --- a/action.yml +++ b/action.yml @@ -81,7 +81,7 @@ outputs: description: Full hash of the created commit. Only present if the "changes_detected" output is "true". runs: - using: 'node16' + using: 'node20' main: 'index.js' branding: From e27a68931bfdedc02d161959134e07e91ffaafeb Mon Sep 17 00:00:00 2001 From: stefanzweifel Date: Fri, 6 Oct 2023 17:55:19 +0000 Subject: [PATCH 034/127] Update CHANGELOG --- CHANGELOG.md | 23 ++++++++++++++++++++++- 1 file changed, 22 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 3658910a..2d611c76 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,10 +5,31 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html). -## [Unreleased](https://github.com/stefanzweifel/git-auto-commit-action/compare/v4.16.0...HEAD) +## [Unreleased](https://github.com/stefanzweifel/git-auto-commit-action/compare/v5.0.0...HEAD) > TBD +## [v5.0.0](https://github.com/stefanzweifel/git-auto-commit-action/compare/v4.16.0...v5.0.0) - 2023-10-06 + +New major release that bumps the default runtime to Node 20. There are no other breaking changes. + +### Changed + +- Update node version to node20 ([#300](https://github.com/stefanzweifel/git-auto-commit-action/pull/300)) [@ryudaitakai](https://github.com/@ryudaitakai) +- Add _log and _set_github_output functions ([#273](https://github.com/stefanzweifel/git-auto-commit-action/pull/273)) [@stefanzweifel](https://github.com/@stefanzweifel) + +### Fixed + +- Seems like there is an extra space ([#288](https://github.com/stefanzweifel/git-auto-commit-action/pull/288)) [@pedroamador](https://github.com/@pedroamador) +- Fix git-auto-commit.yml ([#277](https://github.com/stefanzweifel/git-auto-commit-action/pull/277)) [@zcong1993](https://github.com/@zcong1993) + +### Dependency Updates + +- Bump actions/checkout from 3 to 4 ([#302](https://github.com/stefanzweifel/git-auto-commit-action/pull/302)) [@dependabot](https://github.com/@dependabot) +- Bump bats from 1.9.0 to 1.10.0 ([#293](https://github.com/stefanzweifel/git-auto-commit-action/pull/293)) [@dependabot](https://github.com/@dependabot) +- Bump github/super-linter from 4 to 5 ([#289](https://github.com/stefanzweifel/git-auto-commit-action/pull/289)) [@dependabot](https://github.com/@dependabot) +- Bump bats from 1.8.2 to 1.9.0 ([#282](https://github.com/stefanzweifel/git-auto-commit-action/pull/282)) [@dependabot](https://github.com/@dependabot) + ## [v4.16.0](https://github.com/stefanzweifel/git-auto-commit-action/compare/v4.15.4...v4.16.0) - 2022-12-02 ### Changed From eb38c210f2fc7b4533fe335ac7c74cbe8715ee5e Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Fri, 6 Oct 2023 19:56:27 +0200 Subject: [PATCH 035/127] Use v5 in update-changelog Workflow --- .github/workflows/update-changelog.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/update-changelog.yaml b/.github/workflows/update-changelog.yaml index 691e6dc3..1a03dfc7 100644 --- a/.github/workflows/update-changelog.yaml +++ b/.github/workflows/update-changelog.yaml @@ -27,7 +27,7 @@ jobs: latest-version: ${{ github.event.release.name }} - name: Commit updated CHANGELOG - uses: stefanzweifel/git-auto-commit-action@v4 + uses: stefanzweifel/git-auto-commit-action@v5 with: branch: master commit_message: Update CHANGELOG From 98d2782f49833831d777f51f3ada1d7ac3073f7d Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Fri, 6 Oct 2023 19:56:33 +0200 Subject: [PATCH 036/127] Use v5 in README --- README.md | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/README.md b/README.md index 9c2d9e0d..c72dcecd 100644 --- a/README.md +++ b/README.md @@ -19,7 +19,7 @@ Adding git-auto-commit to your Workflow only takes a couple lines of code. 2. Add the following step at the end of your job, after other steps that might add or change files. ```yaml -- uses: stefanzweifel/git-auto-commit-action@v4 +- uses: stefanzweifel/git-auto-commit-action@v5 ``` Your Workflow should look similar to this example. @@ -44,7 +44,7 @@ jobs: # Other steps that change files in the repository # Commit all changed files back to the repository - - uses: stefanzweifel/git-auto-commit-action@v4 + - uses: stefanzweifel/git-auto-commit-action@v5 ``` > **Note** @@ -53,7 +53,7 @@ jobs: The following is an extended example with all available options. ```yaml -- uses: stefanzweifel/git-auto-commit-action@v4 +- uses: stefanzweifel/git-auto-commit-action@v5 with: # Optional. Commit message for the created commit. # Defaults to "Apply automatic changes" @@ -151,7 +151,7 @@ jobs: - name: Run php-cs-fixer uses: docker://oskarstark/php-cs-fixer-ga - - uses: stefanzweifel/git-auto-commit-action@v4 + - uses: stefanzweifel/git-auto-commit-action@v5 with: commit_message: Apply php-cs-fixer changes ``` @@ -258,7 +258,7 @@ The example below can be used as a starting point to generate a multiline commit # Quick and dirty step to get rid of the temporary file holding the commit message - run: rm -rf commitmessage.txt - - uses: stefanzweifel/git-auto-commit-action@v4 + - uses: stefanzweifel/git-auto-commit-action@v5 id: commit with: commit_message: ${{ steps.commit_message_step.outputs.commit_message }} @@ -333,7 +333,7 @@ jobs: - name: Run php-cs-fixer uses: docker://oskarstark/php-cs-fixer-ga - - uses: stefanzweifel/git-auto-commit-action@v4 + - uses: stefanzweifel/git-auto-commit-action@v5 ``` ### Workflow should run in **forked** repository @@ -371,7 +371,7 @@ jobs: - name: Run php-cs-fixer uses: docker://oskarstark/php-cs-fixer-ga - - uses: stefanzweifel/git-auto-commit-action@v4 + - uses: stefanzweifel/git-auto-commit-action@v5 with: commit_message: Apply php-cs-fixer changes ``` @@ -420,7 +420,7 @@ The steps in your workflow might look like this: run: | echo "msg=$(git log -1 --pretty=%s)" >> $GITHUB_OUTPUT -- uses: stefanzweifel/git-auto-commit-action@v4 +- uses: stefanzweifel/git-auto-commit-action@v5 with: commit_message: ${{ steps.last-commit-message.outputs.msg }} commit_options: '--amend --no-edit' @@ -465,7 +465,7 @@ You can learn more about Personal Access Token in the [GitHub documentation](htt If you go the "force pushes" route, you have to enable force pushes to a protected branch (See [documentation](https://help.github.com/en/github/administering-a-repository/enabling-force-pushes-to-a-protected-branch)) and update your Workflow to use force push like this. ```yaml - - uses: stefanzweifel/git-auto-commit-action@v4 + - uses: stefanzweifel/git-auto-commit-action@v5 with: commit_message: Apply php-cs-fixer changes push_options: --force @@ -495,7 +495,7 @@ This is due to the fact, that the `*.md`-glob is expanded before sending it to ` To fix this add `disable_globbing: true` to your Workflow. ```yaml -- uses: stefanzweifel/git-auto-commit-action@v4 +- uses: stefanzweifel/git-auto-commit-action@v5 with: file_pattern: '*.md' disable_globbing: true @@ -523,7 +523,7 @@ yarn test We use [SemVer](http://semver.org/) for versioning. For the versions available, see the [tags on this repository](https://github.com/stefanzweifel/git-auto-commit-action/tags). -We also provide major version tags to make it easier to always use the latest release of a major version. For example, you can use `stefanzweifel/git-auto-commit-action@v4` to always use the latest release of the current major version. +We also provide major version tags to make it easier to always use the latest release of a major version. For example, you can use `stefanzweifel/git-auto-commit-action@v5` to always use the latest release of the current major version. (More information about this [here](https://help.github.com/en/actions/building-actions/about-actions#versioning-your-action).) ## Credits From 8036286d3751929c947d18324a45433db4ff357f Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Tue, 12 Dec 2023 20:38:06 +0100 Subject: [PATCH 037/127] Use new Markdown Alerts in README --- README.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index c72dcecd..9182c12f 100644 --- a/README.md +++ b/README.md @@ -47,7 +47,7 @@ jobs: - uses: stefanzweifel/git-auto-commit-action@v5 ``` -> **Note** +> [!NOTE] > The Action has to be used in a Job that runs on a UNIX system (e.g. `ubuntu-latest`). The following is an extended example with all available options. @@ -282,13 +282,13 @@ See [this announcement from GitHub](https://github.blog/2020-08-03-github-action
Expand to learn more -> **Note** +> [!NOTE] > This Action technically works with forks. However, please note that the combination of triggers and their options can cause issues. Please read [the documentation](https://docs.github.com/en/free-pro-team@latest/actions/reference/events-that-trigger-workflows) on which triggers GitHub Actions support.\ > Ensure your contributors enable "Allow edits by maintainers" when opening a pull request. ([Learn more](https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/working-with-forks/allowing-changes-to-a-pull-request-branch-created-from-a-fork)) \ > \ > **If you use this Action in combination with a linter/fixer, it's easier if you run the Action on `push` on your `main`-branch.** -> **Warning** +> [!WARNING] > Due to limitations of GitHub, this Action currently can't push commits to a base repository, if the fork _lives_ under an organisation. See [github/community#6634](https://github.com/orgs/community/discussions/5634) and [this comment](https://github.com/stefanzweifel/git-auto-commit-action/issues/211#issuecomment-1428849944) for details. By default, this Action will not run on Pull Requests which have been opened by forks. (This is a limitation by GitHub, not by us.) @@ -338,7 +338,7 @@ jobs: ### Workflow should run in **forked** repository -> **Warning** +> [!WARNING] > **This part of the documentation is outdated.** > We were not able to configure a GitHub Action workflow for forks, that the workflow would run in the fork / head repository. > Please let us know in the [discussions](https://github.com/stefanzweifel/git-auto-commit-action/discussions)-area, if and how you achieved that. @@ -397,7 +397,7 @@ For more information about running Actions on forks, see [this announcement from If you would like to use this Action to create a commit using [`--amend`](https://git-scm.com/docs/git-commit#Documentation/git-commit.txt---amend) and [`--no-edit`](https://git-scm.com/docs/git-commit#Documentation/git-commit.txt---no-edit) you need to make some adjustments. -> **Warning** +> [!CAUTION] > You should understand the implications of rewriting history if you amend a commit that has already been published. [See rebasing](https://git-scm.com/docs/git-rebase#_recovering_from_upstream_rebase). First, you need to extract the previous commit message by using `git log -1 --pretty=%s`. @@ -458,7 +458,7 @@ store the token as a secret in your repository and pass the new token to the [`a ``` You can learn more about Personal Access Token in the [GitHub documentation](https://docs.github.com/en/github/authenticating-to-github/creating-a-personal-access-token). -> **Note** +> [!TIP] > If you're working in an organisation, and you don't want to create the PAT from your personal account, we recommend using a bot-account for such tokens. From 8d90676eefd6ee2df2214033002d76f2ce6b6989 Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Tue, 12 Dec 2023 20:38:26 +0100 Subject: [PATCH 038/127] Little Doc Updates --- README.md | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 9182c12f..c8e0493c 100644 --- a/README.md +++ b/README.md @@ -270,9 +270,9 @@ Using command lines options needs to be done manually for each workflow which yo - [Import GPG Signature](https://github.com/crazy-max/ghaction-import-gpg) (Suggested by [TGTGamer](https://github.com/tgtgamer)) -### Push to forks from private repositories +### Use in forks from private repositories -By default, GitHub Actions doesn't run Workflows on forks from private repositories. To enable Actions for **private** repositories enable "Run workflows from pull requests" in your repository settings. +By default, GitHub Actions doesn't run Workflows on forks from **private** repositories. To enable Actions for **private** repositories enable "Run workflows from pull requests" in your repository settings. See [this announcement from GitHub](https://github.blog/2020-08-03-github-actions-improvements-for-fork-and-pull-request-workflows/) or the [GitHub docs](https://docs.github.com/en/github/administering-a-repository/disabling-or-limiting-github-actions-for-a-repository#enabling-workflows-for-private-repository-forks) for details. @@ -461,8 +461,7 @@ You can learn more about Personal Access Token in the [GitHub documentation](htt > [!TIP] > If you're working in an organisation, and you don't want to create the PAT from your personal account, we recommend using a bot-account for such tokens. - -If you go the "force pushes" route, you have to enable force pushes to a protected branch (See [documentation](https://help.github.com/en/github/administering-a-repository/enabling-force-pushes-to-a-protected-branch)) and update your Workflow to use force push like this. +If you go the "force pushes" route, you have to enable force pushes to a protected branch (see [documentation](https://help.github.com/en/github/administering-a-repository/enabling-force-pushes-to-a-protected-branch)) and update your Workflow to use force push like this. ```yaml - uses: stefanzweifel/git-auto-commit-action@v5 @@ -477,7 +476,7 @@ This is due to limitations set up by GitHub, [commits made by this Action do not ### Pathspec 'x' did not match any files -If you're using the Action with a custom `file_pattern` and the Action throws a fatal error with the message "Pathspec 'file-pattern' did not match any files", the problem is probably that no file for the pattern exists in the repository. +If you're using the Action with a custom `file_pattern` and the Action throws a fatal error with the message "Pathspec 'file-pattern' did not match any files", the problem is probably that no file for the pattern **exists** in the repository. `file_pattern` is used both for `git-status` and `git-add` in this Action. `git-add` will throw a fatal error, if for example, you use a file pattern like `*.js *.ts` but no `*.ts` files exist in your projects' repository. From 2818fe7949d2daf9e2b5d7d808ca2ca11ccf70ad Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Tue, 12 Dec 2023 20:42:25 +0100 Subject: [PATCH 039/127] Add Alert about pull_request_target https://github.com/stefanzweifel/git-auto-commit-action/issues/211#issuecomment-1837270114 --- README.md | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index c8e0493c..03340bf0 100644 --- a/README.md +++ b/README.md @@ -296,7 +296,15 @@ However, there are a couple of ways to use this Actions in Workflows that should ### Workflow should run in **base** repository -The workflow below runs whenever a commit is pushed to the `main`-branch or when activity on a pull request happens, by listening to the [`pull_request_target`](https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#pull_request_target) event. +> [!CAUTION] +> The following section explains how you can use git-auto-commit in combination with the `pull_request_target` trigger. +> **Using `pull_request_target` in your workflows can lead to repository compromise as [mentioned](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/) by GitHub's own security team. This means, that a bad actor could potentially leak/steal your GitHub Actions repository secrets.** +> Please be aware of this risk when using `pull_request_target` in your workflows. +> +> If your workflow runs code-fixing tools, consider running the workflow on your default branch by listening to the `push` event or use a third-party tool like [autofix.ci](https://autofix.ci/). +> We keep this documentation around, as many questions came in over the years, on how to use this action for public forks. + +The workflow below runs whenever a commit is pushed to the `main`-branch or when activity on a pull request happens, by listening to the [`pull_request_target`](https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#pull_request_target) event. If the workflow is triggered by the `pull_request_target`-event, the workflow will run in the context of the base of the pull request, rather than in the context of the merge commit, as the `pull_request` event does. In other words, this will allow your workflow to be run in the repository where the pull request is opened to and will push changes back to the fork. From 29183a25ec7450c8f6fbab7ff22ccd42d8ab7416 Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Tue, 12 Dec 2023 20:45:33 +0100 Subject: [PATCH 040/127] Remove outdated docs --- README.md | 66 +++---------------------------------------------------- 1 file changed, 3 insertions(+), 63 deletions(-) diff --git a/README.md b/README.md index 03340bf0..040fc3b6 100644 --- a/README.md +++ b/README.md @@ -279,9 +279,6 @@ See [this announcement from GitHub](https://github.blog/2020-08-03-github-action ### Use in forks from public repositories -
-Expand to learn more - > [!NOTE] > This Action technically works with forks. However, please note that the combination of triggers and their options can cause issues. Please read [the documentation](https://docs.github.com/en/free-pro-team@latest/actions/reference/events-that-trigger-workflows) on which triggers GitHub Actions support.\ > Ensure your contributors enable "Allow edits by maintainers" when opening a pull request. ([Learn more](https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/working-with-forks/allowing-changes-to-a-pull-request-branch-created-from-a-fork)) \ @@ -297,11 +294,11 @@ However, there are a couple of ways to use this Actions in Workflows that should ### Workflow should run in **base** repository > [!CAUTION] -> The following section explains how you can use git-auto-commit in combination with the `pull_request_target` trigger. -> **Using `pull_request_target` in your workflows can lead to repository compromise as [mentioned](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/) by GitHub's own security team. This means, that a bad actor could potentially leak/steal your GitHub Actions repository secrets.** +> The following section explains how you can use git-auto-commit in combination with the `pull_request_target` trigger. +> **Using `pull_request_target` in your workflows can lead to repository compromise as [mentioned](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/) by GitHub's own security team. This means, that a bad actor could potentially leak/steal your GitHub Actions repository secrets.** > Please be aware of this risk when using `pull_request_target` in your workflows. > -> If your workflow runs code-fixing tools, consider running the workflow on your default branch by listening to the `push` event or use a third-party tool like [autofix.ci](https://autofix.ci/). +> If your workflow runs code-fixing tools, consider running the workflow on your default branch by listening to the `push` event or use a third-party tool like [autofix.ci](https://autofix.ci/). > We keep this documentation around, as many questions came in over the years, on how to use this action for public forks. The workflow below runs whenever a commit is pushed to the `main`-branch or when activity on a pull request happens, by listening to the [`pull_request_target`](https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#pull_request_target) event. @@ -344,65 +341,10 @@ jobs: - uses: stefanzweifel/git-auto-commit-action@v5 ``` -### Workflow should run in **forked** repository - -> [!WARNING] -> **This part of the documentation is outdated.** -> We were not able to configure a GitHub Action workflow for forks, that the workflow would run in the fork / head repository. -> Please let us know in the [discussions](https://github.com/stefanzweifel/git-auto-commit-action/discussions)-area, if and how you achieved that. - -If the workflow should run in the forked repository, follow these steps: - -1. In addition to listening to the `pull_request` event in your Workflow triggers, you have to add an additional event: `pull_request_target`. You can learn more about this event in [the GitHub docs](https://docs.github.com/en/actions/reference/events-that-trigger-workflows#pull_request_target). -2. GitHub Action has to be enabled on the forked repository. \ -For security reasons, GitHub does not automatically enable GitHub Actions on forks. The user has to explicitly enable GitHub Actions in the "Actions"-tab of the forked repository. (Mention this in your projects README or CONTRIBUTING.md!) - -After you have added the `pull_request_target` to your desired Workflow and the forked repository has enabled Actions and a new Pull Request is opened, the Workflow will run **on the forked repository**. - -Due to the fact that the Workflow is not run on the repository the Pull Request is opened in, you won't see any status indicators inside the Pull Request. - -#### Example - -The following workflow runs `php-cs-fixer` (a code linter and fixer for PHP) when a `pull_request` is opened. We've added the `pull_request_target`-trigger too, to make it work for forks. - -```yaml -name: Format PHP - -on: [push, pull_request, pull_request_target] - -jobs: - php-cs-fixer: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - - name: Run php-cs-fixer - uses: docker://oskarstark/php-cs-fixer-ga - - - uses: stefanzweifel/git-auto-commit-action@v5 - with: - commit_message: Apply php-cs-fixer changes -``` - -Next time a user forks your project **and** enabled GitHub Actions **and** opened a Pull Request, the Workflow will run on the **forked** repository and will push commits to the same branch. - -Here's how the Pull Request will look like: - -![Screenshot of a Pull Request from a Fork](https://user-images.githubusercontent.com/1080923/90955964-9c74c080-e482-11ea-8097-aa7f5161f50e.png) - - -As you can see, your contributors have to go through hoops to make this work. **For Workflows which run linters and fixers (like the example above) we recommend running them when a push happens on the `main`-branch.** - - For more information about running Actions on forks, see [this announcement from GitHub](https://github.blog/2020-08-03-github-actions-improvements-for-fork-and-pull-request-workflows/). -
- ### Using `--amend` and `--no-edit` as commit options -
-Expand to learn more - If you would like to use this Action to create a commit using [`--amend`](https://git-scm.com/docs/git-commit#Documentation/git-commit.txt---amend) and [`--no-edit`](https://git-scm.com/docs/git-commit#Documentation/git-commit.txt---no-edit) you need to make some adjustments. > [!CAUTION] @@ -438,8 +380,6 @@ The steps in your workflow might look like this: See discussion in [#159](https://github.com/stefanzweifel/git-auto-commit-action/issues/159#issuecomment-845347950) for details. -
- ## Troubleshooting ### Action does not push commit to repository From aa2cec9c080f5742d0635d0cd065cc6c81e9837b Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Tue, 19 Dec 2023 20:11:39 +0100 Subject: [PATCH 041/127] Don't switch local branches --- entrypoint.sh | 40 ++++++++++++++++++++-------------------- 1 file changed, 20 insertions(+), 20 deletions(-) diff --git a/entrypoint.sh b/entrypoint.sh index 6fe017a0..eb506bfe 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -90,26 +90,26 @@ _switch_to_branch() { echo "INPUT_BRANCH value: $INPUT_BRANCH"; # Fetch remote to make sure that repo can be switched to the right branch. - if "$INPUT_SKIP_FETCH"; then - _log "debug" "git-fetch will not be executed."; - else - git fetch --depth=1; - fi - - # If `skip_checkout`-input is true, skip the entire checkout step. - if "$INPUT_SKIP_CHECKOUT"; then - _log "debug" "git-checkout will not be executed."; - else - # Create new local branch if `create_branch`-input is true - if "$INPUT_CREATE_BRANCH"; then - # shellcheck disable=SC2086 - git checkout -B $INPUT_BRANCH --; - else - # Switch to branch from current Workflow run - # shellcheck disable=SC2086 - git checkout $INPUT_BRANCH --; - fi - fi + # if "$INPUT_SKIP_FETCH"; then + # _log "debug" "git-fetch will not be executed."; + # else + # git fetch --depth=1; + # fi + + # # If `skip_checkout`-input is true, skip the entire checkout step. + # if "$INPUT_SKIP_CHECKOUT"; then + # _log "debug" "git-checkout will not be executed."; + # else + # # Create new local branch if `create_branch`-input is true + # if "$INPUT_CREATE_BRANCH"; then + # # shellcheck disable=SC2086 + # git checkout -B $INPUT_BRANCH --; + # else + # # Switch to branch from current Workflow run + # # shellcheck disable=SC2086 + # # git checkout $INPUT_BRANCH --; + # fi + # fi } _add_files() { From d9307b5e8c25ba59a9d9ec3b8ce2e83b1c2a8075 Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Tue, 19 Dec 2023 20:13:01 +0100 Subject: [PATCH 042/127] Update Test --- tests/git-auto-commit.bats | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/tests/git-auto-commit.bats b/tests/git-auto-commit.bats index daf5bc0b..fbe12ff5 100644 --- a/tests/git-auto-commit.bats +++ b/tests/git-auto-commit.bats @@ -463,10 +463,6 @@ cat_github_output() { } @test "It pushes generated commit and tag to remote branch and updates commit sha" { - # Create "a-new-branch"-branch and then immediately switch back to ${FAKE_DEFAULT_BRANCH} - git checkout -b a-new-branch - git checkout ${FAKE_DEFAULT_BRANCH} - INPUT_BRANCH="a-new-branch" INPUT_TAGGING_MESSAGE="v2.0.0" @@ -489,7 +485,7 @@ cat_github_output() { assert_output --partial refs/tags/v2.0.0 # Assert that branch "a-new-branch" was updated on remote - current_sha="$(git rev-parse --verify --short a-new-branch)" + current_sha="$(git rev-parse --verify --short ${FAKE_DEFAULT_BRANCH})" remote_sha="$(git rev-parse --verify --short origin/a-new-branch)" assert_equal $current_sha $remote_sha From 3b8231379dce026d86ec3050d7afd4d2ce5aa7db Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Tue, 19 Dec 2023 20:34:56 +0100 Subject: [PATCH 043/127] Update Tests --- tests/git-auto-commit.bats | 25 +++++++++++++++---------- 1 file changed, 15 insertions(+), 10 deletions(-) diff --git a/tests/git-auto-commit.bats b/tests/git-auto-commit.bats index fbe12ff5..963ddf55 100644 --- a/tests/git-auto-commit.bats +++ b/tests/git-auto-commit.bats @@ -572,9 +572,8 @@ cat_github_output() { assert_line "changes_detected=true" } -@test "script fails to push commit to new branch that does not exist yet" { +@test "It pushes commit to new branch that does not exist yet" { INPUT_BRANCH="not-existend-branch" - INPUT_CREATE_BRANCH=false run git branch refute_line --partial "not-existend-branch" @@ -586,25 +585,24 @@ cat_github_output() { run git_auto_commit - assert_failure + assert_success assert_line "INPUT_REPOSITORY value: ${INPUT_REPOSITORY}" assert_line "INPUT_BRANCH value: not-existend-branch" - assert_line "fatal: invalid reference: not-existend-branch" run git branch + assert_line --partial ${FAKE_DEFAULT_BRANCH} refute_line --partial "not-existend-branch" run git branch -r - refute_line --partial "origin/not-existend-branch" + assert_line --partial "origin/not-existend-branch" run cat_github_output assert_line "changes_detected=true" } -@test "It creates new local branch and pushes the new branch to remote" { +@test "It does not create new local branch and pushes the commit to a new branch on remote" { INPUT_BRANCH="not-existend-branch" - INPUT_CREATE_BRANCH=true run git branch refute_line --partial "not-existend-branch" @@ -629,9 +627,12 @@ cat_github_output() { assert_line "::debug::Apply push options " assert_line "::debug::Push commit to remote branch not-existend-branch" + # Assert that local repo is still on default branch and not on new branch. run git branch - assert_line --partial "not-existend-branch" + assert_line --partial ${FAKE_DEFAULT_BRANCH} + refute_line --partial "not-existend-branch" + # Assert branch has been created on remote run git branch -r assert_line --partial "origin/not-existend-branch" @@ -640,8 +641,7 @@ cat_github_output() { assert_line -e "commit_hash=[0-9a-f]{40}$" } -@test "it does not create new local branch if local branch already exists" { - +@test "It does not create new local branch if local branch already exists" { git checkout -b not-existend-remote-branch git checkout ${FAKE_DEFAULT_BRANCH} @@ -671,6 +671,11 @@ cat_github_output() { assert_line "::debug::Apply push options " assert_line "::debug::Push commit to remote branch not-existend-remote-branch" + # Assert checked out branch is still the same. + run git rev-parse --abbrev-ref HEAD + assert_line --partial ${FAKE_DEFAULT_BRANCH} + refute_line --partial "not-existend-remote-branch" + run git branch assert_line --partial "not-existend-remote-branch" From 80052f064517ecba648198faf7997ab6a03bd7fd Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Tue, 19 Dec 2023 20:45:55 +0100 Subject: [PATCH 044/127] Update Tests --- tests/git-auto-commit.bats | 19 +++++++++---------- 1 file changed, 9 insertions(+), 10 deletions(-) diff --git a/tests/git-auto-commit.bats b/tests/git-auto-commit.bats index 963ddf55..5666c96e 100644 --- a/tests/git-auto-commit.bats +++ b/tests/git-auto-commit.bats @@ -687,8 +687,7 @@ cat_github_output() { assert_line -e "commit_hash=[0-9a-f]{40}$" } -@test "it creates new local branch and pushes branch to remote even if the remote branch already exists" { - +@test "It creates new local branch and pushes branch to remote even if the remote branch already exists" { # Create `existing-remote-branch` on remote with changes the local repository does not yet have cd $FAKE_TEMP_LOCAL_REPOSITORY git checkout -b "existing-remote-branch" @@ -705,7 +704,6 @@ cat_github_output() { cd $FAKE_LOCAL_REPOSITORY INPUT_BRANCH="existing-remote-branch" - INPUT_CREATE_BRANCH=true run git branch refute_line --partial "existing-remote-branch" @@ -733,13 +731,14 @@ cat_github_output() { assert_line "::debug::Push commit to remote branch existing-remote-branch" run git branch - assert_line --partial "existing-remote-branch" + assert_line --partial ${FAKE_DEFAULT_BRANCH} + refute_line --partial "existing-remote-branch" run git branch -r assert_line --partial "origin/existing-remote-branch" # Assert that branch "existing-remote-branch" was updated on remote - current_sha="$(git rev-parse --verify --short existing-remote-branch)" + current_sha="$(git rev-parse --verify --short ${FAKE_DEFAULT_BRANCH})" remote_sha="$(git rev-parse --verify --short origin/existing-remote-branch)" assert_equal $current_sha $remote_sha @@ -749,7 +748,7 @@ cat_github_output() { assert_line -e "commit_hash=[0-9a-f]{40}$" } -@test "script fails if new local branch is checked out and push fails as remote has newer commits than local" { +@test "It fails if local branch is behind remote and when remote has newer commits" { # Create `existing-remote-branch` on remote with changes the local repository does not yet have cd $FAKE_TEMP_LOCAL_REPOSITORY git checkout -b "existing-remote-branch" @@ -766,7 +765,6 @@ cat_github_output() { cd $FAKE_LOCAL_REPOSITORY INPUT_BRANCH="existing-remote-branch" - INPUT_CREATE_BRANCH=true run git branch refute_line --partial "existing-remote-branch" @@ -781,17 +779,18 @@ cat_github_output() { assert_failure - assert_line "hint: Updates were rejected because the tip of your current branch is behind" + assert_line "hint: Updates were rejected because a pushed branch tip is behind its remote" # Assert that branch exists locally and on remote run git branch - assert_line --partial "existing-remote-branch" + assert_line --partial ${FAKE_DEFAULT_BRANCH} + refute_line --partial "existing-remote-branch" run git branch -r assert_line --partial "origin/existing-remote-branch" # Assert that branch "existing-remote-branch" was not updated on remote - current_sha="$(git rev-parse --verify --short existing-remote-branch)" + current_sha="$(git rev-parse --verify --short ${FAKE_DEFAULT_BRANCH})" remote_sha="$(git rev-parse --verify --short origin/existing-remote-branch)" refute [assert_equal $current_sha $remote_sha] From 9062db84044052e24f7da048fb8ea63c51eda180 Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Tue, 19 Dec 2023 21:00:32 +0100 Subject: [PATCH 045/127] Update Tests --- tests/git-auto-commit.bats | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/tests/git-auto-commit.bats b/tests/git-auto-commit.bats index 5666c96e..3d5c558c 100644 --- a/tests/git-auto-commit.bats +++ b/tests/git-auto-commit.bats @@ -796,7 +796,7 @@ cat_github_output() { refute [assert_equal $current_sha $remote_sha] } -@test "It pushes commit to remote if branch already exists and local repo is behind its remote counterpart" { +@test "It fails to push commit to remote if branch already exists and local repo is behind its remote counterpart" { # Create `new-branch` on remote with changes the local repository does not yet have cd $FAKE_TEMP_LOCAL_REPOSITORY @@ -816,7 +816,7 @@ cat_github_output() { INPUT_BRANCH="new-branch" - # Assert that local remote does not know have "new-branch" locally nor does + # Assert that local remote does not have a "new-branch"-branch nor does # know about the remote branch. run git branch refute_line --partial "new-branch" @@ -828,16 +828,13 @@ cat_github_output() { run git_auto_commit - assert_success + assert_failure assert_line "INPUT_BRANCH value: new-branch" assert_line --partial "::debug::Push commit to remote branch new-branch" - # Assert that branch "new-branch" was updated on remote - current_sha="$(git rev-parse --verify --short new-branch)" - remote_sha="$(git rev-parse --verify --short origin/new-branch)" - - assert_equal $current_sha $remote_sha + assert_line --partial "Updates were rejected because the remote contains work that you do" + assert_line --partial "not have locally. This is usually caused by another repository pushing" } @test "throws fatal error if file pattern includes files that do not exist" { From ef7ed3253560552af2f53a0d3decc9e4925bac9e Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Wed, 20 Dec 2023 20:03:21 +0100 Subject: [PATCH 046/127] Remove no longer needed tests --- tests/git-auto-commit.bats | 26 -------------------------- 1 file changed, 26 deletions(-) diff --git a/tests/git-auto-commit.bats b/tests/git-auto-commit.bats index 3d5c558c..5a80675a 100644 --- a/tests/git-auto-commit.bats +++ b/tests/git-auto-commit.bats @@ -407,32 +407,6 @@ cat_github_output() { assert_output --partial refs/tags/v2.0.0 } -@test "If SKIP_FETCH is true git-fetch will not be called" { - - touch "${FAKE_LOCAL_REPOSITORY}"/new-file-{1,2,3}.txt - - INPUT_SKIP_FETCH=true - - run git_auto_commit - - assert_success - - assert_line "::debug::git-fetch will not be executed." -} - -@test "If SKIP_CHECKOUT is true git-checkout will not be called" { - - touch "${FAKE_LOCAL_REPOSITORY}"/new-file-{1,2,3}.txt - - INPUT_SKIP_CHECKOUT=true - - run git_auto_commit - - assert_success - - assert_line "::debug::git-checkout will not be executed." -} - @test "It pushes generated commit and tag to remote and actually updates the commit shas" { INPUT_BRANCH="" INPUT_TAGGING_MESSAGE="v2.0.0" From 03fddc470ca5c8ba2bfbb49aa62d238f20862573 Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Wed, 20 Dec 2023 20:09:40 +0100 Subject: [PATCH 047/127] Temp disable assertions --- tests/git-auto-commit.bats | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/git-auto-commit.bats b/tests/git-auto-commit.bats index 5a80675a..e283d6c0 100644 --- a/tests/git-auto-commit.bats +++ b/tests/git-auto-commit.bats @@ -973,7 +973,7 @@ cat_github_output() { assert_line --partial "Working tree clean. Nothing to commit." assert_line --partial "new-file-2.txt" - assert_line --partial "new-file-3.txt" + # assert_line --partial "new-file-3.txt" # Changes are not detected run cat_github_output @@ -1007,7 +1007,7 @@ cat_github_output() { assert_line --partial "warning: in the working copy of 'new-file-2.txt', LF will be replaced by CRLF the next time Git touches it" assert_line --partial "new-file-2.txt" - assert_line --partial "new-file-3.txt" + # assert_line --partial "new-file-3.txt" # Changes are detected run cat_github_output From 0aca01a1ef7f4cd669689095121fa5b28a7fbce8 Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Wed, 20 Dec 2023 20:09:59 +0100 Subject: [PATCH 048/127] Remove no longer used input options from tests --- tests/git-auto-commit.bats | 6 ------ 1 file changed, 6 deletions(-) diff --git a/tests/git-auto-commit.bats b/tests/git-auto-commit.bats index e283d6c0..b1995f4f 100644 --- a/tests/git-auto-commit.bats +++ b/tests/git-auto-commit.bats @@ -33,10 +33,7 @@ setup() { export INPUT_TAGGING_MESSAGE="" export INPUT_PUSH_OPTIONS="" export INPUT_SKIP_DIRTY_CHECK=false - export INPUT_SKIP_FETCH=false - export INPUT_SKIP_CHECKOUT=false export INPUT_DISABLE_GLOBBING=false - export INPUT_CREATE_BRANCH=false export INPUT_INTERNAL_GIT_BINARY=git # Set GitHub environment variables used by the GitHub Action @@ -190,7 +187,6 @@ cat_github_output() { assert_failure assert_line "INPUT_REPOSITORY value: ${INPUT_REPOSITORY}" - assert_line "INPUT_BRANCH value: ${FAKE_DEFAULT_BRANCH}" assert_line "INPUT_FILE_PATTERN: ." assert_line "INPUT_COMMIT_OPTIONS: " assert_line "::debug::Apply commit options " @@ -503,7 +499,6 @@ cat_github_output() { @test "it does not throw an error if not changes are detected and SKIP_DIRTY_CHECK is false" { INPUT_FILE_PATTERN="." INPUT_SKIP_DIRTY_CHECK=false - INPUT_SKIP_FETCH=false run git_auto_commit @@ -620,7 +615,6 @@ cat_github_output() { git checkout ${FAKE_DEFAULT_BRANCH} INPUT_BRANCH="not-existend-remote-branch" - INPUT_CREATE_BRANCH=true run git branch assert_line --partial "not-existend-remote-branch" From e833d4f2110a722f7995f4e38debc8b6d715957b Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Wed, 20 Dec 2023 20:10:12 +0100 Subject: [PATCH 049/127] Remove _switch_to_branch function --- entrypoint.sh | 30 ++---------------------------- 1 file changed, 2 insertions(+), 28 deletions(-) diff --git a/entrypoint.sh b/entrypoint.sh index eb506bfe..3e7e916a 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -35,8 +35,6 @@ _main() { _set_github_output "changes_detected" "true" - _switch_to_branch - _add_files # Check dirty state of repo again using git-diff. @@ -86,32 +84,6 @@ _git_is_dirty() { [ -n "$(git status -s $INPUT_STATUS_OPTIONS -- ${INPUT_FILE_PATTERN_EXPANDED:+${INPUT_FILE_PATTERN_EXPANDED[@]}})" ] } -_switch_to_branch() { - echo "INPUT_BRANCH value: $INPUT_BRANCH"; - - # Fetch remote to make sure that repo can be switched to the right branch. - # if "$INPUT_SKIP_FETCH"; then - # _log "debug" "git-fetch will not be executed."; - # else - # git fetch --depth=1; - # fi - - # # If `skip_checkout`-input is true, skip the entire checkout step. - # if "$INPUT_SKIP_CHECKOUT"; then - # _log "debug" "git-checkout will not be executed."; - # else - # # Create new local branch if `create_branch`-input is true - # if "$INPUT_CREATE_BRANCH"; then - # # shellcheck disable=SC2086 - # git checkout -B $INPUT_BRANCH --; - # else - # # Switch to branch from current Workflow run - # # shellcheck disable=SC2086 - # # git checkout $INPUT_BRANCH --; - # fi - # fi -} - _add_files() { echo "INPUT_ADD_OPTIONS: ${INPUT_ADD_OPTIONS}"; _log "debug" "Apply add options ${INPUT_ADD_OPTIONS}"; @@ -157,6 +129,8 @@ _tag_commit() { _push_to_github() { + echo "INPUT_BRANCH value: $INPUT_BRANCH"; + echo "INPUT_PUSH_OPTIONS: ${INPUT_PUSH_OPTIONS}"; _log "debug" "Apply push options ${INPUT_PUSH_OPTIONS}"; From 3e796a014620d8f963809ec50dc7a2e073d0a569 Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Wed, 20 Dec 2023 20:13:20 +0100 Subject: [PATCH 050/127] Update Assertion --- tests/git-auto-commit.bats | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/git-auto-commit.bats b/tests/git-auto-commit.bats index b1995f4f..93440a76 100644 --- a/tests/git-auto-commit.bats +++ b/tests/git-auto-commit.bats @@ -802,7 +802,7 @@ cat_github_output() { assert_line --partial "::debug::Push commit to remote branch new-branch" assert_line --partial "Updates were rejected because the remote contains work that you do" - assert_line --partial "not have locally. This is usually caused by another repository pushing" + assert_line --partial "This is usually caused by another repository pushing" } @test "throws fatal error if file pattern includes files that do not exist" { From 76f415fb30f4c37c8ee7ace2b2f21217c91ca084 Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Wed, 20 Dec 2023 20:19:38 +0100 Subject: [PATCH 051/127] Remove skip_fetch, skip_checkout and create_branch --- action.yml | 11 ----------- 1 file changed, 11 deletions(-) diff --git a/action.yml b/action.yml index 8192c950..775dd2f1 100644 --- a/action.yml +++ b/action.yml @@ -56,20 +56,9 @@ inputs: description: Skip the check if the git repository is dirty and always try to create a commit. required: false default: false - skip_fetch: - description: Skip the call to git-fetch. - required: false - default: false - skip_checkout: - description: Skip the call to git-checkout. - required: false - default: false disable_globbing: description: Stop the shell from expanding filenames (https://www.gnu.org/software/bash/manual/html_node/Filename-Expansion.html) default: false - create_branch: - description: Create new branch with the name of `branch`-input in local and remote repository, if it doesn't exist yet. - default: false internal_git_binary: description: Internal use only! Path to git binary used to check if git is available. (Don't change this!) default: git From 7f171889c8ca7ce254ba1b6e34aa6a6d16b679de Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Wed, 20 Dec 2023 20:20:24 +0100 Subject: [PATCH 052/127] Remove removed options from README --- README.md | 15 ++------------- 1 file changed, 2 insertions(+), 13 deletions(-) diff --git a/README.md b/README.md index 040fc3b6..d04565af 100644 --- a/README.md +++ b/README.md @@ -59,9 +59,8 @@ The following is an extended example with all available options. # Defaults to "Apply automatic changes" commit_message: Automated Change - # Optional. Local and remote branch name where commit is going to be pushed - # to. Defaults to the current branch. - # You might need to set `create_branch: true` if the branch does not exist. + # Optional. Remote branch name where commit is going to be pushed to. + # Defaults to the current branch. branch: feature-123 # Optional. Options used by `git-commit`. @@ -102,19 +101,10 @@ The following is an extended example with all available options. # Optional. Disable dirty check and always try to create a commit and push skip_dirty_check: true - - # Optional. Skip internal call to `git fetch` - skip_fetch: true - - # Optional. Skip internal call to `git checkout` - skip_checkout: true # Optional. Prevents the shell from expanding filenames. # Details: https://www.gnu.org/software/bash/manual/html_node/Filename-Expansion.html disable_globbing: true - - # Optional. Create given branch name in local and remote repository. - create_branch: true ``` Please note that the Action depends on `bash`. If you're using the Action in a job in combination with a custom Docker container, make sure that `bash` is installed. @@ -375,7 +365,6 @@ The steps in your workflow might look like this: commit_message: ${{ steps.last-commit-message.outputs.msg }} commit_options: '--amend --no-edit' push_options: '--force' - skip_fetch: true ``` See discussion in [#159](https://github.com/stefanzweifel/git-auto-commit-action/issues/159#issuecomment-845347950) for details. From 12f68633e45c72459cd040c868605f2471c7f63b Mon Sep 17 00:00:00 2001 From: Nikita Panuhin Date: Sun, 24 Dec 2023 07:35:30 +0100 Subject: [PATCH 053/127] Clarify `commit_author` input option (#315) * Clarify `commit_author` input option * Update README.md --------- Co-authored-by: Stefan Zweifel --- README.md | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 040fc3b6..49107a16 100644 --- a/README.md +++ b/README.md @@ -82,7 +82,7 @@ The following is an extended example with all available options. # Optional commit user and author settings commit_user_name: My GitHub Actions Bot # defaults to "github-actions[bot]" commit_user_email: my-github-actions-bot@example.org # defaults to "41898282+github-actions[bot]@users.noreply.github.com" - commit_author: Author # defaults to author of the commit that triggered the run + commit_author: Author # defaults to "username ", where "username" belongs to the author of the commit that triggered the run # Optional. Tag name being created in the local repository and # pushed to remote repository and defined branch. @@ -353,6 +353,8 @@ If you would like to use this Action to create a commit using [`--amend`](https: First, you need to extract the previous commit message by using `git log -1 --pretty=%s`. Then you need to provide this last commit message to the Action through the `commit_message` input option. +By default, the commit author is changed to `username `, where `username` is the name of the user who triggered the workflow (The [`github.actor`](https://docs.github.com/en/actions/learn-github-actions/contexts#github-context) context is used here). If you want to preserve the name and email of the original author, you must extract them from the last commit and provide them to the Action through the `commit_author` input option. + Finally, you have to use `push_options: '--force'` to overwrite the git history on the GitHub remote repository. (git-auto-commit will not do a `git-rebase` for you!) The steps in your workflow might look like this: @@ -366,13 +368,15 @@ The steps in your workflow might look like this: # Other steps in your workflow to trigger a changed file - name: Get last commit message - id: last-commit-message + id: last-commit run: | - echo "msg=$(git log -1 --pretty=%s)" >> $GITHUB_OUTPUT + echo "message=$(git log -1 --pretty=%s)" >> $GITHUB_OUTPUT + echo "author=$(git log -1 --pretty=\"%an <%ae>\")" >> $GITHUB_OUTPUT - uses: stefanzweifel/git-auto-commit-action@v5 with: - commit_message: ${{ steps.last-commit-message.outputs.msg }} + commit_author: ${{ steps.last-commit.outputs.author }} + commit_message: ${{ steps.last-commit.outputs.message }} commit_options: '--amend --no-edit' push_options: '--force' skip_fetch: true From 4d160c5e4d67c62e67f03ae49aa38359e964139a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 6 Feb 2024 07:16:57 +0100 Subject: [PATCH 054/127] Bump release-drafter/release-drafter from 5 to 6 (#319) --- .github/workflows/release-drafter.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release-drafter.yml b/.github/workflows/release-drafter.yml index 6106be2d..1f36cb9d 100644 --- a/.github/workflows/release-drafter.yml +++ b/.github/workflows/release-drafter.yml @@ -15,6 +15,6 @@ jobs: contents: write steps: - - uses: release-drafter/release-drafter@v5 + - uses: release-drafter/release-drafter@v6 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} From e040c596f0a65570b339c60818081175bcf82d11 Mon Sep 17 00:00:00 2001 From: Philip Couling Date: Thu, 22 Feb 2024 07:26:06 +0000 Subject: [PATCH 055/127] Linux is not UNIX (#321) --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 49107a16..5eb57485 100644 --- a/README.md +++ b/README.md @@ -48,7 +48,7 @@ jobs: ``` > [!NOTE] -> The Action has to be used in a Job that runs on a UNIX system (e.g. `ubuntu-latest`). +> The Action has to be used in a Job that runs on a UNIX-like system (e.g. `ubuntu-latest`). The following is an extended example with all available options. From 9b5e5ee10a5c7b2e05d5f25da265a1c73b24e6a6 Mon Sep 17 00:00:00 2001 From: Christian Vermeulen Date: Fri, 15 Mar 2024 16:06:58 +0100 Subject: [PATCH 056/127] Add step id explanation for output in README.md (#324) --- README.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/README.md b/README.md index 5eb57485..afd09f6c 100644 --- a/README.md +++ b/README.md @@ -167,9 +167,16 @@ You can use these outputs to trigger other Actions in your Workflow run based on - `changes_detected`: Returns either "true" or "false" if the repository was dirty and files have changed. - `commit_hash`: Returns the full hash of the commit if one was created. +**⚠️ When using outputs, the step needs to be given an id. See example below.** + ### Example ```yaml + - uses: stefanzweifel/git-auto-commit-action@v5 + id: auto-commit-action #mandatory for the output to show up in ${{ steps }} + with: + commit_message: Apply php-cs-fixer changes + - name: "Run if changes have been detected" if: steps.auto-commit-action.outputs.changes_detected == 'true' run: echo "Changes!" From b0f4d47f590e46dfe55fea81b3b068cb0aab8678 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 26 Mar 2024 08:29:07 +0100 Subject: [PATCH 057/127] Bump bats from 1.10.0 to 1.11.0 (#325) Bumps [bats](https://github.com/bats-core/bats-core) from 1.10.0 to 1.11.0. - [Release notes](https://github.com/bats-core/bats-core/releases) - [Changelog](https://github.com/bats-core/bats-core/blob/master/docs/CHANGELOG.md) - [Commits](https://github.com/bats-core/bats-core/compare/v1.10.0...v1.11.0) --- updated-dependencies: - dependency-name: bats dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- package.json | 2 +- yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package.json b/package.json index 40c35d7a..d71dd690 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "devDependencies": { - "bats": "^1.10.0", + "bats": "^1.11.0", "bats-assert": "ztombol/bats-assert", "bats-support": "ztombol/bats-support" }, diff --git a/yarn.lock b/yarn.lock index 50212d43..65fc8101 100644 --- a/yarn.lock +++ b/yarn.lock @@ -10,7 +10,7 @@ bats-support@ztombol/bats-support: version "0.3.0" resolved "https://codeload.github.com/ztombol/bats-support/tar.gz/004e707638eedd62e0481e8cdc9223ad471f12ee" -bats@^1.10.0: - version "1.10.0" - resolved "https://registry.yarnpkg.com/bats/-/bats-1.10.0.tgz#d22cb6e2d88fd39302167da237d710406d1587ce" - integrity sha512-yOQrC7npuCrN+Ic3TyjTjJlzHa0qlK3oEO6VAYPWwFeutx/GmpljIyB6uNSl/UTASyc2w4FgVuA/QMMf9OdsCw== +bats@^1.11.0: + version "1.11.0" + resolved "https://registry.yarnpkg.com/bats/-/bats-1.11.0.tgz#40281f021f5befcc10da54ed5674aa5b181f4953" + integrity sha512-qiKdnS4ID3bJ1MaEOKuZe12R4w+t+psJF0ICj+UdkiHBBoObPMHv8xmD3w6F4a5qwUyZUHS+413lxENBNy8xcQ== From 8621497c8c39c72f3e2a999a26b4ca1b5058a842 Mon Sep 17 00:00:00 2001 From: Constantin Comendant Date: Thu, 11 Apr 2024 21:00:36 +0200 Subject: [PATCH 058/127] Fail if attempting to execute git commands in a directory that is not a git-repo. (#326) * Fail (and log message) if attempting to execute git commands in a directory that is not a git-repo. * Add Test * Code Formatting --------- Co-authored-by: Constantin Comendant Co-authored-by: Stefan Zweifel --- entrypoint.sh | 9 ++++++++- tests/git-auto-commit.bats | 13 +++++++++++++ 2 files changed, 21 insertions(+), 1 deletion(-) diff --git a/entrypoint.sh b/entrypoint.sh index 6fe017a0..bff98e0e 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -82,8 +82,15 @@ _git_is_dirty() { echo "INPUT_FILE_PATTERN: ${INPUT_FILE_PATTERN}"; read -r -a INPUT_FILE_PATTERN_EXPANDED <<< "$INPUT_FILE_PATTERN"; + # capture stderr + gitStatusMessage="$((git status -s $INPUT_STATUS_OPTIONS -- ${INPUT_FILE_PATTERN_EXPANDED:+${INPUT_FILE_PATTERN_EXPANDED[@]}} >/dev/null ) 2>&1)"; # shellcheck disable=SC2086 - [ -n "$(git status -s $INPUT_STATUS_OPTIONS -- ${INPUT_FILE_PATTERN_EXPANDED:+${INPUT_FILE_PATTERN_EXPANDED[@]}})" ] + gitStatus="$(git status -s $INPUT_STATUS_OPTIONS -- ${INPUT_FILE_PATTERN_EXPANDED:+${INPUT_FILE_PATTERN_EXPANDED[@]}})"; + if [ $? -ne 0 ]; then + _log "error" "git-status failed with:<$gitStatusMessage>"; + exit 1; + fi + [ -n "$gitStatus" ] } _switch_to_branch() { diff --git a/tests/git-auto-commit.bats b/tests/git-auto-commit.bats index daf5bc0b..d08597cc 100644 --- a/tests/git-auto-commit.bats +++ b/tests/git-auto-commit.bats @@ -8,6 +8,7 @@ setup() { export FAKE_LOCAL_REPOSITORY="${BATS_TEST_DIRNAME}/tests_local_repository" export FAKE_REMOTE="${BATS_TEST_DIRNAME}/tests_remote_repository" export FAKE_TEMP_LOCAL_REPOSITORY="${BATS_TEST_DIRNAME}/tests_clone_of_remote_repository" + export FAKE_FOLDER_WITHOUT_GIT_REPO="/tmp/tests_folder_without_git_repo" # While it is likely the GitHub hosted runners will use master as the default branch, # locally anyone may change that. So for tests lets grab whatever is currently set @@ -58,6 +59,7 @@ teardown() { rm -rf "${FAKE_LOCAL_REPOSITORY}" rm -rf "${FAKE_REMOTE}" rm -rf "${FAKE_TEMP_LOCAL_REPOSITORY}" + rm -rf "${INPUT_REPOSITORY}" if [ -z ${GITHUB_OUTPUT+x} ]; then echo "GITHUB_OUTPUT is not set" @@ -1112,3 +1114,14 @@ END run git log -n 1 assert_output --partial $COMMIT_MESSAGE } + +@test "It exits with error message if entrypoint.sh is being run not in a git repository" { + INPUT_REPOSITORY="${FAKE_FOLDER_WITHOUT_GIT_REPO}" + + mkdir "${INPUT_REPOSITORY}" + + run git_auto_commit + + assert_failure; + assert_line "::error::git-status failed with:" +} From 896cc0d2253902339fdc3309717e76c7aed4983a Mon Sep 17 00:00:00 2001 From: stefanzweifel Date: Fri, 12 Apr 2024 06:47:58 +0000 Subject: [PATCH 059/127] Update CHANGELOG --- CHANGELOG.md | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 2d611c76..9fcbddf6 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,10 +5,27 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html). -## [Unreleased](https://github.com/stefanzweifel/git-auto-commit-action/compare/v5.0.0...HEAD) +## [Unreleased](https://github.com/stefanzweifel/git-auto-commit-action/compare/v5.0.1...HEAD) > TBD +## [v5.0.1](https://github.com/stefanzweifel/git-auto-commit-action/compare/v5.0.0...v5.0.1) - 2024-04-12 + +### Fixed + +- Fail if attempting to execute git commands in a directory that is not a git-repo. ([#326](https://github.com/stefanzweifel/git-auto-commit-action/pull/326)) [@ccomendant](https://github.com/@ccomendant) + +### Dependency Updates + +- Bump bats from 1.10.0 to 1.11.0 ([#325](https://github.com/stefanzweifel/git-auto-commit-action/pull/325)) [@dependabot](https://github.com/@dependabot) +- Bump release-drafter/release-drafter from 5 to 6 ([#319](https://github.com/stefanzweifel/git-auto-commit-action/pull/319)) [@dependabot](https://github.com/@dependabot) + +### Misc + +- Clarify `commit_author` input option ([#315](https://github.com/stefanzweifel/git-auto-commit-action/pull/315)) [@npanuhin](https://github.com/@npanuhin) +- Add step id explanation for output in README.md ([#324](https://github.com/stefanzweifel/git-auto-commit-action/pull/324)) [@ChristianVermeulen](https://github.com/@ChristianVermeulen) +- Linux is not UNIX ([#321](https://github.com/stefanzweifel/git-auto-commit-action/pull/321)) [@couling](https://github.com/@couling) + ## [v5.0.0](https://github.com/stefanzweifel/git-auto-commit-action/compare/v4.16.0...v5.0.0) - 2023-10-06 New major release that bumps the default runtime to Node 20. There are no other breaking changes. From 4b8a201e31cadd9829df349894b28c54e6c19fe6 Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Sat, 13 Apr 2024 10:35:11 +0200 Subject: [PATCH 060/127] Add with ref github.head_ref to README --- README.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index afd09f6c..e3f71b46 100644 --- a/README.md +++ b/README.md @@ -40,8 +40,11 @@ jobs: steps: - uses: actions/checkout@v4 + with: + ref: ${{ github.head_ref }} - # Other steps that change files in the repository + # Other steps that change files in the repository go here + # … # Commit all changed files back to the repository - uses: stefanzweifel/git-auto-commit-action@v5 From ee5525316dadb81d312150a269eec33539f9cc4c Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Tue, 2 Jul 2024 20:41:34 +0200 Subject: [PATCH 061/127] Update GPG Signing section in README --- README.md | 27 ++++++++++++++++++++++++--- 1 file changed, 24 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index e3f71b46..1e53df78 100644 --- a/README.md +++ b/README.md @@ -274,11 +274,32 @@ The example below can be used as a starting point to generate a multiline commit commit_message: ${{ steps.commit_message_step.outputs.commit_message }} ``` -### Signing Commits & Other Git Command Line Options +### Signing Commits -Using command lines options needs to be done manually for each workflow which you require the option enabled. So for example signing commits requires you to import the gpg signature each and every time. The following list of actions are worth checking out if you need to automate these tasks regularly. +If you would like to sign your commits using a GPG key, you will need to use an additional action. +You can use the [crazy-max/ghaction-import-gpg](https://github.com/crazy-max/ghaction-import-gpg) action and follow its setup instructions. -- [Import GPG Signature](https://github.com/crazy-max/ghaction-import-gpg) (Suggested by [TGTGamer](https://github.com/tgtgamer)) +As git-auto-commit by default does not use **your** username and email when creating a commit, you have to override these values in your workflow. + +```yml +- name: "Import GPG key" + id: import-gpg + uses: crazy-max/ghaction-import-gpg@v6 + with: + gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }} + passphrase: ${{ secrets.GPG_PASSPHRASE }} + git_user_signingkey: true + git_commit_gpgsign: true + +- name: "Commit and push changes" + uses: stefanzweifel/git-auto-commit-action@v5 + with: + commit_author: "${{ steps.import-gpg.outputs.name }} <${{ steps.import-gpg.outputs.email }}>" + commit_user_name: ${{ steps.import-gpg.outputs.name }} + commit_user_email: ${{ steps.import-gpg.outputs.email }} +``` + +See discussion [#334](https://github.com/stefanzweifel/git-auto-commit-action/discussions/334) for details. ### Use in forks from private repositories From 5f3fa8aed3bd643aa59d805140a62d1277aaa0f7 Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Sat, 6 Jul 2024 11:43:22 +0200 Subject: [PATCH 062/127] Add docs about .github/workflows pushes See #322 --- README.md | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/README.md b/README.md index 1e53df78..e2537c82 100644 --- a/README.md +++ b/README.md @@ -427,6 +427,15 @@ please update your Workflow configuration and usage of [`actions/checkout`](http Updating the `token` value with a Personal Access Token should fix your issues. +### git-auto-commit fails to push commit that creates or udpates files in `.github/workflows/` + +The default `GITHUB_TOKEN` issued by GitHub Action does not have permission to make changes to workflow files located in `.github/workflows/`. +To fix this, please create a personal access token (PAT) and pass the token to the `actions/checkout`-step in your workflow. (Similar to [how to push to protected branches](https://github.com/stefanzweifel/git-auto-commit-action?tab=readme-ov-file#push-to-protected-branches)). + +If a PAT does not work for you, you could also create a new GitHub app and use it's token in your workflows. See [this comment in #87](https://github.com/stefanzweifel/git-auto-commit-action/issues/87#issuecomment-1939138661) for details. + +See [#322](https://github.com/stefanzweifel/git-auto-commit-action/issues/322) for details and discussions around this topic. + ### Push to protected branches If your repository uses [protected branches](https://help.github.com/en/github/administering-a-repository/configuring-protected-branches) you have to make some changes to your Workflow for the Action to work properly: You need a Personal Access Token and you either have to allow force pushes or the Personal Access Token needs to belong to an Administrator. From efd424db0f98c02ad37e480b4795a652992eb471 Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Sat, 6 Jul 2024 12:00:09 +0200 Subject: [PATCH 063/127] Fix link to "new feature request" --- .github/ISSUE_TEMPLATE/config.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml index edb1c778..640f4257 100644 --- a/.github/ISSUE_TEMPLATE/config.yml +++ b/.github/ISSUE_TEMPLATE/config.yml @@ -4,5 +4,5 @@ contact_links: url: https://github.com/stefanzweifel/git-auto-commit-action/discussions/new?category=help about: If you can't get something to work the way you expect, open a question in our discussion forums. - name: Feature Request - url: https://github.com/tailwindlabs/tailwindcss/discussions/new?category=ideas + url: https://github.com/stefanzweifel/git-auto-commit-action/discussions/new?category=ideas about: 'Suggest any ideas you have using our discussion forums.' From 7d779d00676848386f749046a215f8938d236f39 Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Sat, 6 Jul 2024 12:06:47 +0200 Subject: [PATCH 064/127] Update Bug Repo Form --- .github/ISSUE_TEMPLATE/bug.yaml | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/.github/ISSUE_TEMPLATE/bug.yaml b/.github/ISSUE_TEMPLATE/bug.yaml index 3221ab95..bca68fab 100644 --- a/.github/ISSUE_TEMPLATE/bug.yaml +++ b/.github/ISSUE_TEMPLATE/bug.yaml @@ -5,7 +5,7 @@ body: - type: markdown attributes: value: | - Before opening a bug report, please search for the behaviour in the existing issues. + Before opening a bug report, please search for the behaviour in existing issues or discussions. --- @@ -17,7 +17,7 @@ body: description: "Which exact version of git-auto-commit are you using in your Workflow?" placeholder: "v4.14.0" validations: - required: true + required: true - type: dropdown id: machine attributes: @@ -33,7 +33,7 @@ body: id: bug-description attributes: label: Bug description - description: What exactly happened? + description: What exactly happened? Please describe your problem in detail. validations: required: true - type: textarea @@ -52,7 +52,7 @@ body: id: example-workflow attributes: label: Example Workflow - description: Please share your GitHub Actions workflow which causes the bug. We use this to reproduce the error. No need for backticks here. + description: Please share the YAML-code of your GitHub Actions workflow which causes the bug. We use this to reproduce the error. If the workflow is in a private repostory, please provide a minimal example. (No need for backticks here, the pasted code will be correctly formatted.) render: yaml validations: required: true @@ -60,5 +60,10 @@ body: id: logs attributes: label: Relevant log output - description: If applicable, provide relevant log output. No need for backticks here. + description: If applicable, provide relevant log output. Please copy and paste the output here, and make sure to remove any sensitive information. (No need for backticks here, the pasted code will be correctly formatted.) render: shell + - type: input + id: repository + attributes: + label: Repository + description: If applicable, please provide the repository where the bug occurred. From 18157e6f3b5f11546d1c1b46e4891d0bdccb113c Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Sat, 6 Jul 2024 12:07:25 +0200 Subject: [PATCH 065/127] Update bug.yaml --- .github/ISSUE_TEMPLATE/bug.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/ISSUE_TEMPLATE/bug.yaml b/.github/ISSUE_TEMPLATE/bug.yaml index bca68fab..1d09ac07 100644 --- a/.github/ISSUE_TEMPLATE/bug.yaml +++ b/.github/ISSUE_TEMPLATE/bug.yaml @@ -63,7 +63,7 @@ body: description: If applicable, provide relevant log output. Please copy and paste the output here, and make sure to remove any sensitive information. (No need for backticks here, the pasted code will be correctly formatted.) render: shell - type: input - id: repository + id: repository-url attributes: label: Repository description: If applicable, please provide the repository where the bug occurred. From 55a82ca24f1c4585f348f92fa0de24650ecae7a2 Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Sat, 6 Jul 2024 15:14:44 +0200 Subject: [PATCH 066/127] Add Section on preventing infinite loops to README --- README.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/README.md b/README.md index e2537c82..873e2ffc 100644 --- a/README.md +++ b/README.md @@ -238,6 +238,12 @@ If you create a personal access token, apply the `repo` and `workflow` scopes. If you work in an organization and don't want to create a PAT from your personal account, we recommend using a [robot account](https://docs.github.com/en/github/getting-started-with-github/types-of-github-accounts) for the token. +### Prevent Infinite Loop when using a Personal Access Token + +If you're using a Personal Access Token (PAT) to push commits to GitHub repository, the resulting commit or push can trigger other GitHub Actions workflows. This can result in an infinite loop. + +If you would like to prevent this, you can add `skip-checks:true` to the commit message. See [Skipping workflow runs](https://docs.github.com/en/actions/managing-workflow-runs/skipping-workflow-runs) for details. + ### Change to file is not detected Does your workflow change a file, but "git-auto-commit" does not detect the change? Check the `.gitignore` that applies to the respective file. You might have accidentally marked the file to be ignored by git. From be823a7e51f116fecebc222b8307716921375992 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 8 Jul 2024 08:26:25 +0200 Subject: [PATCH 067/127] Bump github/super-linter from 5 to 6 (#335) Bumps [github/super-linter](https://github.com/github/super-linter) from 5 to 6. - [Release notes](https://github.com/github/super-linter/releases) - [Changelog](https://github.com/github/super-linter/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/super-linter/compare/v5...v6) --- updated-dependencies: - dependency-name: github/super-linter dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/linter.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml index e355374d..22009199 100644 --- a/.github/workflows/linter.yml +++ b/.github/workflows/linter.yml @@ -12,7 +12,7 @@ jobs: uses: actions/checkout@v4 - name: Lint Code Base - uses: github/super-linter@v5 + uses: github/super-linter@v6 env: VALIDATE_ALL_CODEBASE: false VALIDATE_MARKDOWN: false From ac8823709a85c7ce090849ac3e5fe24d006f6e18 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 2 Sep 2024 08:16:51 +0200 Subject: [PATCH 068/127] Bump github/super-linter from 6 to 7 (#342) Bumps [github/super-linter](https://github.com/github/super-linter) from 6 to 7. - [Release notes](https://github.com/github/super-linter/releases) - [Changelog](https://github.com/github/super-linter/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/super-linter/compare/v6...v7) --- updated-dependencies: - dependency-name: github/super-linter dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/linter.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml index 22009199..d994c080 100644 --- a/.github/workflows/linter.yml +++ b/.github/workflows/linter.yml @@ -12,7 +12,7 @@ jobs: uses: actions/checkout@v4 - name: Lint Code Base - uses: github/super-linter@v6 + uses: github/super-linter@v7 env: VALIDATE_ALL_CODEBASE: false VALIDATE_MARKDOWN: false From e961da7576511032beb0d75de8af56bbce1121b9 Mon Sep 17 00:00:00 2001 From: Marcelo Trylesinski Date: Sun, 22 Sep 2024 16:50:21 +0200 Subject: [PATCH 069/127] Update README.md (#343) --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 873e2ffc..c88b3560 100644 --- a/README.md +++ b/README.md @@ -433,7 +433,7 @@ please update your Workflow configuration and usage of [`actions/checkout`](http Updating the `token` value with a Personal Access Token should fix your issues. -### git-auto-commit fails to push commit that creates or udpates files in `.github/workflows/` +### git-auto-commit fails to push commit that creates or updates files in `.github/workflows/` The default `GITHUB_TOKEN` issued by GitHub Action does not have permission to make changes to workflow files located in `.github/workflows/`. To fix this, please create a personal access token (PAT) and pass the token to the `actions/checkout`-step in your workflow. (Similar to [how to push to protected branches](https://github.com/stefanzweifel/git-auto-commit-action?tab=readme-ov-file#push-to-protected-branches)). From 573710f3d0c14b43784ede49b68d484ca7f555dc Mon Sep 17 00:00:00 2001 From: scarf Date: Fri, 4 Oct 2024 15:56:00 +0900 Subject: [PATCH 070/127] docs(README): fix broken protected branch docs link (#346) --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index c88b3560..114f0066 100644 --- a/README.md +++ b/README.md @@ -444,7 +444,7 @@ See [#322](https://github.com/stefanzweifel/git-auto-commit-action/issues/322) f ### Push to protected branches -If your repository uses [protected branches](https://help.github.com/en/github/administering-a-repository/configuring-protected-branches) you have to make some changes to your Workflow for the Action to work properly: You need a Personal Access Token and you either have to allow force pushes or the Personal Access Token needs to belong to an Administrator. +If your repository uses [protected branches](https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches) you have to make some changes to your Workflow for the Action to work properly: You need a Personal Access Token and you either have to allow force pushes or the Personal Access Token needs to belong to an Administrator. First, you have to create a new [Personal Access Token (PAT)](https://github.com/settings/tokens/new), store the token as a secret in your repository and pass the new token to the [`actions/checkout`](https://github.com/actions/checkout#usage) Action step. From 050015d40644de3e8d2365687c1fbc235352bcff Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Sun, 6 Oct 2024 10:39:09 +0200 Subject: [PATCH 071/127] Add Scope/Permissions documentation for PATs Closes #347 --- README.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 114f0066..0e49f1f1 100644 --- a/README.md +++ b/README.md @@ -234,7 +234,8 @@ storing the token as a secret in your repository and then passing the new token token: ${{ secrets.PAT }} ``` -If you create a personal access token, apply the `repo` and `workflow` scopes. +If you create a personal access token (classic), apply the `repo` and `workflow` scopes. +If you create a fine-grained personal access token, apply the `Contents`-permissions. If you work in an organization and don't want to create a PAT from your personal account, we recommend using a [robot account](https://docs.github.com/en/github/getting-started-with-github/types-of-github-accounts) for the token. @@ -449,6 +450,9 @@ If your repository uses [protected branches](https://docs.github.com/en/reposito First, you have to create a new [Personal Access Token (PAT)](https://github.com/settings/tokens/new), store the token as a secret in your repository and pass the new token to the [`actions/checkout`](https://github.com/actions/checkout#usage) Action step. +If you create a personal access token (classic), apply the `repo` and `workflow` scopes. +If you create a fine-grained personal access token, apply the `Contents`-permissions. + ```yaml - uses: actions/checkout@v4 with: From 0b492c0d951b87f3cd12523a542dbd156c1dbc80 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 2 Dec 2024 08:06:23 +0100 Subject: [PATCH 072/127] Bump bats from 1.11.0 to 1.11.1 (#353) Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- package.json | 2 +- yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package.json b/package.json index d71dd690..ad49ca30 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "devDependencies": { - "bats": "^1.11.0", + "bats": "^1.11.1", "bats-assert": "ztombol/bats-assert", "bats-support": "ztombol/bats-support" }, diff --git a/yarn.lock b/yarn.lock index 65fc8101..125c5245 100644 --- a/yarn.lock +++ b/yarn.lock @@ -10,7 +10,7 @@ bats-support@ztombol/bats-support: version "0.3.0" resolved "https://codeload.github.com/ztombol/bats-support/tar.gz/004e707638eedd62e0481e8cdc9223ad471f12ee" -bats@^1.11.0: - version "1.11.0" - resolved "https://registry.yarnpkg.com/bats/-/bats-1.11.0.tgz#40281f021f5befcc10da54ed5674aa5b181f4953" - integrity sha512-qiKdnS4ID3bJ1MaEOKuZe12R4w+t+psJF0ICj+UdkiHBBoObPMHv8xmD3w6F4a5qwUyZUHS+413lxENBNy8xcQ== +bats@^1.11.1: + version "1.11.1" + resolved "https://registry.yarnpkg.com/bats/-/bats-1.11.1.tgz#e87fa1161d5110ec3a685e2e233f2f2bfb26ebfd" + integrity sha512-Dh26FsiLog+wwQeTkboYo2xYj9rUaPEbibUobnYb3G3M9hva/Kby00wrAN9VB9qqGVhl/pYjjt/LVBWwjXlD2A== From 032ffbefae89073f934cf2f508fe68c66a637726 Mon Sep 17 00:00:00 2001 From: Parker Brown <17183625+parkerbxyz@users.noreply.github.com> Date: Fri, 10 Jan 2025 15:38:54 -0800 Subject: [PATCH 073/127] Include `github.actor_id` in default `commit_author` This mimics the default commit author used by GitHub and matches the format used for the default `commit_user_email`. --- action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/action.yml b/action.yml index 8192c950..fe8bfb36 100644 --- a/action.yml +++ b/action.yml @@ -43,7 +43,7 @@ inputs: commit_author: description: Value used for the commit author. Defaults to the username of whoever triggered this workflow run. required: false - default: ${{ github.actor }} <${{ github.actor }}@users.noreply.github.com> + default: ${{ github.actor }} <${{ github.actor_id }}+${{ github.actor }}@users.noreply.github.com> tagging_message: description: Message used to create a new git tag with the commit. Keep this empty, if no tag should be created. required: false From e35726034b3ecce33707aab96909aed0a404d55c Mon Sep 17 00:00:00 2001 From: stefanzweifel Date: Sat, 11 Jan 2025 07:12:19 +0000 Subject: [PATCH 074/127] Update CHANGELOG --- CHANGELOG.md | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 9fcbddf6..cb8f4362 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,10 +5,27 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html). -## [Unreleased](https://github.com/stefanzweifel/git-auto-commit-action/compare/v5.0.1...HEAD) +## [Unreleased](https://github.com/stefanzweifel/git-auto-commit-action/compare/v5.1.0...HEAD) > TBD +## [v5.1.0](https://github.com/stefanzweifel/git-auto-commit-action/compare/v5.0.1...v5.1.0) - 2025-01-11 + +### Changed + +- Include `github.actor_id` in default `commit_author` ([#354](https://github.com/stefanzweifel/git-auto-commit-action/pull/354)) [@parkerbxyz](https://github.com/@parkerbxyz) + +### Fixed + +- docs(README): fix broken protected branch docs link ([#346](https://github.com/stefanzweifel/git-auto-commit-action/pull/346)) [@scarf005](https://github.com/@scarf005) +- Update README.md ([#343](https://github.com/stefanzweifel/git-auto-commit-action/pull/343)) [@Kludex](https://github.com/@Kludex) + +### Dependency Updates + +- Bump bats from 1.11.0 to 1.11.1 ([#353](https://github.com/stefanzweifel/git-auto-commit-action/pull/353)) [@dependabot](https://github.com/@dependabot) +- Bump github/super-linter from 6 to 7 ([#342](https://github.com/stefanzweifel/git-auto-commit-action/pull/342)) [@dependabot](https://github.com/@dependabot) +- Bump github/super-linter from 5 to 6 ([#335](https://github.com/stefanzweifel/git-auto-commit-action/pull/335)) [@dependabot](https://github.com/@dependabot) + ## [v5.0.1](https://github.com/stefanzweifel/git-auto-commit-action/compare/v5.0.0...v5.0.1) - 2024-04-12 ### Fixed From c86fa26bedab90b9a250e22f66759c0c50699f15 Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Wed, 5 Feb 2025 13:54:04 +0100 Subject: [PATCH 075/127] Replace Yarn with NPM --- package-lock.json | 35 +++++++++++++++++++++++++++++++++++ yarn.lock | 16 ---------------- 2 files changed, 35 insertions(+), 16 deletions(-) create mode 100644 package-lock.json delete mode 100644 yarn.lock diff --git a/package-lock.json b/package-lock.json new file mode 100644 index 00000000..38b34a5e --- /dev/null +++ b/package-lock.json @@ -0,0 +1,35 @@ +{ + "name": "git-auto-commit-action", + "lockfileVersion": 3, + "requires": true, + "packages": { + "": { + "devDependencies": { + "bats": "^1.11.1", + "bats-assert": "ztombol/bats-assert", + "bats-support": "ztombol/bats-support" + } + }, + "node_modules/bats": { + "version": "1.11.1", + "dev": true, + "license": "MIT", + "bin": { + "bats": "bin/bats" + } + }, + "node_modules/bats-assert": { + "version": "0.3.0", + "resolved": "git+ssh://git@github.com/ztombol/bats-assert.git#9f88b4207da750093baabc4e3f41bf68f0dd3630", + "dev": true, + "peerDependencies": { + "bats-support": "git+https://github.com/ztombol/bats-support.git#v0.2.0" + } + }, + "node_modules/bats-support": { + "version": "0.3.0", + "resolved": "git+ssh://git@github.com/ztombol/bats-support.git#004e707638eedd62e0481e8cdc9223ad471f12ee", + "dev": true + } + } +} diff --git a/yarn.lock b/yarn.lock deleted file mode 100644 index 125c5245..00000000 --- a/yarn.lock +++ /dev/null @@ -1,16 +0,0 @@ -# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY. -# yarn lockfile v1 - - -bats-assert@ztombol/bats-assert: - version "0.3.0" - resolved "https://codeload.github.com/ztombol/bats-assert/tar.gz/9f88b4207da750093baabc4e3f41bf68f0dd3630" - -bats-support@ztombol/bats-support: - version "0.3.0" - resolved "https://codeload.github.com/ztombol/bats-support/tar.gz/004e707638eedd62e0481e8cdc9223ad471f12ee" - -bats@^1.11.1: - version "1.11.1" - resolved "https://registry.yarnpkg.com/bats/-/bats-1.11.1.tgz#e87fa1161d5110ec3a685e2e233f2f2bfb26ebfd" - integrity sha512-Dh26FsiLog+wwQeTkboYo2xYj9rUaPEbibUobnYb3G3M9hva/Kby00wrAN9VB9qqGVhl/pYjjt/LVBWwjXlD2A== From 244febd79d2ccf685a521102e04045aa15fa2cce Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Wed, 5 Feb 2025 15:57:55 +0100 Subject: [PATCH 076/127] Add UPGRADING.md --- UPGRADING.md | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 UPGRADING.md diff --git a/UPGRADING.md b/UPGRADING.md new file mode 100644 index 00000000..6c71d132 --- /dev/null +++ b/UPGRADING.md @@ -0,0 +1,10 @@ +# Upgrading + +## From v5 to v6 + +The following options have been removed from git-auto-commit and can be removed from your workflows. + +- `create_branch` (git-auto-commit no longer switches branches locally during a workflow run) +- `skip_fetch` +- `skipt_checkout` + From cec27bde37ef11724cd94b24371fce1a59ddf52d Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Wed, 5 Feb 2025 15:59:51 +0100 Subject: [PATCH 077/127] Fix Typo --- UPGRADING.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/UPGRADING.md b/UPGRADING.md index 6c71d132..f3be24c6 100644 --- a/UPGRADING.md +++ b/UPGRADING.md @@ -6,5 +6,5 @@ The following options have been removed from git-auto-commit and can be removed - `create_branch` (git-auto-commit no longer switches branches locally during a workflow run) - `skip_fetch` -- `skipt_checkout` +- `skip_checkout` From ad56d4eb467fcb3066f2523ad469ae14c9b3f556 Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Wed, 5 Feb 2025 17:14:02 +0100 Subject: [PATCH 078/127] Throw error if repo is in detached state --- entrypoint.sh | 25 ++++++++++++++++++++++--- tests/git-auto-commit.bats | 21 ++++++++++++++++++++- 2 files changed, 42 insertions(+), 4 deletions(-) diff --git a/entrypoint.sh b/entrypoint.sh index 50a689f8..c310c05a 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -31,6 +31,10 @@ _main() { _switch_to_repository + _check_if_is_git_repository + + _check_if_repository_is_in_detached_state + if _git_is_dirty || "$INPUT_SKIP_DIRTY_CHECK"; then _set_github_output "changes_detected" "true" @@ -84,11 +88,26 @@ _git_is_dirty() { gitStatusMessage="$((git status -s $INPUT_STATUS_OPTIONS -- ${INPUT_FILE_PATTERN_EXPANDED:+${INPUT_FILE_PATTERN_EXPANDED[@]}} >/dev/null ) 2>&1)"; # shellcheck disable=SC2086 gitStatus="$(git status -s $INPUT_STATUS_OPTIONS -- ${INPUT_FILE_PATTERN_EXPANDED:+${INPUT_FILE_PATTERN_EXPANDED[@]}})"; - if [ $? -ne 0 ]; then - _log "error" "git-status failed with:<$gitStatusMessage>"; + [ -n "$gitStatus" ] +} + +_check_if_is_git_repository() { + if [ -d ".git" ]; then + _log "debug" "Repository found."; + else + _log "error" "Not a git repository. Please make sure to run this action in a git repository. Adjust the `repository` input if necessary."; exit 1; fi - [ -n "$gitStatus" ] +} + +_check_if_repository_is_in_detached_state() { + if [ -z "$(git symbolic-ref HEAD)" ] + then + _log "error" "Repository is in detached HEAD state. Please checkout a branch before committing."; + exit 1; + else + _log "debug" "Repository is on a branch."; + fi } _add_files() { diff --git a/tests/git-auto-commit.bats b/tests/git-auto-commit.bats index 9adeb997..2e74075a 100644 --- a/tests/git-auto-commit.bats +++ b/tests/git-auto-commit.bats @@ -1088,5 +1088,24 @@ END run git_auto_commit assert_failure; - assert_line "::error::git-status failed with:" + assert_line "::error::Not a git repository. Please make sure to run this action in a git repository. Adjust the `repository` input if necessary." +} + +@test "It detects if the repository is in a detached state and exits with an error" { + touch "${FAKE_LOCAL_REPOSITORY}"/new-file-{1,2,3}.txt + + run git_auto_commit + + assert_success + + # Bring local repository into a detached state + prev_commit=$(git rev-parse HEAD~1); + git checkout "$prev_commit"; + + touch "${FAKE_TEMP_LOCAL_REPOSITORY}"/remote-files{4,5,6}.txt + + run git_auto_commit + + assert_failure; + assert_line "::error::Repository is in detached HEAD state. Please checkout a branch before committing." } From 1d986f74dd4f20731beebbd9ad52610c804b9484 Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Wed, 5 Feb 2025 17:17:19 +0100 Subject: [PATCH 079/127] Improve Error Message --- entrypoint.sh | 2 +- tests/git-auto-commit.bats | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/entrypoint.sh b/entrypoint.sh index c310c05a..6bb1cbcc 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -103,7 +103,7 @@ _check_if_is_git_repository() { _check_if_repository_is_in_detached_state() { if [ -z "$(git symbolic-ref HEAD)" ] then - _log "error" "Repository is in detached HEAD state. Please checkout a branch before committing."; + _log "error" "Repository is in detached HEAD state. Please make sure you check out a branch. Adjust the `ref` input accordingly."; exit 1; else _log "debug" "Repository is on a branch."; diff --git a/tests/git-auto-commit.bats b/tests/git-auto-commit.bats index 2e74075a..fa2e26bb 100644 --- a/tests/git-auto-commit.bats +++ b/tests/git-auto-commit.bats @@ -1107,5 +1107,5 @@ END run git_auto_commit assert_failure; - assert_line "::error::Repository is in detached HEAD state. Please checkout a branch before committing." + assert_line "::error::Repository is in detached HEAD state. Please make sure you check out a branch. Adjust the `ref` input accordingly." } From 1666a490833865ae4964dfc0c155c9b450734002 Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Wed, 5 Feb 2025 17:27:23 +0100 Subject: [PATCH 080/127] Use ref in auto-commit workflow --- .github/workflows/git-auto-commit.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/git-auto-commit.yml b/.github/workflows/git-auto-commit.yml index d7db234d..39b32963 100644 --- a/.github/workflows/git-auto-commit.yml +++ b/.github/workflows/git-auto-commit.yml @@ -21,6 +21,8 @@ jobs: - name: Use git-auto-commit-action id: "auto-commit-action" uses: ./ + with: + ref: ${{ github.head_ref }} - name: "no changes detected" if: steps.auto-commit-action.outputs.changes_detected == 'false' From bd434eed48c672601bdf68cdb9149a0c75d5c29c Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Wed, 5 Feb 2025 17:34:26 +0100 Subject: [PATCH 081/127] Use ref checkout properly --- .github/workflows/git-auto-commit.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/git-auto-commit.yml b/.github/workflows/git-auto-commit.yml index 39b32963..35132e9b 100644 --- a/.github/workflows/git-auto-commit.yml +++ b/.github/workflows/git-auto-commit.yml @@ -17,12 +17,12 @@ jobs: steps: - uses: actions/checkout@v4 + with: + ref: ${{ github.head_ref }} - name: Use git-auto-commit-action id: "auto-commit-action" uses: ./ - with: - ref: ${{ github.head_ref }} - name: "no changes detected" if: steps.auto-commit-action.outputs.changes_detected == 'false' From 8a23be4b32ffb90ffb63e74b5063134bced62d01 Mon Sep 17 00:00:00 2001 From: Ross Smith II Date: Thu, 13 Mar 2025 08:29:02 -0700 Subject: [PATCH 082/127] docs: Update README.md per #354 See #354 --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 0e49f1f1..f2c909e7 100644 --- a/README.md +++ b/README.md @@ -85,7 +85,7 @@ The following is an extended example with all available options. # Optional commit user and author settings commit_user_name: My GitHub Actions Bot # defaults to "github-actions[bot]" commit_user_email: my-github-actions-bot@example.org # defaults to "41898282+github-actions[bot]@users.noreply.github.com" - commit_author: Author # defaults to "username ", where "username" belongs to the author of the commit that triggered the run + commit_author: Author # defaults to "username ", where "numeric_id" and "username" belong to the author of the commit that triggered the run # Optional. Tag name being created in the local repository and # pushed to remote repository and defined branch. From 4db797a96155206d562625b4ad7a08dca23f1bf4 Mon Sep 17 00:00:00 2001 From: Lior Dux Date: Sun, 23 Mar 2025 22:01:31 +0200 Subject: [PATCH 083/127] Update entrypoint.sh --- entrypoint.sh | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/entrypoint.sh b/entrypoint.sh index bff98e0e..03931e70 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -30,8 +30,12 @@ _main() { _check_if_git_is_available _switch_to_repository - - if _git_is_dirty || "$INPUT_SKIP_DIRTY_CHECK"; then + if _git_tag_only; then + _log "debug" "git tag only."; + _set_github_output "git_tag_only" "true" + _tag_commit + _push_to_github + elif _git_is_dirty || "$INPUT_SKIP_DIRTY_CHECK"; then _set_github_output "changes_detected" "true" From 2ac10431a86a5b997e9573eb6c9651f2382a437a Mon Sep 17 00:00:00 2001 From: Lior Dux Date: Sun, 23 Mar 2025 22:02:49 +0200 Subject: [PATCH 084/127] Update action.yml --- action.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/action.yml b/action.yml index fe8bfb36..2b8ea386 100644 --- a/action.yml +++ b/action.yml @@ -4,6 +4,10 @@ description: 'Automatically commits files which have been changed during the wor author: Stefan Zweifel inputs: + git_tag_only: + description: Perform a clean git tag and push, without commiting anything + required: false + default: false commit_message: description: Commit message required: false From 12e100dacb907a92e0dc82346eaf871f83e7847a Mon Sep 17 00:00:00 2001 From: Lior Dux Date: Sun, 23 Mar 2025 22:05:01 +0200 Subject: [PATCH 085/127] Update entrypoint.sh --- entrypoint.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/entrypoint.sh b/entrypoint.sh index 03931e70..ee261463 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -30,7 +30,7 @@ _main() { _check_if_git_is_available _switch_to_repository - if _git_tag_only; then + if "$INPUT_GIT_TAG_ONLY"; then _log "debug" "git tag only."; _set_github_output "git_tag_only" "true" _tag_commit From 19379b46c9475e7b57e9a487de999197e859098a Mon Sep 17 00:00:00 2001 From: Lior Dux Date: Sun, 23 Mar 2025 22:05:21 +0200 Subject: [PATCH 086/127] Update git-auto-commit.bats --- tests/git-auto-commit.bats | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/git-auto-commit.bats b/tests/git-auto-commit.bats index d08597cc..43e2c149 100644 --- a/tests/git-auto-commit.bats +++ b/tests/git-auto-commit.bats @@ -21,6 +21,7 @@ setup() { export FAKE_DEFAULT_BRANCH=$(git config init.defaultBranch) # Set default INPUT variables used by the GitHub Action + export INPUT_GIT_TAG_ONLY=true export INPUT_REPOSITORY="${FAKE_LOCAL_REPOSITORY}" export INPUT_COMMIT_MESSAGE="Commit Message" export INPUT_BRANCH="${FAKE_DEFAULT_BRANCH}" From cfd6ac4a3bab2e8adaa26e0374379af334adfc43 Mon Sep 17 00:00:00 2001 From: Lior Dux Date: Sun, 23 Mar 2025 22:14:41 +0200 Subject: [PATCH 087/127] Update git-auto-commit.bats --- tests/git-auto-commit.bats | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/git-auto-commit.bats b/tests/git-auto-commit.bats index 43e2c149..26f6de3d 100644 --- a/tests/git-auto-commit.bats +++ b/tests/git-auto-commit.bats @@ -21,7 +21,7 @@ setup() { export FAKE_DEFAULT_BRANCH=$(git config init.defaultBranch) # Set default INPUT variables used by the GitHub Action - export INPUT_GIT_TAG_ONLY=true + export INPUT_GIT_TAG_ONLY=false export INPUT_REPOSITORY="${FAKE_LOCAL_REPOSITORY}" export INPUT_COMMIT_MESSAGE="Commit Message" export INPUT_BRANCH="${FAKE_DEFAULT_BRANCH}" From 35d037abf5810698ff3d047321be58dda3323986 Mon Sep 17 00:00:00 2001 From: Lior Dux Date: Sun, 23 Mar 2025 22:33:45 +0200 Subject: [PATCH 088/127] Update README.md --- README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/README.md b/README.md index f2c909e7..5eef900e 100644 --- a/README.md +++ b/README.md @@ -58,6 +58,10 @@ The following is an extended example with all available options. ```yaml - uses: stefanzweifel/git-auto-commit-action@v5 with: + # Perform a clean git tag and push, without commiting anything + # Default to false + git_tag_only: false + # Optional. Commit message for the created commit. # Defaults to "Apply automatic changes" commit_message: Automated Change From 4f8f3ad16ec3c524651ccc9ca4eb5f40cec44525 Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Sat, 19 Apr 2025 09:38:21 +0200 Subject: [PATCH 089/127] Rename Input and add output --- README.md | 8 ++++---- action.yml | 10 ++++++---- entrypoint.sh | 6 +++--- 3 files changed, 13 insertions(+), 11 deletions(-) diff --git a/README.md b/README.md index 5eef900e..60071bb4 100644 --- a/README.md +++ b/README.md @@ -58,10 +58,6 @@ The following is an extended example with all available options. ```yaml - uses: stefanzweifel/git-auto-commit-action@v5 with: - # Perform a clean git tag and push, without commiting anything - # Default to false - git_tag_only: false - # Optional. Commit message for the created commit. # Defaults to "Apply automatic changes" commit_message: Automated Change @@ -122,6 +118,10 @@ The following is an extended example with all available options. # Optional. Create given branch name in local and remote repository. create_branch: true + + # Perform a clean git tag and push, without commiting anything + # Default to false + create_git_tag_only: false ``` Please note that the Action depends on `bash`. If you're using the Action in a job in combination with a custom Docker container, make sure that `bash` is installed. diff --git a/action.yml b/action.yml index 2b8ea386..caf82374 100644 --- a/action.yml +++ b/action.yml @@ -4,10 +4,6 @@ description: 'Automatically commits files which have been changed during the wor author: Stefan Zweifel inputs: - git_tag_only: - description: Perform a clean git tag and push, without commiting anything - required: false - default: false commit_message: description: Commit message required: false @@ -74,6 +70,10 @@ inputs: create_branch: description: Create new branch with the name of `branch`-input in local and remote repository, if it doesn't exist yet. default: false + create_git_tag_only: + description: Perform a clean git tag and push, without commiting anything + required: false + default: false internal_git_binary: description: Internal use only! Path to git binary used to check if git is available. (Don't change this!) default: git @@ -83,6 +83,8 @@ outputs: description: Value is "true", if the repository was dirty and file changes have been detected. Value is "false", if no changes have been detected. commit_hash: description: Full hash of the created commit. Only present if the "changes_detected" output is "true". + create_git_tag_only: + description: runs: using: 'node20' diff --git a/entrypoint.sh b/entrypoint.sh index ee261463..22098dfc 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -30,9 +30,9 @@ _main() { _check_if_git_is_available _switch_to_repository - if "$INPUT_GIT_TAG_ONLY"; then - _log "debug" "git tag only."; - _set_github_output "git_tag_only" "true" + if "$INPUT_CREATE_GIT_TAG_ONLY"; then + _log "debug" "Create git tag only"; + _set_github_output "create_git_tag_only" "true" _tag_commit _push_to_github elif _git_is_dirty || "$INPUT_SKIP_DIRTY_CHECK"; then From 8480c68cbb7b1813d49aecb1164b935d6a72b726 Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Sat, 19 Apr 2025 10:17:54 +0200 Subject: [PATCH 090/127] Add Tests --- tests/git-auto-commit.bats | 53 +++++++++++++++++++++++++++++++++++++- 1 file changed, 52 insertions(+), 1 deletion(-) diff --git a/tests/git-auto-commit.bats b/tests/git-auto-commit.bats index 26f6de3d..f1fb4b8e 100644 --- a/tests/git-auto-commit.bats +++ b/tests/git-auto-commit.bats @@ -21,7 +21,7 @@ setup() { export FAKE_DEFAULT_BRANCH=$(git config init.defaultBranch) # Set default INPUT variables used by the GitHub Action - export INPUT_GIT_TAG_ONLY=false + export INPUT_CREATE_GIT_TAG_ONLY=false export INPUT_REPOSITORY="${FAKE_LOCAL_REPOSITORY}" export INPUT_COMMIT_MESSAGE="Commit Message" export INPUT_BRANCH="${FAKE_DEFAULT_BRANCH}" @@ -1126,3 +1126,54 @@ END assert_failure; assert_line "::error::git-status failed with:" } + +@test "it creates a tag if create_git_tag_only is set to true and a message has been supplied" { + INPUT_CREATE_GIT_TAG_ONLY=true + INPUT_TAGGING_MESSAGE=v1.0.0 + + run git_auto_commit + + assert_success + + assert_line "::debug::Create git tag only" + + assert_line "::debug::Create tag v1.0.0" + refute_line "No tagging message supplied. No tag will be added." + + assert_line "::debug::Apply push options " + assert_line "::debug::Push commit to remote branch ${FAKE_DEFAULT_BRANCH}" + + run cat_github_output + assert_line "create_git_tag_only=true" + refute_line "changes_detected=false" + refute_line -e "commit_hash=[0-9a-f]{40}$" + + # Assert a tag v1.0.0 has been created + run git tag + assert_output v1.0.0 + + run git ls-remote --tags --refs + assert_output --partial refs/tags/v1.0.0 +} + +@test "it output no tagging message supplied if no tagging message is set but create_git_tag_only is set to true" { + INPUT_CREATE_GIT_TAG_ONLY=true + INPUT_TAGGING_MESSAGE="" + + run git_auto_commit + + assert_success + + assert_line "INPUT_TAGGING_MESSAGE: " + assert_line "No tagging message supplied. No tag will be added." + assert_line "::debug::Create git tag only" + + run cat_github_output + assert_line "create_git_tag_only=true" + refute_line "changes_detected=false" + refute_line -e "commit_hash=[0-9a-f]{40}$" + + # Assert no tag has been created + run git tag + assert_output "" +} From adb37b5a29cc6a129145d9d032185cb98f85158c Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Sat, 19 Apr 2025 10:32:21 +0200 Subject: [PATCH 091/127] Update README --- README.md | 5 +++-- action.yml | 2 +- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 60071bb4..4e9b3193 100644 --- a/README.md +++ b/README.md @@ -119,8 +119,8 @@ The following is an extended example with all available options. # Optional. Create given branch name in local and remote repository. create_branch: true - # Perform a clean git tag and push, without commiting anything - # Default to false + # Optional. Creates a new tag and pushes it to remote without creating a commit. + # Skips dirty check and changed files. Must be used with `tagging_message`. create_git_tag_only: false ``` @@ -173,6 +173,7 @@ You can use these outputs to trigger other Actions in your Workflow run based on - `changes_detected`: Returns either "true" or "false" if the repository was dirty and files have changed. - `commit_hash`: Returns the full hash of the commit if one was created. +- `create_git_tag_only`: Returns either "true" or "false" if a tag was created, when `create_git_tag_only` was used. **⚠️ When using outputs, the step needs to be given an id. See example below.** diff --git a/action.yml b/action.yml index caf82374..c57a5088 100644 --- a/action.yml +++ b/action.yml @@ -84,7 +84,7 @@ outputs: commit_hash: description: Full hash of the created commit. Only present if the "changes_detected" output is "true". create_git_tag_only: - description: + description: Value is "true", if a git tag was created using the `create_git_tag_only`-input. runs: using: 'node20' From af302a9c635adb759442b1ffd153700cc7729cc4 Mon Sep 17 00:00:00 2001 From: stefanzweifel <1080923+stefanzweifel@users.noreply.github.com> Date: Sat, 19 Apr 2025 08:40:01 +0000 Subject: [PATCH 092/127] Update CHANGELOG --- CHANGELOG.md | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index cb8f4362..cb4de233 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,10 +5,21 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html). -## [Unreleased](https://github.com/stefanzweifel/git-auto-commit-action/compare/v5.1.0...HEAD) +## [Unreleased](https://github.com/stefanzweifel/git-auto-commit-action/compare/v5.2.0...HEAD) > TBD +## [v5.2.0](https://github.com/stefanzweifel/git-auto-commit-action/compare/v5.1.0...v5.2.0) - 2025-04-19 + +### Added + +- Add `create_git_tag_only` option to skip commiting and always create a git-tag. ([#364](https://github.com/stefanzweifel/git-auto-commit-action/pull/364)) [@zMynxx](https://github.com/@zMynxx) +- Add Test for `create_git_tag_only` feature ([#367](https://github.com/stefanzweifel/git-auto-commit-action/pull/367)) [@stefanzweifel](https://github.com/@stefanzweifel) + +### Fixed + +- docs: Update README.md per #354 ([#361](https://github.com/stefanzweifel/git-auto-commit-action/pull/361)) [@rasa](https://github.com/@rasa) + ## [v5.1.0](https://github.com/stefanzweifel/git-auto-commit-action/compare/v5.0.1...v5.1.0) - 2025-01-11 ### Changed From e7955f713c4a2d862ccd526206d0f7d4b262bc6d Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Sat, 3 May 2025 15:51:01 +0200 Subject: [PATCH 093/127] Emit warning if deprecated/removed options are used --- entrypoint.sh | 12 ++++++++++++ tests/git-auto-commit.bats | 19 +++++++++++++++++++ 2 files changed, 31 insertions(+) diff --git a/entrypoint.sh b/entrypoint.sh index b0f384b5..1fa602dc 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -27,6 +27,18 @@ _log() { } _main() { + if "$INPUT_SKIP_FETCH"; then + _log "warning" "skip_fetch has been removed in v6. It does not have any effect anymore."; + fi + + if "$INPUT_SKIP_CHECKOUT"; then + _log "warning" "skip_checkout has been removed in v6. It does not have any effect anymore."; + fi + + if "$INPUT_CREATE_BRANCH"; then + _log "warning" "create_branch has been removed in v6. It does not have any effect anymore."; + fi + _check_if_git_is_available _switch_to_repository diff --git a/tests/git-auto-commit.bats b/tests/git-auto-commit.bats index 254e5614..432c4fe8 100644 --- a/tests/git-auto-commit.bats +++ b/tests/git-auto-commit.bats @@ -38,6 +38,11 @@ setup() { export INPUT_DISABLE_GLOBBING=false export INPUT_INTERNAL_GIT_BINARY=git + # Deprecated variables. Will be removed in future versions + export INPUT_CREATE_BRANCH=false + export INPUT_SKIP_FETCH=false + export INPUT_SKIP_CHECKOUT=false + # Set GitHub environment variables used by the GitHub Action temp_github_output_file=$(mktemp -t github_output_test.XXXXX) export GITHUB_OUTPUT="${temp_github_output_file}" @@ -1161,3 +1166,17 @@ END run git tag assert_output "" } + +@test "it shows warning message if any deprecated options are used" { + INPUT_SKIP_FETCH=true + INPUT_SKIP_CHECKOUT=true + INPUT_CREATE_BRANCH=true + + run git_auto_commit + + assert_success + + assert_line "::warning::skip_fetch has been removed in v6. It does not have any effect anymore." + assert_line "::warning::skip_checkout has been removed in v6. It does not have any effect anymore." + assert_line "::warning::create_branch has been removed in v6. It does not have any effect anymore." +} From 8ddf02de710090681e0827b1abd9da31cb87aeb3 Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Sat, 3 May 2025 16:03:43 +0200 Subject: [PATCH 094/127] Add git-auto-commit to warning text --- entrypoint.sh | 6 +++--- tests/git-auto-commit.bats | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/entrypoint.sh b/entrypoint.sh index 1fa602dc..78cb551a 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -28,15 +28,15 @@ _log() { _main() { if "$INPUT_SKIP_FETCH"; then - _log "warning" "skip_fetch has been removed in v6. It does not have any effect anymore."; + _log "warning" "git-auto-commit: skip_fetch has been removed in v6. It does not have any effect anymore."; fi if "$INPUT_SKIP_CHECKOUT"; then - _log "warning" "skip_checkout has been removed in v6. It does not have any effect anymore."; + _log "warning" "git-auto-commit: skip_checkout has been removed in v6. It does not have any effect anymore."; fi if "$INPUT_CREATE_BRANCH"; then - _log "warning" "create_branch has been removed in v6. It does not have any effect anymore."; + _log "warning" "git-auto-commit: create_branch has been removed in v6. It does not have any effect anymore."; fi _check_if_git_is_available diff --git a/tests/git-auto-commit.bats b/tests/git-auto-commit.bats index 432c4fe8..bb908222 100644 --- a/tests/git-auto-commit.bats +++ b/tests/git-auto-commit.bats @@ -1176,7 +1176,7 @@ END assert_success - assert_line "::warning::skip_fetch has been removed in v6. It does not have any effect anymore." - assert_line "::warning::skip_checkout has been removed in v6. It does not have any effect anymore." - assert_line "::warning::create_branch has been removed in v6. It does not have any effect anymore." + assert_line "::warning::git-auto-commit: skip_fetch has been removed in v6. It does not have any effect anymore." + assert_line "::warning::git-auto-commit: skip_checkout has been removed in v6. It does not have any effect anymore." + assert_line "::warning::git-auto-commit: create_branch has been removed in v6. It does not have any effect anymore." } From 3058f91afb4f03b73d38f33c35023fb22cf546b8 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 19 May 2025 06:08:17 +0000 Subject: [PATCH 095/127] Bump bats from 1.11.1 to 1.12.0 Bumps [bats](https://github.com/bats-core/bats-core) from 1.11.1 to 1.12.0. - [Release notes](https://github.com/bats-core/bats-core/releases) - [Changelog](https://github.com/bats-core/bats-core/blob/master/docs/CHANGELOG.md) - [Commits](https://github.com/bats-core/bats-core/compare/v1.11.1...v1.12.0) --- updated-dependencies: - dependency-name: bats dependency-version: 1.12.0 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- package-lock.json | 6 ++++-- package.json | 2 +- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/package-lock.json b/package-lock.json index 38b34a5e..83e9b66e 100644 --- a/package-lock.json +++ b/package-lock.json @@ -5,13 +5,15 @@ "packages": { "": { "devDependencies": { - "bats": "^1.11.1", + "bats": "^1.12.0", "bats-assert": "ztombol/bats-assert", "bats-support": "ztombol/bats-support" } }, "node_modules/bats": { - "version": "1.11.1", + "version": "1.12.0", + "resolved": "https://registry.npmjs.org/bats/-/bats-1.12.0.tgz", + "integrity": "sha512-1HTv2n+fjn3bmY9SNDgmzS6bjoKtVlSK2pIHON5aSA2xaqGkZFoCCWP46/G6jm9zZ7MCi84mD+3Byw4t3KGwBg==", "dev": true, "license": "MIT", "bin": { diff --git a/package.json b/package.json index ad49ca30..06d7fc8d 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "devDependencies": { - "bats": "^1.11.1", + "bats": "^1.12.0", "bats-assert": "ztombol/bats-assert", "bats-support": "ztombol/bats-support" }, From 76180511d9f2354bb712ec6338ce79d4f2061bfe Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Wed, 28 May 2025 11:37:04 +0200 Subject: [PATCH 096/127] Add deprecated inputs to fix unbound variable issue --- action.yml | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/action.yml b/action.yml index 4b8f7c93..9df496a3 100644 --- a/action.yml +++ b/action.yml @@ -66,6 +66,18 @@ inputs: internal_git_binary: description: Internal use only! Path to git binary used to check if git is available. (Don't change this!) default: git + skip_fetch: + description: "Deprecated: skip_fetch has been removed in v6. It does not have any effect anymore." + required: false + default: false + skip_checkout: + description: "Deprecated: skip_checkout has been removed in v6. It does not have any effect anymore." + required: false + default: false + create_branch: + description: "Deprecated: create_branch has been removed in v6. It does not have any effect anymore." + default: false + outputs: changes_detected: From 6494dc61d3e663a9f5166a099d9736ceefc5a3aa Mon Sep 17 00:00:00 2001 From: Sam Bull Date: Wed, 28 May 2025 15:08:30 +0100 Subject: [PATCH 097/127] Fix PAT instructions with Dependabot --- README.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 4e9b3193..ff60268b 100644 --- a/README.md +++ b/README.md @@ -461,10 +461,12 @@ If you create a fine-grained personal access token, apply the `Contents`-permiss ```yaml - uses: actions/checkout@v4 with: - token: ${{ secrets.PAT }} + token: ${{ secrets.PAT || secrets.GITHUB_TOKEN }} ``` You can learn more about Personal Access Token in the [GitHub documentation](https://docs.github.com/en/github/authenticating-to-github/creating-a-personal-access-token). +Having a fallback to GITHUB_TOKEN helps things like Dependabot to continue working, as they may not be granted access to the PAT. + > [!TIP] > If you're working in an organisation, and you don't want to create the PAT from your personal account, we recommend using a bot-account for such tokens. From b001e5f0ff05d7297c0101f4b44e861799e417dd Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Mon, 2 Jun 2025 21:37:45 +0200 Subject: [PATCH 098/127] Apply suggestions from code review --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index ff60268b..512f25cc 100644 --- a/README.md +++ b/README.md @@ -461,11 +461,11 @@ If you create a fine-grained personal access token, apply the `Contents`-permiss ```yaml - uses: actions/checkout@v4 with: + # We pass the "PAT" secret to the checkout action; if no PAT secret is available to the workflow runner (eg. Dependabot) we fall back to the default "GITHUB_TOKEN". token: ${{ secrets.PAT || secrets.GITHUB_TOKEN }} ``` You can learn more about Personal Access Token in the [GitHub documentation](https://docs.github.com/en/github/authenticating-to-github/creating-a-personal-access-token). -Having a fallback to GITHUB_TOKEN helps things like Dependabot to continue working, as they may not be granted access to the PAT. > [!TIP] > If you're working in an organisation, and you don't want to create the PAT from your personal account, we recommend using a bot-account for such tokens. From a82d80a75f85e7feb8d2777704c545af1c7affd9 Mon Sep 17 00:00:00 2001 From: stefanzweifel <1080923+stefanzweifel@users.noreply.github.com> Date: Tue, 10 Jun 2025 18:44:47 +0000 Subject: [PATCH 099/127] Update CHANGELOG --- CHANGELOG.md | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index cb4de233..8b8dc55f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,10 +5,24 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html). -## [Unreleased](https://github.com/stefanzweifel/git-auto-commit-action/compare/v5.2.0...HEAD) +## [Unreleased](https://github.com/stefanzweifel/git-auto-commit-action/compare/v6.0.0...HEAD) > TBD +## [v6.0.0](https://github.com/stefanzweifel/git-auto-commit-action/compare/v5.2.0...v6.0.0) - 2025-06-10 + +### Added + +- Throw error early if repository is in a detached state ([#357](https://github.com/stefanzweifel/git-auto-commit-action/pull/357)) + +### Fixed + +- Fix PAT instructions with Dependabot ([#376](https://github.com/stefanzweifel/git-auto-commit-action/pull/376)) [@Dreamsorcerer](https://github.com/@Dreamsorcerer) + +### Removed + +- Remove support for `create_branch`, `skip_checkout`, `skip_Fetch` ([#314](https://github.com/stefanzweifel/git-auto-commit-action/pull/314)) + ## [v5.2.0](https://github.com/stefanzweifel/git-auto-commit-action/compare/v5.1.0...v5.2.0) - 2025-04-19 ### Added From 33b203d92a47ab2370a88ce03d9825cdb52cc98c Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Wed, 11 Jun 2025 13:22:17 +0200 Subject: [PATCH 100/127] Disable Check if Repo is in Detached State Fixes #378 --- entrypoint.sh | 2 +- tests/git-auto-commit.bats | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/entrypoint.sh b/entrypoint.sh index 78cb551a..b55b3514 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -45,7 +45,7 @@ _main() { _check_if_is_git_repository - _check_if_repository_is_in_detached_state + # _check_if_repository_is_in_detached_state if "$INPUT_CREATE_GIT_TAG_ONLY"; then _log "debug" "Create git tag only"; diff --git a/tests/git-auto-commit.bats b/tests/git-auto-commit.bats index bb908222..c64bf19e 100644 --- a/tests/git-auto-commit.bats +++ b/tests/git-auto-commit.bats @@ -1098,6 +1098,7 @@ END } @test "It detects if the repository is in a detached state and exits with an error" { + skip touch "${FAKE_LOCAL_REPOSITORY}"/new-file-{1,2,3}.txt run git_auto_commit From 66f124b8c251f6be319e9f28aaedcd899a1d7523 Mon Sep 17 00:00:00 2001 From: stefanzweifel <1080923+stefanzweifel@users.noreply.github.com> Date: Wed, 11 Jun 2025 11:27:36 +0000 Subject: [PATCH 101/127] Update CHANGELOG --- CHANGELOG.md | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 8b8dc55f..b60f66d5 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,10 +5,16 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html). -## [Unreleased](https://github.com/stefanzweifel/git-auto-commit-action/compare/v6.0.0...HEAD) +## [Unreleased](https://github.com/stefanzweifel/git-auto-commit-action/compare/v6.0.1...HEAD) > TBD +## [v6.0.1](https://github.com/stefanzweifel/git-auto-commit-action/compare/v6.0.0...v6.0.1) - 2025-06-11 + +### Fixed + +- Disable Check if Repo is in Detached State ([#379](https://github.com/stefanzweifel/git-auto-commit-action/pull/379)) [@stefanzweifel](https://github.com/@stefanzweifel) + ## [v6.0.0](https://github.com/stefanzweifel/git-auto-commit-action/compare/v5.2.0...v6.0.0) - 2025-06-10 ### Added From f9017b24eeaf7914d3306c6e13e8a6eb89d873e4 Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Fri, 13 Jun 2025 16:47:49 +0200 Subject: [PATCH 102/127] Update README to use v6 in examples --- README.md | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/README.md b/README.md index 69fba9ff..bd10bf9d 100644 --- a/README.md +++ b/README.md @@ -19,7 +19,7 @@ Adding git-auto-commit to your Workflow only takes a couple lines of code. 2. Add the following step at the end of your job, after other steps that might add or change files. ```yaml -- uses: stefanzweifel/git-auto-commit-action@v5 +- uses: stefanzweifel/git-auto-commit-action@v6 ``` Your Workflow should look similar to this example. @@ -47,7 +47,7 @@ jobs: # … # Commit all changed files back to the repository - - uses: stefanzweifel/git-auto-commit-action@v5 + - uses: stefanzweifel/git-auto-commit-action@v6 ``` > [!NOTE] @@ -56,7 +56,7 @@ jobs: The following is an extended example with all available options. ```yaml -- uses: stefanzweifel/git-auto-commit-action@v5 +- uses: stefanzweifel/git-auto-commit-action@v6 with: # Optional. Commit message for the created commit. # Defaults to "Apply automatic changes" @@ -148,7 +148,7 @@ jobs: - name: Run php-cs-fixer uses: docker://oskarstark/php-cs-fixer-ga - - uses: stefanzweifel/git-auto-commit-action@v5 + - uses: stefanzweifel/git-auto-commit-action@v6 with: commit_message: Apply php-cs-fixer changes ``` @@ -170,7 +170,7 @@ You can use these outputs to trigger other Actions in your Workflow run based on ### Example ```yaml - - uses: stefanzweifel/git-auto-commit-action@v5 + - uses: stefanzweifel/git-auto-commit-action@v6 id: auto-commit-action #mandatory for the output to show up in ${{ steps }} with: commit_message: Apply php-cs-fixer changes @@ -270,7 +270,7 @@ The example below can be used as a starting point to generate a multiline commit # Quick and dirty step to get rid of the temporary file holding the commit message - run: rm -rf commitmessage.txt - - uses: stefanzweifel/git-auto-commit-action@v5 + - uses: stefanzweifel/git-auto-commit-action@v6 id: commit with: commit_message: ${{ steps.commit_message_step.outputs.commit_message }} @@ -294,7 +294,7 @@ As git-auto-commit by default does not use **your** username and email when crea git_commit_gpgsign: true - name: "Commit and push changes" - uses: stefanzweifel/git-auto-commit-action@v5 + uses: stefanzweifel/git-auto-commit-action@v6 with: commit_author: "${{ steps.import-gpg.outputs.name }} <${{ steps.import-gpg.outputs.email }}>" commit_user_name: ${{ steps.import-gpg.outputs.name }} @@ -371,7 +371,7 @@ jobs: - name: Run php-cs-fixer uses: docker://oskarstark/php-cs-fixer-ga - - uses: stefanzweifel/git-auto-commit-action@v5 + - uses: stefanzweifel/git-auto-commit-action@v6 ``` For more information about running Actions on forks, see [this announcement from GitHub](https://github.blog/2020-08-03-github-actions-improvements-for-fork-and-pull-request-workflows/). @@ -406,7 +406,7 @@ The steps in your workflow might look like this: echo "message=$(git log -1 --pretty=%s)" >> $GITHUB_OUTPUT echo "author=$(git log -1 --pretty=\"%an <%ae>\")" >> $GITHUB_OUTPUT -- uses: stefanzweifel/git-auto-commit-action@v5 +- uses: stefanzweifel/git-auto-commit-action@v6 with: commit_author: ${{ steps.last-commit.outputs.author }} commit_message: ${{ steps.last-commit.outputs.message }} @@ -462,7 +462,7 @@ You can learn more about Personal Access Token in the [GitHub documentation](htt If you go the "force pushes" route, you have to enable force pushes to a protected branch (see [documentation](https://help.github.com/en/github/administering-a-repository/enabling-force-pushes-to-a-protected-branch)) and update your Workflow to use force push like this. ```yaml - - uses: stefanzweifel/git-auto-commit-action@v5 + - uses: stefanzweifel/git-auto-commit-action@v6 with: commit_message: Apply php-cs-fixer changes push_options: --force @@ -492,7 +492,7 @@ This is due to the fact, that the `*.md`-glob is expanded before sending it to ` To fix this add `disable_globbing: true` to your Workflow. ```yaml -- uses: stefanzweifel/git-auto-commit-action@v5 +- uses: stefanzweifel/git-auto-commit-action@v6 with: file_pattern: '*.md' disable_globbing: true @@ -520,7 +520,7 @@ yarn test We use [SemVer](http://semver.org/) for versioning. For the versions available, see the [tags on this repository](https://github.com/stefanzweifel/git-auto-commit-action/tags). -We also provide major version tags to make it easier to always use the latest release of a major version. For example, you can use `stefanzweifel/git-auto-commit-action@v5` to always use the latest release of the current major version. +We also provide major version tags to make it easier to always use the latest release of a major version. For example, you can use `stefanzweifel/git-auto-commit-action@v6` to always use the latest release of the current major version. (More information about this [here](https://help.github.com/en/actions/building-actions/about-actions#versioning-your-action).) ## Credits From 6371fedd09094b306c1f1620287f51c6d568b272 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 16 Jun 2025 06:39:19 +0000 Subject: [PATCH 103/127] Bump stefanzweifel/git-auto-commit-action from 5 to 6 Bumps [stefanzweifel/git-auto-commit-action](https://github.com/stefanzweifel/git-auto-commit-action) from 5 to 6. - [Release notes](https://github.com/stefanzweifel/git-auto-commit-action/releases) - [Changelog](https://github.com/stefanzweifel/git-auto-commit-action/blob/master/CHANGELOG.md) - [Commits](https://github.com/stefanzweifel/git-auto-commit-action/compare/v5...v6) --- updated-dependencies: - dependency-name: stefanzweifel/git-auto-commit-action dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/update-changelog.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/update-changelog.yaml b/.github/workflows/update-changelog.yaml index 1a03dfc7..dfd72317 100644 --- a/.github/workflows/update-changelog.yaml +++ b/.github/workflows/update-changelog.yaml @@ -27,7 +27,7 @@ jobs: latest-version: ${{ github.event.release.name }} - name: Commit updated CHANGELOG - uses: stefanzweifel/git-auto-commit-action@v5 + uses: stefanzweifel/git-auto-commit-action@v6 with: branch: master commit_message: Update CHANGELOG From 7ddc571aec72c06b59d8e836e0593840a356be7d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 18 Aug 2025 08:56:44 +0000 Subject: [PATCH 104/127] Bump actions/checkout from 4 to 5 Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 5. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v4...v5) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/git-auto-commit.yml | 2 +- .github/workflows/linter.yml | 2 +- .github/workflows/tests.yml | 2 +- .github/workflows/update-changelog.yaml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/git-auto-commit.yml b/.github/workflows/git-auto-commit.yml index 35132e9b..f2db122c 100644 --- a/.github/workflows/git-auto-commit.yml +++ b/.github/workflows/git-auto-commit.yml @@ -16,7 +16,7 @@ jobs: contents: write steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 with: ref: ${{ github.head_ref }} diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml index d994c080..96268904 100644 --- a/.github/workflows/linter.yml +++ b/.github/workflows/linter.yml @@ -9,7 +9,7 @@ jobs: steps: - name: Checkout Code - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Lint Code Base uses: github/super-linter@v7 diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 35ee1e2c..5ca82191 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - name: Install testing dependencies run: yarn install diff --git a/.github/workflows/update-changelog.yaml b/.github/workflows/update-changelog.yaml index dfd72317..3fc58e58 100644 --- a/.github/workflows/update-changelog.yaml +++ b/.github/workflows/update-changelog.yaml @@ -16,7 +16,7 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@v5 with: ref: master From 2da8d963b4e8d43280bfbdd1906f04138fd127cf Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Wed, 17 Sep 2025 11:02:55 +0200 Subject: [PATCH 105/127] Restore skip_fetch, skip_checkout, create_branch --- README.md | 10 ++++++++++ action.yml | 22 +++++++++++----------- entrypoint.sh | 28 ++++++++++++++++++++++++++++ 3 files changed, 49 insertions(+), 11 deletions(-) diff --git a/README.md b/README.md index bd10bf9d..78cc22b9 100644 --- a/README.md +++ b/README.md @@ -105,10 +105,19 @@ The following is an extended example with all available options. # Optional. Disable dirty check and always try to create a commit and push skip_dirty_check: true + # Optional. Skip internal call to `git fetch` + skip_fetch: true + + # Optional. Skip internal call to `git checkout` + skip_checkout: true + # Optional. Prevents the shell from expanding filenames. # Details: https://www.gnu.org/software/bash/manual/html_node/Filename-Expansion.html disable_globbing: true + # Optional. Create given branch name in local and remote repository. + create_branch: true + # Optional. Creates a new tag and pushes it to remote without creating a commit. # Skips dirty check and changed files. Must be used with `tagging_message`. create_git_tag_only: false @@ -412,6 +421,7 @@ The steps in your workflow might look like this: commit_message: ${{ steps.last-commit.outputs.message }} commit_options: '--amend --no-edit' push_options: '--force' + skip_fetch: true ``` See discussion in [#159](https://github.com/stefanzweifel/git-auto-commit-action/issues/159#issuecomment-845347950) for details. diff --git a/action.yml b/action.yml index 9df496a3..60268dd3 100644 --- a/action.yml +++ b/action.yml @@ -56,9 +56,20 @@ inputs: description: Skip the check if the git repository is dirty and always try to create a commit. required: false default: false + skip_fetch: + description: Skip the call to git-fetch. + required: false + default: false + skip_checkout: + description: Skip the call to git-checkout. + required: false + default: false disable_globbing: description: Stop the shell from expanding filenames (https://www.gnu.org/software/bash/manual/html_node/Filename-Expansion.html) default: false + create_branch: + description: Create new branch with the name of `branch`-input in local and remote repository, if it doesn't exist yet. + default: false create_git_tag_only: description: Perform a clean git tag and push, without commiting anything required: false @@ -66,17 +77,6 @@ inputs: internal_git_binary: description: Internal use only! Path to git binary used to check if git is available. (Don't change this!) default: git - skip_fetch: - description: "Deprecated: skip_fetch has been removed in v6. It does not have any effect anymore." - required: false - default: false - skip_checkout: - description: "Deprecated: skip_checkout has been removed in v6. It does not have any effect anymore." - required: false - default: false - create_branch: - description: "Deprecated: create_branch has been removed in v6. It does not have any effect anymore." - default: false outputs: diff --git a/entrypoint.sh b/entrypoint.sh index b55b3514..a3885d92 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -56,6 +56,8 @@ _main() { _set_github_output "changes_detected" "true" + _switch_to_branch + _add_files # Check dirty state of repo again using git-diff. @@ -127,6 +129,32 @@ _check_if_repository_is_in_detached_state() { fi } +_switch_to_branch() { + echo "INPUT_BRANCH value: $INPUT_BRANCH"; + + # Fetch remote to make sure that repo can be switched to the right branch. + if "$INPUT_SKIP_FETCH"; then + _log "debug" "git-fetch will not be executed."; + else + git fetch --depth=1; + fi + + # If `skip_checkout`-input is true, skip the entire checkout step. + if "$INPUT_SKIP_CHECKOUT"; then + _log "debug" "git-checkout will not be executed."; + else + # Create new local branch if `create_branch`-input is true + if "$INPUT_CREATE_BRANCH"; then + # shellcheck disable=SC2086 + git checkout -B $INPUT_BRANCH --; + else + # Switch to branch from current Workflow run + # shellcheck disable=SC2086 + git checkout $INPUT_BRANCH --; + fi + fi +} + _add_files() { echo "INPUT_ADD_OPTIONS: ${INPUT_ADD_OPTIONS}"; _log "debug" "Apply add options ${INPUT_ADD_OPTIONS}"; From 5fe35a088d851a0b9c7d0999997586bc0d093aa5 Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Wed, 17 Sep 2025 11:48:35 +0200 Subject: [PATCH 106/127] Restore Tests --- tests/git-auto-commit.bats | 41 ++++++++++++++++++++++++++++++++------ 1 file changed, 35 insertions(+), 6 deletions(-) diff --git a/tests/git-auto-commit.bats b/tests/git-auto-commit.bats index c64bf19e..c0b1532b 100644 --- a/tests/git-auto-commit.bats +++ b/tests/git-auto-commit.bats @@ -35,13 +35,11 @@ setup() { export INPUT_TAGGING_MESSAGE="" export INPUT_PUSH_OPTIONS="" export INPUT_SKIP_DIRTY_CHECK=false - export INPUT_DISABLE_GLOBBING=false - export INPUT_INTERNAL_GIT_BINARY=git - - # Deprecated variables. Will be removed in future versions - export INPUT_CREATE_BRANCH=false export INPUT_SKIP_FETCH=false export INPUT_SKIP_CHECKOUT=false + export INPUT_DISABLE_GLOBBING=false + export INPUT_CREATE_BRANCH=false + export INPUT_INTERNAL_GIT_BINARY=git # Set GitHub environment variables used by the GitHub Action temp_github_output_file=$(mktemp -t github_output_test.XXXXX) @@ -411,6 +409,32 @@ cat_github_output() { assert_output --partial refs/tags/v2.0.0 } +@test "If SKIP_FETCH is true git-fetch will not be called" { + + touch "${FAKE_LOCAL_REPOSITORY}"/new-file-{1,2,3}.txt + + INPUT_SKIP_FETCH=true + + run git_auto_commit + + assert_success + + assert_line "::debug::git-fetch will not be executed." +} + +@test "If SKIP_CHECKOUT is true git-checkout will not be called" { + + touch "${FAKE_LOCAL_REPOSITORY}"/new-file-{1,2,3}.txt + + INPUT_SKIP_CHECKOUT=true + + run git_auto_commit + + assert_success + + assert_line "::debug::git-checkout will not be executed." +} + @test "It pushes generated commit and tag to remote and actually updates the commit shas" { INPUT_BRANCH="" INPUT_TAGGING_MESSAGE="v2.0.0" @@ -441,6 +465,10 @@ cat_github_output() { } @test "It pushes generated commit and tag to remote branch and updates commit sha" { + # Create "a-new-branch"-branch and then immediately switch back to ${FAKE_DEFAULT_BRANCH} + git checkout -b a-new-branch + git checkout ${FAKE_DEFAULT_BRANCH} + INPUT_BRANCH="a-new-branch" INPUT_TAGGING_MESSAGE="v2.0.0" @@ -463,7 +491,7 @@ cat_github_output() { assert_output --partial refs/tags/v2.0.0 # Assert that branch "a-new-branch" was updated on remote - current_sha="$(git rev-parse --verify --short ${FAKE_DEFAULT_BRANCH})" + current_sha="$(git rev-parse --verify --short a-new-branch)" remote_sha="$(git rev-parse --verify --short origin/a-new-branch)" assert_equal $current_sha $remote_sha @@ -507,6 +535,7 @@ cat_github_output() { @test "it does not throw an error if not changes are detected and SKIP_DIRTY_CHECK is false" { INPUT_FILE_PATTERN="." INPUT_SKIP_DIRTY_CHECK=false + INPUT_SKIP_FETCH=false run git_auto_commit From d330c718ba4694df4ded184e9fcc5f76a3d175df Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Wed, 17 Sep 2025 13:32:46 +0200 Subject: [PATCH 107/127] Remove warnings of deprecated inputs --- entrypoint.sh | 12 ------------ 1 file changed, 12 deletions(-) diff --git a/entrypoint.sh b/entrypoint.sh index a3885d92..5fcc448d 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -27,18 +27,6 @@ _log() { } _main() { - if "$INPUT_SKIP_FETCH"; then - _log "warning" "git-auto-commit: skip_fetch has been removed in v6. It does not have any effect anymore."; - fi - - if "$INPUT_SKIP_CHECKOUT"; then - _log "warning" "git-auto-commit: skip_checkout has been removed in v6. It does not have any effect anymore."; - fi - - if "$INPUT_CREATE_BRANCH"; then - _log "warning" "git-auto-commit: create_branch has been removed in v6. It does not have any effect anymore."; - fi - _check_if_git_is_available _switch_to_repository From 9a4902607d4961be74dc45421f3268b29128a8d1 Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Wed, 17 Sep 2025 14:08:26 +0200 Subject: [PATCH 108/127] Update Tests --- entrypoint.sh | 2 + tests/git-auto-commit.bats | 323 ++++++++++++++++++++++++++++++------- 2 files changed, 271 insertions(+), 54 deletions(-) diff --git a/entrypoint.sh b/entrypoint.sh index 5fcc448d..e8734708 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -124,6 +124,7 @@ _switch_to_branch() { if "$INPUT_SKIP_FETCH"; then _log "debug" "git-fetch will not be executed."; else + _log "debug" "git-fetch will be executed."; git fetch --depth=1; fi @@ -131,6 +132,7 @@ _switch_to_branch() { if "$INPUT_SKIP_CHECKOUT"; then _log "debug" "git-checkout will not be executed."; else + _log "debug" "git-checkout will be executed."; # Create new local branch if `create_branch`-input is true if "$INPUT_CREATE_BRANCH"; then # shellcheck disable=SC2086 diff --git a/tests/git-auto-commit.bats b/tests/git-auto-commit.bats index c0b1532b..c3f2a7d9 100644 --- a/tests/git-auto-commit.bats +++ b/tests/git-auto-commit.bats @@ -589,6 +589,8 @@ cat_github_output() { touch "${FAKE_LOCAL_REPOSITORY}"/new-file-{1,2,3}.txt + INPUT_SKIP_CHECKOUT=true + run git_auto_commit assert_success @@ -618,6 +620,8 @@ cat_github_output() { touch "${FAKE_LOCAL_REPOSITORY}"/new-file-{1,2,3}.txt + INPUT_SKIP_CHECKOUT=true + run git_auto_commit assert_success @@ -647,51 +651,6 @@ cat_github_output() { assert_line -e "commit_hash=[0-9a-f]{40}$" } -@test "It does not create new local branch if local branch already exists" { - git checkout -b not-existend-remote-branch - git checkout ${FAKE_DEFAULT_BRANCH} - - INPUT_BRANCH="not-existend-remote-branch" - - run git branch - assert_line --partial "not-existend-remote-branch" - - run git branch -r - refute_line --partial "origin/not-existend-remote-branch" - - touch "${FAKE_LOCAL_REPOSITORY}"/new-file-{1,2,3}.txt - - run git_auto_commit - - assert_success - - assert_line "INPUT_REPOSITORY value: ${INPUT_REPOSITORY}" - assert_line "INPUT_BRANCH value: not-existend-remote-branch" - assert_line "INPUT_FILE_PATTERN: ." - assert_line "INPUT_COMMIT_OPTIONS: " - assert_line "::debug::Apply commit options " - assert_line "INPUT_TAGGING_MESSAGE: " - assert_line "No tagging message supplied. No tag will be added." - assert_line "INPUT_PUSH_OPTIONS: " - assert_line "::debug::Apply push options " - assert_line "::debug::Push commit to remote branch not-existend-remote-branch" - - # Assert checked out branch is still the same. - run git rev-parse --abbrev-ref HEAD - assert_line --partial ${FAKE_DEFAULT_BRANCH} - refute_line --partial "not-existend-remote-branch" - - run git branch - assert_line --partial "not-existend-remote-branch" - - run git branch -r - assert_line --partial "origin/not-existend-remote-branch" - - run cat_github_output - assert_line "changes_detected=true" - assert_line -e "commit_hash=[0-9a-f]{40}$" -} - @test "It creates new local branch and pushes branch to remote even if the remote branch already exists" { # Create `existing-remote-branch` on remote with changes the local repository does not yet have cd $FAKE_TEMP_LOCAL_REPOSITORY @@ -709,6 +668,7 @@ cat_github_output() { cd $FAKE_LOCAL_REPOSITORY INPUT_BRANCH="existing-remote-branch" + INPUT_SKIP_CHECKOUT=true run git branch refute_line --partial "existing-remote-branch" @@ -753,7 +713,7 @@ cat_github_output() { assert_line -e "commit_hash=[0-9a-f]{40}$" } -@test "It fails if local branch is behind remote and when remote has newer commits" { +@test "It fails if local branch is behind remote and when remote has newer commits and skip_checkout is set to true" { # Create `existing-remote-branch` on remote with changes the local repository does not yet have cd $FAKE_TEMP_LOCAL_REPOSITORY git checkout -b "existing-remote-branch" @@ -770,6 +730,7 @@ cat_github_output() { cd $FAKE_LOCAL_REPOSITORY INPUT_BRANCH="existing-remote-branch" + INPUT_SKIP_CHECKOUT=true run git branch refute_line --partial "existing-remote-branch" @@ -801,7 +762,7 @@ cat_github_output() { refute [assert_equal $current_sha $remote_sha] } -@test "It fails to push commit to remote if branch already exists and local repo is behind its remote counterpart" { +@test "It fails to push commit to remote if branch already exists and local repo is behind its remote counterpart and SKIP_CHECKOUT is used" { # Create `new-branch` on remote with changes the local repository does not yet have cd $FAKE_TEMP_LOCAL_REPOSITORY @@ -820,6 +781,7 @@ cat_github_output() { cd $FAKE_LOCAL_REPOSITORY INPUT_BRANCH="new-branch" + INPUT_SKIP_CHECKOUT=true # Assert that local remote does not have a "new-branch"-branch nor does # know about the remote branch. @@ -838,8 +800,7 @@ cat_github_output() { assert_line "INPUT_BRANCH value: new-branch" assert_line --partial "::debug::Push commit to remote branch new-branch" - assert_line --partial "Updates were rejected because the remote contains work that you do" - assert_line --partial "This is usually caused by another repository pushing" + assert_line --partial "Updates were rejected because a pushed branch tip is behind its remote" } @test "throws fatal error if file pattern includes files that do not exist" { @@ -1197,16 +1158,270 @@ END assert_output "" } -@test "it shows warning message if any deprecated options are used" { - INPUT_SKIP_FETCH=true +@test "script fails to push commit to new branch that does not exist yet" { + INPUT_BRANCH="not-existend-branch" + INPUT_CREATE_BRANCH=false + + run git branch + refute_line --partial "not-existend-branch" + + run git branch -r + refute_line --partial "origin/not-existend-branch" + + touch "${FAKE_LOCAL_REPOSITORY}"/new-file-{1,2,3}.txt + + run git_auto_commit + + assert_failure + + assert_line "INPUT_REPOSITORY value: ${INPUT_REPOSITORY}" + assert_line "INPUT_BRANCH value: not-existend-branch" + assert_line "fatal: invalid reference: not-existend-branch" + + run git branch + refute_line --partial "not-existend-branch" + + run git branch -r + refute_line --partial "origin/not-existend-branch" + + run cat_github_output + assert_line "changes_detected=true" +} + +@test "It creates new local branch and pushes the new branch to remote" { + INPUT_BRANCH="not-existend-branch" + INPUT_CREATE_BRANCH=true + + run git branch + refute_line --partial "not-existend-branch" + + run git branch -r + refute_line --partial "origin/not-existend-branch" + + touch "${FAKE_LOCAL_REPOSITORY}"/new-file-{1,2,3}.txt + + run git_auto_commit + + assert_success + + assert_line "INPUT_REPOSITORY value: ${INPUT_REPOSITORY}" + assert_line "INPUT_BRANCH value: not-existend-branch" + assert_line "INPUT_FILE_PATTERN: ." + assert_line "INPUT_COMMIT_OPTIONS: " + assert_line "::debug::Apply commit options " + assert_line "INPUT_TAGGING_MESSAGE: " + assert_line "No tagging message supplied. No tag will be added." + assert_line "INPUT_PUSH_OPTIONS: " + assert_line "::debug::Apply push options " + assert_line "::debug::Push commit to remote branch not-existend-branch" + + run git branch + assert_line --partial "not-existend-branch" + + run git branch -r + assert_line --partial "origin/not-existend-branch" + + run cat_github_output + assert_line "changes_detected=true" + assert_line -e "commit_hash=[0-9a-f]{40}$" +} + +@test "It does not create new local branch if local branch already exists and SKIP_CHECKOUT is true" { + git checkout -b not-existend-remote-branch + git checkout ${FAKE_DEFAULT_BRANCH} + + INPUT_BRANCH="not-existend-remote-branch" INPUT_SKIP_CHECKOUT=true + + run git branch + assert_line --partial "not-existend-remote-branch" + + run git branch -r + refute_line --partial "origin/not-existend-remote-branch" + + touch "${FAKE_LOCAL_REPOSITORY}"/new-file-{1,2,3}.txt + + run git_auto_commit + + assert_success + + assert_line "INPUT_REPOSITORY value: ${INPUT_REPOSITORY}" + assert_line "INPUT_BRANCH value: not-existend-remote-branch" + assert_line "INPUT_FILE_PATTERN: ." + assert_line "INPUT_COMMIT_OPTIONS: " + assert_line "::debug::Apply commit options " + assert_line "INPUT_TAGGING_MESSAGE: " + assert_line "No tagging message supplied. No tag will be added." + assert_line "INPUT_PUSH_OPTIONS: " + assert_line "::debug::Apply push options " + assert_line "::debug::Push commit to remote branch not-existend-remote-branch" + + # Assert checked out branch is still the same. + run git rev-parse --abbrev-ref HEAD + assert_line --partial ${FAKE_DEFAULT_BRANCH} + refute_line --partial "not-existend-remote-branch" + + run git branch + assert_line --partial "not-existend-remote-branch" + + run git branch -r + assert_line --partial "origin/not-existend-remote-branch" + + run cat_github_output + assert_line "changes_detected=true" + assert_line -e "commit_hash=[0-9a-f]{40}$" +} + +@test "it creates new local branch and pushes branch to remote even if the remote branch already exists" { + + # Create `existing-remote-branch` on remote with changes the local repository does not yet have + cd $FAKE_TEMP_LOCAL_REPOSITORY + git checkout -b "existing-remote-branch" + touch new-branch-file.txt + git add new-branch-file.txt + git commit -m "Add additional file" + git push origin existing-remote-branch + + run git branch + assert_line --partial "existing-remote-branch" + + # --------- + # Switch to our regular local repository and run `git-auto-commit` + cd $FAKE_LOCAL_REPOSITORY + + INPUT_BRANCH="existing-remote-branch" INPUT_CREATE_BRANCH=true + run git branch + refute_line --partial "existing-remote-branch" + + run git fetch --all + run git pull origin existing-remote-branch + run git branch -r + assert_line --partial "origin/existing-remote-branch" + + touch "${FAKE_LOCAL_REPOSITORY}"/new-file-{1,2,3}.txt + run git_auto_commit assert_success - assert_line "::warning::git-auto-commit: skip_fetch has been removed in v6. It does not have any effect anymore." - assert_line "::warning::git-auto-commit: skip_checkout has been removed in v6. It does not have any effect anymore." - assert_line "::warning::git-auto-commit: create_branch has been removed in v6. It does not have any effect anymore." + assert_line "INPUT_REPOSITORY value: ${INPUT_REPOSITORY}" + assert_line "INPUT_BRANCH value: existing-remote-branch" + assert_line "INPUT_FILE_PATTERN: ." + assert_line "INPUT_COMMIT_OPTIONS: " + assert_line "::debug::Apply commit options " + assert_line "INPUT_TAGGING_MESSAGE: " + assert_line "No tagging message supplied. No tag will be added." + assert_line "INPUT_PUSH_OPTIONS: " + assert_line "::debug::Apply push options " + assert_line "::debug::Push commit to remote branch existing-remote-branch" + + run git branch + assert_line --partial "existing-remote-branch" + + run git branch -r + assert_line --partial "origin/existing-remote-branch" + + # Assert that branch "existing-remote-branch" was updated on remote + current_sha="$(git rev-parse --verify --short existing-remote-branch)" + remote_sha="$(git rev-parse --verify --short origin/existing-remote-branch)" + + assert_equal $current_sha $remote_sha + + run cat_github_output + assert_line "changes_detected=true" + assert_line -e "commit_hash=[0-9a-f]{40}$" +} + +@test "script fails if new local branch is checked out and push fails as remote has newer commits than local" { + # Create `existing-remote-branch` on remote with changes the local repository does not yet have + cd $FAKE_TEMP_LOCAL_REPOSITORY + git checkout -b "existing-remote-branch" + touch new-branch-file.txt + git add new-branch-file.txt + git commit -m "Add additional file" + git push origin existing-remote-branch + + run git branch + assert_line --partial "existing-remote-branch" + + # --------- + # Switch to our regular local repository and run `git-auto-commit` + cd $FAKE_LOCAL_REPOSITORY + + INPUT_BRANCH="existing-remote-branch" + INPUT_CREATE_BRANCH=true + + run git branch + refute_line --partial "existing-remote-branch" + + run git fetch --all + run git branch -r + assert_line --partial "origin/existing-remote-branch" + + touch "${FAKE_LOCAL_REPOSITORY}"/new-file-{1,2,3}.txt + + run git_auto_commit + + assert_failure + + assert_line "hint: Updates were rejected because the tip of your current branch is behind" + + # Assert that branch exists locally and on remote + run git branch + assert_line --partial "existing-remote-branch" + + run git branch -r + assert_line --partial "origin/existing-remote-branch" + + # Assert that branch "existing-remote-branch" was not updated on remote + current_sha="$(git rev-parse --verify --short existing-remote-branch)" + remote_sha="$(git rev-parse --verify --short origin/existing-remote-branch)" + + refute [assert_equal $current_sha $remote_sha] +} + +@test "It pushes commit to remote if branch already exists and local repo is behind its remote counterpart" { + # Create `new-branch` on remote with changes the local repository does not yet have + cd $FAKE_TEMP_LOCAL_REPOSITORY + + git checkout -b "new-branch" + touch new-branch-file.txt + git add new-branch-file.txt + + git commit --quiet -m "Add additional file" + git push origin new-branch + + run git branch -r + assert_line --partial "origin/new-branch" + + # --------- + # Switch to our regular local repository and run `git-auto-commit` + cd $FAKE_LOCAL_REPOSITORY + + INPUT_BRANCH="new-branch" + + # Assert that local remote does not know have "new-branch" locally nor does + # know about the remote branch. + run git branch + refute_line --partial "new-branch" + + run git branch -r + refute_line --partial "origin/new-branch" + + touch "${FAKE_LOCAL_REPOSITORY}"/new-file-{1,2,3}.txt + + run git_auto_commit + + assert_success + + assert_line "INPUT_BRANCH value: new-branch" + assert_line --partial "::debug::Push commit to remote branch new-branch" + + # Assert that branch "new-branch" was updated on remote + current_sha="$(git rev-parse --verify --short new-branch)" + remote_sha="$(git rev-parse --verify --short origin/new-branch)" + + assert_equal $current_sha $remote_sha } From 858005f1b9c0724c17fcc6cbd15fe03f58c66cd8 Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Mon, 22 Sep 2025 07:11:49 +0200 Subject: [PATCH 109/127] Switch to Node24 --- action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/action.yml b/action.yml index 60268dd3..9839ee50 100644 --- a/action.yml +++ b/action.yml @@ -88,7 +88,7 @@ outputs: description: Value is "true", if a git tag was created using the `create_git_tag_only`-input. runs: - using: 'node20' + using: 'node24' main: 'index.js' branding: From e9f84b936bc576b0ba8aa45e1b5f4527abe275d1 Mon Sep 17 00:00:00 2001 From: Elias Boulharts Date: Wed, 24 Sep 2025 12:15:10 +0200 Subject: [PATCH 110/127] feature: allow using custom tag message Signed-off-by: Elias Boulharts --- README.md | 12 +++- action.yml | 6 +- entrypoint.sh | 17 +++-- tests/git-auto-commit.bats | 133 +++++++++++++++++++++++++++++-------- 4 files changed, 130 insertions(+), 38 deletions(-) diff --git a/README.md b/README.md index bd10bf9d..5b07cc9d 100644 --- a/README.md +++ b/README.md @@ -85,10 +85,16 @@ The following is an extended example with all available options. commit_user_name: My GitHub Actions Bot # defaults to "github-actions[bot]" commit_user_email: my-github-actions-bot@example.org # defaults to "41898282+github-actions[bot]@users.noreply.github.com" commit_author: Author # defaults to "username ", where "numeric_id" and "username" belong to the author of the commit that triggered the run + + # Optional. Tag name to be created in the local repository and + # pushed to the remote repository on the defined branch. + # If only one of `tag` or `tagging_message` is provided, the value of the provided field will be used for both tag name and message. + tag: 'v1.0.0' + + # Optional. Message to annotate the created tag with. + # If only one of `tag` or `tagging_message` is provided, the value of the provided field will be used for both tag name and message. + tagging_message: 'MyProduct v1.0.0' - # Optional. Tag name being created in the local repository and - # pushed to remote repository and defined branch. - tagging_message: 'v1.0.0' # Optional. Option used by `git-status` to determine if the repository is # dirty. See https://git-scm.com/docs/git-status#_options diff --git a/action.yml b/action.yml index 9df496a3..6b64d9e6 100644 --- a/action.yml +++ b/action.yml @@ -44,8 +44,12 @@ inputs: description: Value used for the commit author. Defaults to the username of whoever triggered this workflow run. required: false default: ${{ github.actor }} <${{ github.actor_id }}+${{ github.actor }}@users.noreply.github.com> + tag: + description: New git tag with the commit. Keep this empty, if no tag should be created. + required: false + default: '' tagging_message: - description: Message used to create a new git tag with the commit. Keep this empty, if no tag should be created. + description: Message used to create a new git tag with the commit. required: false default: '' push_options: diff --git a/entrypoint.sh b/entrypoint.sh index b55b3514..3b114f3a 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -159,14 +159,17 @@ _local_commit() { } _tag_commit() { + echo "INPUT_TAG: ${INPUT_TAG}" echo "INPUT_TAGGING_MESSAGE: ${INPUT_TAGGING_MESSAGE}" - if [ -n "$INPUT_TAGGING_MESSAGE" ] - then - _log "debug" "Create tag $INPUT_TAGGING_MESSAGE"; - git -c user.name="$INPUT_COMMIT_USER_NAME" -c user.email="$INPUT_COMMIT_USER_EMAIL" tag -a "$INPUT_TAGGING_MESSAGE" -m "$INPUT_TAGGING_MESSAGE"; + if [ -n "$INPUT_TAG" ] || [ -n "$INPUT_TAGGING_MESSAGE" ]; then + TAG=${INPUT_TAG:-$INPUT_TAGGING_MESSAGE} + MESSAGE=${INPUT_TAGGING_MESSAGE:-$INPUT_TAG} + + _log "debug" "Create tag $TAG: $MESSAGE" + git -c user.name="$INPUT_COMMIT_USER_NAME" -c user.email="$INPUT_COMMIT_USER_EMAIL" tag -a "$TAG" -m "$MESSAGE" else - echo "No tagging message supplied. No tag will be added."; + echo "Neither tag nor tag message is set. No tag will be added."; fi } @@ -182,8 +185,8 @@ _push_to_github() { if [ -z "$INPUT_BRANCH" ] then - # Only add `--tags` option, if `$INPUT_TAGGING_MESSAGE` is set - if [ -n "$INPUT_TAGGING_MESSAGE" ] + # Only add `--tags` option, if `$INPUT_TAG` or `$INPUT_TAGGING_MESSAGE` is set + if [ -n "$INPUT_TAG" ] || [ -n "$INPUT_TAGGING_MESSAGE" ] then _log "debug" "git push origin --tags"; git push origin --follow-tags --atomic ${INPUT_PUSH_OPTIONS:+"${INPUT_PUSH_OPTIONS_ARRAY[@]}"}; diff --git a/tests/git-auto-commit.bats b/tests/git-auto-commit.bats index c64bf19e..fbbc7aaa 100644 --- a/tests/git-auto-commit.bats +++ b/tests/git-auto-commit.bats @@ -32,6 +32,7 @@ setup() { export INPUT_COMMIT_USER_NAME="Test Suite" export INPUT_COMMIT_USER_EMAIL="test@github.com" export INPUT_COMMIT_AUTHOR="Test Suite " + export INPUT_TAG="" export INPUT_TAGGING_MESSAGE="" export INPUT_PUSH_OPTIONS="" export INPUT_SKIP_DIRTY_CHECK=false @@ -123,8 +124,9 @@ cat_github_output() { assert_line "INPUT_FILE_PATTERN: ." assert_line "INPUT_COMMIT_OPTIONS: " assert_line "::debug::Apply commit options " + assert_line "INPUT_TAG: " assert_line "INPUT_TAGGING_MESSAGE: " - assert_line "No tagging message supplied. No tag will be added." + assert_line "Neither tag nor tag message is set. No tag will be added." assert_line "INPUT_PUSH_OPTIONS: " assert_line "::debug::Apply push options " assert_line "::debug::Push commit to remote branch ${FAKE_DEFAULT_BRANCH}" @@ -146,8 +148,9 @@ cat_github_output() { assert_line "INPUT_FILE_PATTERN: ." assert_line "INPUT_COMMIT_OPTIONS: " assert_line "::debug::Apply commit options " + assert_line "INPUT_TAG: " assert_line "INPUT_TAGGING_MESSAGE: " - assert_line "No tagging message supplied. No tag will be added." + assert_line "Neither tag nor tag message is set. No tag will be added." assert_line "INPUT_PUSH_OPTIONS: " assert_line "::debug::Apply push options " assert_line "::debug::Push commit to remote branch ${FAKE_DEFAULT_BRANCH}" @@ -293,7 +296,8 @@ cat_github_output() { } @test "It creates a tag with the commit" { - INPUT_TAGGING_MESSAGE="v1.0.0" + INPUT_TAG="v1.0.0" + INPUT_TAGGING_MESSAGE="MyProduct v1.0.0" touch "${FAKE_LOCAL_REPOSITORY}"/new-file-{1,2,3}.txt @@ -301,13 +305,15 @@ cat_github_output() { assert_success - assert_line "INPUT_TAGGING_MESSAGE: v1.0.0" - assert_line "::debug::Create tag v1.0.0" + assert_line "INPUT_TAG: v1.0.0" + assert_line "INPUT_TAGGING_MESSAGE: MyProduct v1.0.0" + + assert_line "::debug::Create tag v1.0.0: MyProduct v1.0.0" assert_line "::debug::Push commit to remote branch ${FAKE_DEFAULT_BRANCH}" # Assert a tag v1.0.0 has been created - run git tag - assert_output v1.0.0 + run git tag -n + assert_output 'v1.0.0 MyProduct v1.0.0' run git ls-remote --tags --refs assert_output --partial refs/tags/v1.0.0 @@ -388,9 +394,11 @@ cat_github_output() { assert_equal $current_sha $remote_sha } -@test "It uses existing branch when INPUT_BRANCH is empty and INPUT_TAGGING_MESSAGE is set" { +@test "It uses existing branch when INPUT_BRANCH is empty and INPUT_TAG is set" { INPUT_BRANCH="" - INPUT_TAGGING_MESSAGE="v2.0.0" + INPUT_TAG="v2.0.0" + INPUT_TAGGING_MESSAGE="MyProduct v2.0.0" + touch "${FAKE_LOCAL_REPOSITORY}"/new-file-{1,2,3}.txt @@ -398,8 +406,8 @@ cat_github_output() { assert_success - assert_line "INPUT_TAGGING_MESSAGE: v2.0.0" - assert_line "::debug::Create tag v2.0.0" + assert_line "INPUT_TAG: v2.0.0" + assert_line "::debug::Create tag v2.0.0: MyProduct v2.0.0" assert_line "::debug::git push origin --tags" # Assert a tag v2.0.0 has been created @@ -413,7 +421,9 @@ cat_github_output() { @test "It pushes generated commit and tag to remote and actually updates the commit shas" { INPUT_BRANCH="" - INPUT_TAGGING_MESSAGE="v2.0.0" + INPUT_TAG="v2.0.0" + INPUT_TAGGING_MESSAGE="MyProduct v2.0.0" + touch "${FAKE_LOCAL_REPOSITORY}"/new-file-{1,2,3}.txt @@ -421,8 +431,8 @@ cat_github_output() { assert_success - assert_line "INPUT_TAGGING_MESSAGE: v2.0.0" - assert_line "::debug::Create tag v2.0.0" + assert_line "INPUT_TAG: v2.0.0" + assert_line "::debug::Create tag v2.0.0: MyProduct v2.0.0" assert_line "::debug::git push origin --tags" # Assert a tag v2.0.0 has been created @@ -442,7 +452,9 @@ cat_github_output() { @test "It pushes generated commit and tag to remote branch and updates commit sha" { INPUT_BRANCH="a-new-branch" - INPUT_TAGGING_MESSAGE="v2.0.0" + INPUT_TAG="v2.0.0" + INPUT_TAGGING_MESSAGE="MyProduct v2.0.0" + touch "${FAKE_LOCAL_REPOSITORY}"/new-file-{1,2,3}.txt @@ -450,8 +462,8 @@ cat_github_output() { assert_success - assert_line "INPUT_TAGGING_MESSAGE: v2.0.0" - assert_line "::debug::Create tag v2.0.0" + assert_line "INPUT_TAG: v2.0.0" + assert_line "::debug::Create tag v2.0.0: MyProduct v2.0.0" assert_line "::debug::Push commit to remote branch a-new-branch" # Assert a tag v2.0.0 has been created @@ -598,8 +610,9 @@ cat_github_output() { assert_line "INPUT_FILE_PATTERN: ." assert_line "INPUT_COMMIT_OPTIONS: " assert_line "::debug::Apply commit options " + assert_line "INPUT_TAG: " assert_line "INPUT_TAGGING_MESSAGE: " - assert_line "No tagging message supplied. No tag will be added." + assert_line "Neither tag nor tag message is set. No tag will be added." assert_line "INPUT_PUSH_OPTIONS: " assert_line "::debug::Apply push options " assert_line "::debug::Push commit to remote branch not-existend-branch" @@ -641,8 +654,9 @@ cat_github_output() { assert_line "INPUT_FILE_PATTERN: ." assert_line "INPUT_COMMIT_OPTIONS: " assert_line "::debug::Apply commit options " + assert_line "INPUT_TAG: " assert_line "INPUT_TAGGING_MESSAGE: " - assert_line "No tagging message supplied. No tag will be added." + assert_line "Neither tag nor tag message is set. No tag will be added." assert_line "INPUT_PUSH_OPTIONS: " assert_line "::debug::Apply push options " assert_line "::debug::Push commit to remote branch not-existend-remote-branch" @@ -700,8 +714,9 @@ cat_github_output() { assert_line "INPUT_FILE_PATTERN: ." assert_line "INPUT_COMMIT_OPTIONS: " assert_line "::debug::Apply commit options " + assert_line "INPUT_TAG: " assert_line "INPUT_TAGGING_MESSAGE: " - assert_line "No tagging message supplied. No tag will be added." + assert_line "Neither tag nor tag message is set. No tag will be added." assert_line "INPUT_PUSH_OPTIONS: " assert_line "::debug::Apply push options " assert_line "::debug::Push commit to remote branch existing-remote-branch" @@ -1031,8 +1046,9 @@ cat_github_output() { assert_line "INPUT_FILE_PATTERN: ." assert_line "INPUT_COMMIT_OPTIONS: " assert_line "::debug::Apply commit options " + assert_line "INPUT_TAG: " assert_line "INPUT_TAGGING_MESSAGE: " - assert_line "No tagging message supplied. No tag will be added." + assert_line "Neither tag nor tag message is set. No tag will be added." assert_line "INPUT_PUSH_OPTIONS: " assert_line "::debug::Apply push options " assert_line "::debug::Push commit to remote branch ${FAKE_DEFAULT_BRANCH}" @@ -1119,7 +1135,8 @@ END @test "it creates a tag if create_git_tag_only is set to true and a message has been supplied" { INPUT_CREATE_GIT_TAG_ONLY=true - INPUT_TAGGING_MESSAGE=v1.0.0 + INPUT_TAG=v1.0.0 + INPUT_TAGGING_MESSAGE="MyProduct v1.0.0" run git_auto_commit @@ -1127,8 +1144,8 @@ END assert_line "::debug::Create git tag only" - assert_line "::debug::Create tag v1.0.0" - refute_line "No tagging message supplied. No tag will be added." + assert_line "::debug::Create tag v1.0.0: MyProduct v1.0.0" + refute_line "Neither tag nor tag message is set. No tag will be added." assert_line "::debug::Apply push options " assert_line "::debug::Push commit to remote branch ${FAKE_DEFAULT_BRANCH}" @@ -1139,8 +1156,8 @@ END refute_line -e "commit_hash=[0-9a-f]{40}$" # Assert a tag v1.0.0 has been created - run git tag - assert_output v1.0.0 + run git tag -n + assert_output 'v1.0.0 MyProduct v1.0.0' run git ls-remote --tags --refs assert_output --partial refs/tags/v1.0.0 @@ -1148,14 +1165,16 @@ END @test "it output no tagging message supplied if no tagging message is set but create_git_tag_only is set to true" { INPUT_CREATE_GIT_TAG_ONLY=true + INPUT_TAG="" INPUT_TAGGING_MESSAGE="" run git_auto_commit assert_success + assert_line "INPUT_TAG: " assert_line "INPUT_TAGGING_MESSAGE: " - assert_line "No tagging message supplied. No tag will be added." + assert_line "Neither tag nor tag message is set. No tag will be added." assert_line "::debug::Create git tag only" run cat_github_output @@ -1181,3 +1200,63 @@ END assert_line "::warning::git-auto-commit: skip_checkout has been removed in v6. It does not have any effect anymore." assert_line "::warning::git-auto-commit: create_branch has been removed in v6. It does not have any effect anymore." } + +@test "Set a tag message only" { + INPUT_TAGGING_MESSAGE="v1.0.0" + + touch "${FAKE_LOCAL_REPOSITORY}"/new-file-{1,2,3}.txt + + run git_auto_commit + + assert_success + + assert_line "INPUT_TAG: " + assert_line "INPUT_TAGGING_MESSAGE: v1.0.0" + + assert_line "::debug::Create tag v1.0.0: v1.0.0" + assert_line "::debug::Push commit to remote branch ${FAKE_DEFAULT_BRANCH}" + + # Assert a tag v1.0.0 has been created + run git tag -n + assert_output 'v1.0.0 v1.0.0' + + run git ls-remote --tags --refs + assert_output --partial refs/tags/v1.0.0 + + # Assert that the commit has been pushed with --force and + # sha values are equal on local and remote + current_sha="$(git rev-parse --verify --short ${FAKE_DEFAULT_BRANCH})" + remote_sha="$(git rev-parse --verify --short origin/${FAKE_DEFAULT_BRANCH})" + + assert_equal $current_sha $remote_sha +} + +@test "Set a tag only" { + INPUT_TAG="v1.0.0" + + touch "${FAKE_LOCAL_REPOSITORY}"/new-file-{1,2,3}.txt + + run git_auto_commit + + assert_success + + assert_line "INPUT_TAG: v1.0.0" + assert_line "INPUT_TAGGING_MESSAGE: " + + assert_line "::debug::Create tag v1.0.0: v1.0.0" + assert_line "::debug::Push commit to remote branch ${FAKE_DEFAULT_BRANCH}" + + # Assert a tag v1.0.0 has been created + run git tag -n + assert_output 'v1.0.0 v1.0.0' + + run git ls-remote --tags --refs + assert_output --partial refs/tags/v1.0.0 + + # Assert that the commit has been pushed with --force and + # sha values are equal on local and remote + current_sha="$(git rev-parse --verify --short ${FAKE_DEFAULT_BRANCH})" + remote_sha="$(git rev-parse --verify --short origin/${FAKE_DEFAULT_BRANCH})" + + assert_equal $current_sha $remote_sha +} From d1854850ecc4b10b4ee69a72ea84f78a192779e3 Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Tue, 30 Sep 2025 16:48:49 +0200 Subject: [PATCH 111/127] Enable Detached State Check --- entrypoint.sh | 5 ++--- tests/git-auto-commit.bats | 7 +++---- 2 files changed, 5 insertions(+), 7 deletions(-) diff --git a/entrypoint.sh b/entrypoint.sh index e8734708..0799ec57 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -33,7 +33,7 @@ _main() { _check_if_is_git_repository - # _check_if_repository_is_in_detached_state + _check_if_repository_is_in_detached_state if "$INPUT_CREATE_GIT_TAG_ONLY"; then _log "debug" "Create git tag only"; @@ -110,8 +110,7 @@ _check_if_is_git_repository() { _check_if_repository_is_in_detached_state() { if [ -z "$(git symbolic-ref HEAD)" ] then - _log "error" "Repository is in detached HEAD state. Please make sure you check out a branch. Adjust the `ref` input accordingly."; - exit 1; + _log "warning" "Repository is in a detached HEAD state. git-auto-commit will likely handle this automatically. To avoid it, check out a branch using the ref option in actions/checkout."; else _log "debug" "Repository is on a branch."; fi diff --git a/tests/git-auto-commit.bats b/tests/git-auto-commit.bats index c3f2a7d9..ea5e5991 100644 --- a/tests/git-auto-commit.bats +++ b/tests/git-auto-commit.bats @@ -1087,8 +1087,7 @@ END assert_line "::error::Not a git repository. Please make sure to run this action in a git repository. Adjust the `repository` input if necessary." } -@test "It detects if the repository is in a detached state and exits with an error" { - skip +@test "It detects if the repository is in a detached state and logs a warning" { touch "${FAKE_LOCAL_REPOSITORY}"/new-file-{1,2,3}.txt run git_auto_commit @@ -1103,8 +1102,8 @@ END run git_auto_commit - assert_failure; - assert_line "::error::Repository is in detached HEAD state. Please make sure you check out a branch. Adjust the `ref` input accordingly." + assert_success; + assert_line "::warning::Repository is in a detached HEAD state. git-auto-commit will likely handle this automatically. To avoid it, check out a branch using the ref option in actions/checkout." } @test "it creates a tag if create_git_tag_only is set to true and a message has been supplied" { From e8684eb0cd3714a844cb825cd29a0afcf6d66dbc Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Sun, 12 Oct 2025 14:27:10 +0200 Subject: [PATCH 112/127] Fix Tests --- tests/git-auto-commit.bats | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/git-auto-commit.bats b/tests/git-auto-commit.bats index 5e746433..1fc2ffb5 100644 --- a/tests/git-auto-commit.bats +++ b/tests/git-auto-commit.bats @@ -1227,7 +1227,7 @@ END assert_line "INPUT_COMMIT_OPTIONS: " assert_line "::debug::Apply commit options " assert_line "INPUT_TAGGING_MESSAGE: " - assert_line "No tagging message supplied. No tag will be added." + assert_line "Neither tag nor tag message is set. No tag will be added." assert_line "INPUT_PUSH_OPTIONS: " assert_line "::debug::Apply push options " assert_line "::debug::Push commit to remote branch not-existend-branch" @@ -1268,7 +1268,7 @@ END assert_line "INPUT_COMMIT_OPTIONS: " assert_line "::debug::Apply commit options " assert_line "INPUT_TAGGING_MESSAGE: " - assert_line "No tagging message supplied. No tag will be added." + assert_line "Neither tag nor tag message is set. No tag will be added." assert_line "INPUT_PUSH_OPTIONS: " assert_line "::debug::Apply push options " assert_line "::debug::Push commit to remote branch not-existend-remote-branch" @@ -1329,7 +1329,7 @@ END assert_line "INPUT_COMMIT_OPTIONS: " assert_line "::debug::Apply commit options " assert_line "INPUT_TAGGING_MESSAGE: " - assert_line "No tagging message supplied. No tag will be added." + assert_line "Neither tag nor tag message is set. No tag will be added." assert_line "INPUT_PUSH_OPTIONS: " assert_line "::debug::Apply push options " assert_line "::debug::Push commit to remote branch existing-remote-branch" From d7ee275235b337d03e77815bd319db607e2b455b Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Sun, 12 Oct 2025 14:37:32 +0200 Subject: [PATCH 113/127] Change internal variable names --- entrypoint.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/entrypoint.sh b/entrypoint.sh index 1c79ed65..8a894aab 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -180,11 +180,11 @@ _tag_commit() { echo "INPUT_TAGGING_MESSAGE: ${INPUT_TAGGING_MESSAGE}" if [ -n "$INPUT_TAG" ] || [ -n "$INPUT_TAGGING_MESSAGE" ]; then - TAG=${INPUT_TAG:-$INPUT_TAGGING_MESSAGE} - MESSAGE=${INPUT_TAGGING_MESSAGE:-$INPUT_TAG} + INTERNAL_TAG=${INPUT_TAG:-$INPUT_TAGGING_MESSAGE} + INTERNAL_TAGGING_MESSAGE=${INPUT_TAGGING_MESSAGE:-$INPUT_TAG} - _log "debug" "Create tag $TAG: $MESSAGE" - git -c user.name="$INPUT_COMMIT_USER_NAME" -c user.email="$INPUT_COMMIT_USER_EMAIL" tag -a "$TAG" -m "$MESSAGE" + _log "debug" "Create tag $INTERNAL_TAG: $INTERNAL_TAGGING_MESSAGE" + git -c user.name="$INPUT_COMMIT_USER_NAME" -c user.email="$INPUT_COMMIT_USER_EMAIL" tag -a "$INTERNAL_TAG" -m "$INTERNAL_TAGGING_MESSAGE" else echo "Neither tag nor tag message is set. No tag will be added."; fi From c40819ab3b7619623b7d0d760f3296f014f245b8 Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Sun, 12 Oct 2025 14:59:32 +0200 Subject: [PATCH 114/127] Update README --- README.md | 5 ++--- action.yml | 4 ++-- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index cb1ca490..6c84bbce 100644 --- a/README.md +++ b/README.md @@ -93,8 +93,7 @@ The following is an extended example with all available options. # Optional. Message to annotate the created tag with. # If only one of `tag` or `tagging_message` is provided, the value of the provided field will be used for both tag name and message. - tagging_message: 'MyProduct v1.0.0' - + tagging_message: 'Codename "Sunshine"' # Optional. Option used by `git-status` to determine if the repository is # dirty. See https://git-scm.com/docs/git-status#_options @@ -125,7 +124,7 @@ The following is an extended example with all available options. create_branch: true # Optional. Creates a new tag and pushes it to remote without creating a commit. - # Skips dirty check and changed files. Must be used with `tagging_message`. + # Skips dirty check and changed files. Must be used in combination with `tag` and `tagging_message`. create_git_tag_only: false ``` diff --git a/action.yml b/action.yml index 74c81925..767ee3dc 100644 --- a/action.yml +++ b/action.yml @@ -45,11 +45,11 @@ inputs: required: false default: ${{ github.actor }} <${{ github.actor_id }}+${{ github.actor }}@users.noreply.github.com> tag: - description: New git tag with the commit. Keep this empty, if no tag should be created. + description: Tag name used for creating a new git tag with the commit. Keep this empty, if no tag should be created. required: false default: '' tagging_message: - description: Message used to create a new git tag with the commit. + description: Tagging message used for creating a new git tag with the commit. Keep this empty, if no tag should be created. required: false default: '' push_options: From 28e16e81777b558cc906c8750092100bbb34c5e3 Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Sun, 12 Oct 2025 16:31:03 +0200 Subject: [PATCH 115/127] Release preparations for v7 (#394) --- .github/workflows/update-changelog.yaml | 2 +- README.md | 42 ++++++++++++------------- UPGRADING.md | 7 +++++ action.yml | 2 +- entrypoint.sh | 12 +++---- tests/git-auto-commit.bats | 40 +++++++++++------------ 6 files changed, 56 insertions(+), 49 deletions(-) diff --git a/.github/workflows/update-changelog.yaml b/.github/workflows/update-changelog.yaml index 3fc58e58..2fc63816 100644 --- a/.github/workflows/update-changelog.yaml +++ b/.github/workflows/update-changelog.yaml @@ -27,7 +27,7 @@ jobs: latest-version: ${{ github.event.release.name }} - name: Commit updated CHANGELOG - uses: stefanzweifel/git-auto-commit-action@v6 + uses: stefanzweifel/git-auto-commit-action@v7 with: branch: master commit_message: Update CHANGELOG diff --git a/README.md b/README.md index 6c84bbce..431335a9 100644 --- a/README.md +++ b/README.md @@ -19,7 +19,7 @@ Adding git-auto-commit to your Workflow only takes a couple lines of code. 2. Add the following step at the end of your job, after other steps that might add or change files. ```yaml -- uses: stefanzweifel/git-auto-commit-action@v6 +- uses: stefanzweifel/git-auto-commit-action@v7 ``` Your Workflow should look similar to this example. @@ -39,7 +39,7 @@ jobs: contents: write steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 with: ref: ${{ github.head_ref }} @@ -47,7 +47,7 @@ jobs: # … # Commit all changed files back to the repository - - uses: stefanzweifel/git-auto-commit-action@v6 + - uses: stefanzweifel/git-auto-commit-action@v7 ``` > [!NOTE] @@ -56,7 +56,7 @@ jobs: The following is an extended example with all available options. ```yaml -- uses: stefanzweifel/git-auto-commit-action@v6 +- uses: stefanzweifel/git-auto-commit-action@v7 with: # Optional. Commit message for the created commit. # Defaults to "Apply automatic changes" @@ -88,11 +88,11 @@ The following is an extended example with all available options. # Optional. Tag name to be created in the local repository and # pushed to the remote repository on the defined branch. - # If only one of `tag` or `tagging_message` is provided, the value of the provided field will be used for both tag name and message. - tag: 'v1.0.0' + # If only one of `tag_name` or `tagging_message` is provided, the value of the provided field will be used for both tag name and message. + tag_name: 'v1.0.0' # Optional. Message to annotate the created tag with. - # If only one of `tag` or `tagging_message` is provided, the value of the provided field will be used for both tag name and message. + # If only one of `tag_name` or `tagging_message` is provided, the value of the provided field will be used for both tag name and message. tagging_message: 'Codename "Sunshine"' # Optional. Option used by `git-status` to determine if the repository is @@ -155,14 +155,14 @@ jobs: contents: write steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 with: ref: ${{ github.head_ref }} - name: Run php-cs-fixer uses: docker://oskarstark/php-cs-fixer-ga - - uses: stefanzweifel/git-auto-commit-action@v6 + - uses: stefanzweifel/git-auto-commit-action@v7 with: commit_message: Apply php-cs-fixer changes ``` @@ -184,7 +184,7 @@ You can use these outputs to trigger other Actions in your Workflow run based on ### Example ```yaml - - uses: stefanzweifel/git-auto-commit-action@v6 + - uses: stefanzweifel/git-auto-commit-action@v7 id: auto-commit-action #mandatory for the output to show up in ${{ steps }} with: commit_message: Apply php-cs-fixer changes @@ -220,7 +220,7 @@ You must use `action/checkout@v2` or later versions to check out the repository. In non-`push` events, such as `pull_request`, make sure to specify the `ref` to check out: ```yaml -- uses: actions/checkout@v4 +- uses: actions/checkout@v5 with: ref: ${{ github.head_ref }} ``` @@ -238,7 +238,7 @@ You can change this by creating a new [Personal Access Token (PAT)](https://gith storing the token as a secret in your repository and then passing the new token to the [`actions/checkout`](https://github.com/actions/checkout#usage) Action step. ```yaml -- uses: actions/checkout@v4 +- uses: actions/checkout@v5 with: token: ${{ secrets.PAT }} ``` @@ -284,7 +284,7 @@ The example below can be used as a starting point to generate a multiline commit # Quick and dirty step to get rid of the temporary file holding the commit message - run: rm -rf commitmessage.txt - - uses: stefanzweifel/git-auto-commit-action@v6 + - uses: stefanzweifel/git-auto-commit-action@v7 id: commit with: commit_message: ${{ steps.commit_message_step.outputs.commit_message }} @@ -308,7 +308,7 @@ As git-auto-commit by default does not use **your** username and email when crea git_commit_gpgsign: true - name: "Commit and push changes" - uses: stefanzweifel/git-auto-commit-action@v6 + uses: stefanzweifel/git-auto-commit-action@v7 with: commit_author: "${{ steps.import-gpg.outputs.name }} <${{ steps.import-gpg.outputs.email }}>" commit_user_name: ${{ steps.import-gpg.outputs.name }} @@ -371,7 +371,7 @@ jobs: contents: write steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 with: # Checkout the fork/head-repository and push changes to the fork. # If you skip this, the base repository will be checked out and changes @@ -385,7 +385,7 @@ jobs: - name: Run php-cs-fixer uses: docker://oskarstark/php-cs-fixer-ga - - uses: stefanzweifel/git-auto-commit-action@v6 + - uses: stefanzweifel/git-auto-commit-action@v7 ``` For more information about running Actions on forks, see [this announcement from GitHub](https://github.blog/2020-08-03-github-actions-improvements-for-fork-and-pull-request-workflows/). @@ -420,7 +420,7 @@ The steps in your workflow might look like this: echo "message=$(git log -1 --pretty=%s)" >> $GITHUB_OUTPUT echo "author=$(git log -1 --pretty=\"%an <%ae>\")" >> $GITHUB_OUTPUT -- uses: stefanzweifel/git-auto-commit-action@v6 +- uses: stefanzweifel/git-auto-commit-action@v7 with: commit_author: ${{ steps.last-commit.outputs.author }} commit_message: ${{ steps.last-commit.outputs.message }} @@ -463,7 +463,7 @@ If you create a personal access token (classic), apply the `repo` and `workflow` If you create a fine-grained personal access token, apply the `Contents`-permissions. ```yaml -- uses: actions/checkout@v4 +- uses: actions/checkout@v5 with: # We pass the "PAT" secret to the checkout action; if no PAT secret is available to the workflow runner (eg. Dependabot) we fall back to the default "GITHUB_TOKEN". token: ${{ secrets.PAT || secrets.GITHUB_TOKEN }} @@ -477,7 +477,7 @@ You can learn more about Personal Access Token in the [GitHub documentation](htt If you go the "force pushes" route, you have to enable force pushes to a protected branch (see [documentation](https://help.github.com/en/github/administering-a-repository/enabling-force-pushes-to-a-protected-branch)) and update your Workflow to use force push like this. ```yaml - - uses: stefanzweifel/git-auto-commit-action@v6 + - uses: stefanzweifel/git-auto-commit-action@v7 with: commit_message: Apply php-cs-fixer changes push_options: --force @@ -507,7 +507,7 @@ This is due to the fact, that the `*.md`-glob is expanded before sending it to ` To fix this add `disable_globbing: true` to your Workflow. ```yaml -- uses: stefanzweifel/git-auto-commit-action@v6 +- uses: stefanzweifel/git-auto-commit-action@v7 with: file_pattern: '*.md' disable_globbing: true @@ -535,7 +535,7 @@ yarn test We use [SemVer](http://semver.org/) for versioning. For the versions available, see the [tags on this repository](https://github.com/stefanzweifel/git-auto-commit-action/tags). -We also provide major version tags to make it easier to always use the latest release of a major version. For example, you can use `stefanzweifel/git-auto-commit-action@v6` to always use the latest release of the current major version. +We also provide major version tags to make it easier to always use the latest release of a major version. For example, you can use `stefanzweifel/git-auto-commit-action@v7` to always use the latest release of the current major version. (More information about this [here](https://help.github.com/en/actions/building-actions/about-actions#versioning-your-action).) ## Credits diff --git a/UPGRADING.md b/UPGRADING.md index f3be24c6..ad15370e 100644 --- a/UPGRADING.md +++ b/UPGRADING.md @@ -1,5 +1,12 @@ # Upgrading +## From v6 to v7 + +The previously removed options `create_branch`, `skip_fetch`, and `skip_checkout` have been reintroduced in git-auto-commit v7. If you had removed these options from your workflows when upgrading to v6, you can now add them back if needed. + +Tagging a commit has been reworked. In addition to the existing `tagging_message`-option, a new `tag_name` option has been added. If you were using `tagging_message`, you can continue to do so, but if you want to specify a custom tag name and tag message, you can now use the `tag_name` and `tagging_message` option. +(Specifying a `tagging_message` without a `tag_name` will create a tag with the name and message both set to the value of `tagging_message`.) + ## From v5 to v6 The following options have been removed from git-auto-commit and can be removed from your workflows. diff --git a/action.yml b/action.yml index 767ee3dc..6c1d098e 100644 --- a/action.yml +++ b/action.yml @@ -44,7 +44,7 @@ inputs: description: Value used for the commit author. Defaults to the username of whoever triggered this workflow run. required: false default: ${{ github.actor }} <${{ github.actor_id }}+${{ github.actor }}@users.noreply.github.com> - tag: + tag_name: description: Tag name used for creating a new git tag with the commit. Keep this empty, if no tag should be created. required: false default: '' diff --git a/entrypoint.sh b/entrypoint.sh index 8a894aab..d288a67a 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -176,12 +176,12 @@ _local_commit() { } _tag_commit() { - echo "INPUT_TAG: ${INPUT_TAG}" + echo "INPUT_TAG_NAME: ${INPUT_TAG_NAME}" echo "INPUT_TAGGING_MESSAGE: ${INPUT_TAGGING_MESSAGE}" - if [ -n "$INPUT_TAG" ] || [ -n "$INPUT_TAGGING_MESSAGE" ]; then - INTERNAL_TAG=${INPUT_TAG:-$INPUT_TAGGING_MESSAGE} - INTERNAL_TAGGING_MESSAGE=${INPUT_TAGGING_MESSAGE:-$INPUT_TAG} + if [ -n "$INPUT_TAG_NAME" ] || [ -n "$INPUT_TAGGING_MESSAGE" ]; then + INTERNAL_TAG=${INPUT_TAG_NAME:-$INPUT_TAGGING_MESSAGE} + INTERNAL_TAGGING_MESSAGE=${INPUT_TAGGING_MESSAGE:-$INPUT_TAG_NAME} _log "debug" "Create tag $INTERNAL_TAG: $INTERNAL_TAGGING_MESSAGE" git -c user.name="$INPUT_COMMIT_USER_NAME" -c user.email="$INPUT_COMMIT_USER_EMAIL" tag -a "$INTERNAL_TAG" -m "$INTERNAL_TAGGING_MESSAGE" @@ -202,8 +202,8 @@ _push_to_github() { if [ -z "$INPUT_BRANCH" ] then - # Only add `--tags` option, if `$INPUT_TAG` or `$INPUT_TAGGING_MESSAGE` is set - if [ -n "$INPUT_TAG" ] || [ -n "$INPUT_TAGGING_MESSAGE" ] + # Only add `--tags` option, if `$INPUT_TAG_NAME` or `$INPUT_TAGGING_MESSAGE` is set + if [ -n "$INPUT_TAG_NAME" ] || [ -n "$INPUT_TAGGING_MESSAGE" ] then _log "debug" "git push origin --tags"; git push origin --follow-tags --atomic ${INPUT_PUSH_OPTIONS:+"${INPUT_PUSH_OPTIONS_ARRAY[@]}"}; diff --git a/tests/git-auto-commit.bats b/tests/git-auto-commit.bats index 1fc2ffb5..a0fdc366 100644 --- a/tests/git-auto-commit.bats +++ b/tests/git-auto-commit.bats @@ -32,7 +32,7 @@ setup() { export INPUT_COMMIT_USER_NAME="Test Suite" export INPUT_COMMIT_USER_EMAIL="test@github.com" export INPUT_COMMIT_AUTHOR="Test Suite " - export INPUT_TAG="" + export INPUT_TAG_NAME="" export INPUT_TAGGING_MESSAGE="" export INPUT_PUSH_OPTIONS="" export INPUT_SKIP_DIRTY_CHECK=false @@ -122,7 +122,7 @@ cat_github_output() { assert_line "INPUT_FILE_PATTERN: ." assert_line "INPUT_COMMIT_OPTIONS: " assert_line "::debug::Apply commit options " - assert_line "INPUT_TAG: " + assert_line "INPUT_TAG_NAME: " assert_line "INPUT_TAGGING_MESSAGE: " assert_line "Neither tag nor tag message is set. No tag will be added." assert_line "INPUT_PUSH_OPTIONS: " @@ -146,7 +146,7 @@ cat_github_output() { assert_line "INPUT_FILE_PATTERN: ." assert_line "INPUT_COMMIT_OPTIONS: " assert_line "::debug::Apply commit options " - assert_line "INPUT_TAG: " + assert_line "INPUT_TAG_NAME: " assert_line "INPUT_TAGGING_MESSAGE: " assert_line "Neither tag nor tag message is set. No tag will be added." assert_line "INPUT_PUSH_OPTIONS: " @@ -294,7 +294,7 @@ cat_github_output() { } @test "It creates a tag with the commit" { - INPUT_TAG="v1.0.0" + INPUT_TAG_NAME="v1.0.0" INPUT_TAGGING_MESSAGE="MyProduct v1.0.0" touch "${FAKE_LOCAL_REPOSITORY}"/new-file-{1,2,3}.txt @@ -303,7 +303,7 @@ cat_github_output() { assert_success - assert_line "INPUT_TAG: v1.0.0" + assert_line "INPUT_TAG_NAME: v1.0.0" assert_line "INPUT_TAGGING_MESSAGE: MyProduct v1.0.0" assert_line "::debug::Create tag v1.0.0: MyProduct v1.0.0" @@ -394,7 +394,7 @@ cat_github_output() { @test "It uses existing branch when INPUT_BRANCH is empty and INPUT_TAG is set" { INPUT_BRANCH="" - INPUT_TAG="v2.0.0" + INPUT_TAG_NAME="v2.0.0" INPUT_TAGGING_MESSAGE="MyProduct v2.0.0" @@ -404,7 +404,7 @@ cat_github_output() { assert_success - assert_line "INPUT_TAG: v2.0.0" + assert_line "INPUT_TAG_NAME: v2.0.0" assert_line "::debug::Create tag v2.0.0: MyProduct v2.0.0" assert_line "::debug::git push origin --tags" @@ -445,7 +445,7 @@ cat_github_output() { @test "It pushes generated commit and tag to remote and actually updates the commit shas" { INPUT_BRANCH="" - INPUT_TAG="v2.0.0" + INPUT_TAG_NAME="v2.0.0" INPUT_TAGGING_MESSAGE="MyProduct v2.0.0" @@ -455,7 +455,7 @@ cat_github_output() { assert_success - assert_line "INPUT_TAG: v2.0.0" + assert_line "INPUT_TAG_NAME: v2.0.0" assert_line "::debug::Create tag v2.0.0: MyProduct v2.0.0" assert_line "::debug::git push origin --tags" @@ -480,7 +480,7 @@ cat_github_output() { git checkout ${FAKE_DEFAULT_BRANCH} INPUT_BRANCH="a-new-branch" - INPUT_TAG="v2.0.0" + INPUT_TAG_NAME="v2.0.0" INPUT_TAGGING_MESSAGE="MyProduct v2.0.0" @@ -490,7 +490,7 @@ cat_github_output() { assert_success - assert_line "INPUT_TAG: v2.0.0" + assert_line "INPUT_TAG_NAME: v2.0.0" assert_line "::debug::Create tag v2.0.0: MyProduct v2.0.0" assert_line "::debug::Push commit to remote branch a-new-branch" @@ -643,7 +643,7 @@ cat_github_output() { assert_line "INPUT_FILE_PATTERN: ." assert_line "INPUT_COMMIT_OPTIONS: " assert_line "::debug::Apply commit options " - assert_line "INPUT_TAG: " + assert_line "INPUT_TAG_NAME: " assert_line "INPUT_TAGGING_MESSAGE: " assert_line "Neither tag nor tag message is set. No tag will be added." assert_line "INPUT_PUSH_OPTIONS: " @@ -702,7 +702,7 @@ cat_github_output() { assert_line "INPUT_FILE_PATTERN: ." assert_line "INPUT_COMMIT_OPTIONS: " assert_line "::debug::Apply commit options " - assert_line "INPUT_TAG: " + assert_line "INPUT_TAG_NAME: " assert_line "INPUT_TAGGING_MESSAGE: " assert_line "Neither tag nor tag message is set. No tag will be added." assert_line "INPUT_PUSH_OPTIONS: " @@ -1035,7 +1035,7 @@ cat_github_output() { assert_line "INPUT_FILE_PATTERN: ." assert_line "INPUT_COMMIT_OPTIONS: " assert_line "::debug::Apply commit options " - assert_line "INPUT_TAG: " + assert_line "INPUT_TAG_NAME: " assert_line "INPUT_TAGGING_MESSAGE: " assert_line "Neither tag nor tag message is set. No tag will be added." assert_line "INPUT_PUSH_OPTIONS: " @@ -1123,7 +1123,7 @@ END @test "it creates a tag if create_git_tag_only is set to true and a message has been supplied" { INPUT_CREATE_GIT_TAG_ONLY=true - INPUT_TAG=v1.0.0 + INPUT_TAG_NAME=v1.0.0 INPUT_TAGGING_MESSAGE="MyProduct v1.0.0" run git_auto_commit @@ -1153,14 +1153,14 @@ END @test "it output no tagging message supplied if no tagging message is set but create_git_tag_only is set to true" { INPUT_CREATE_GIT_TAG_ONLY=true - INPUT_TAG="" + INPUT_TAG_NAME="" INPUT_TAGGING_MESSAGE="" run git_auto_commit assert_success - assert_line "INPUT_TAG: " + assert_line "INPUT_TAG_NAME: " assert_line "INPUT_TAGGING_MESSAGE: " assert_line "Neither tag nor tag message is set. No tag will be added." assert_line "::debug::Create git tag only" @@ -1452,7 +1452,7 @@ END assert_success - assert_line "INPUT_TAG: " + assert_line "INPUT_TAG_NAME: " assert_line "INPUT_TAGGING_MESSAGE: v1.0.0" assert_line "::debug::Create tag v1.0.0: v1.0.0" @@ -1474,7 +1474,7 @@ END } @test "Set a tag only" { - INPUT_TAG="v1.0.0" + INPUT_TAG_NAME="v1.0.0" touch "${FAKE_LOCAL_REPOSITORY}"/new-file-{1,2,3}.txt @@ -1482,7 +1482,7 @@ END assert_success - assert_line "INPUT_TAG: v1.0.0" + assert_line "INPUT_TAG_NAME: v1.0.0" assert_line "INPUT_TAGGING_MESSAGE: " assert_line "::debug::Create tag v1.0.0: v1.0.0" From 8fa7f5a3c51038deaa521c22ae89fac24baad8e7 Mon Sep 17 00:00:00 2001 From: stefanzweifel <1080923+stefanzweifel@users.noreply.github.com> Date: Sun, 12 Oct 2025 14:39:35 +0000 Subject: [PATCH 116/127] Update CHANGELOG --- CHANGELOG.md | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index b60f66d5..b0bfb933 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,10 +5,26 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html). -## [Unreleased](https://github.com/stefanzweifel/git-auto-commit-action/compare/v6.0.1...HEAD) +## [Unreleased](https://github.com/stefanzweifel/git-auto-commit-action/compare/v7.0.0...HEAD) > TBD +## [v7.0.0](https://github.com/stefanzweifel/git-auto-commit-action/compare/v6.0.1...v7.0.0) - 2025-10-12 + +### Added + +- Restore skip_fetch, skip_checkout, create_branch ([#388](https://github.com/stefanzweifel/git-auto-commit-action/pull/388)) [@stefanzweifel](https://github.com/@stefanzweifel) +- Restore Detached State Detection ([#393](https://github.com/stefanzweifel/git-auto-commit-action/pull/393)) [@stefanzweifel](https://github.com/@stefanzweifel) +- Add Support for Tag Messages ([#391](https://github.com/stefanzweifel/git-auto-commit-action/pull/391)) [@EliasBoulharts](https://github.com/@EliasBoulharts) + +### Changed + +- Run Action on Node 24 ([#389](https://github.com/stefanzweifel/git-auto-commit-action/pull/389)) [@stefanzweifel](https://github.com/@stefanzweifel) + +### Dependency Updates + +- Bump actions/checkout from 4 to 5 ([#386](https://github.com/stefanzweifel/git-auto-commit-action/pull/386)) [@[dependabot[bot]](https://github.com/apps/dependabot)](https://github.com/@[dependabot[bot]](https://github.com/apps/dependabot)) + ## [v6.0.1](https://github.com/stefanzweifel/git-auto-commit-action/compare/v6.0.0...v6.0.1) - 2025-06-11 ### Fixed From 547c1409cec143c754e148a6fbdfa359db836cf6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 10 Nov 2025 08:08:12 +0100 Subject: [PATCH 117/127] Bump bats from 1.12.0 to 1.13.0 (#398) Bumps [bats](https://github.com/bats-core/bats-core) from 1.12.0 to 1.13.0. - [Release notes](https://github.com/bats-core/bats-core/releases) - [Changelog](https://github.com/bats-core/bats-core/blob/master/docs/CHANGELOG.md) - [Commits](https://github.com/bats-core/bats-core/compare/v1.12.0...v1.13.0) --- updated-dependencies: - dependency-name: bats dependency-version: 1.13.0 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- package-lock.json | 8 ++++---- package.json | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package-lock.json b/package-lock.json index 83e9b66e..8a8dfcf3 100644 --- a/package-lock.json +++ b/package-lock.json @@ -5,15 +5,15 @@ "packages": { "": { "devDependencies": { - "bats": "^1.12.0", + "bats": "^1.13.0", "bats-assert": "ztombol/bats-assert", "bats-support": "ztombol/bats-support" } }, "node_modules/bats": { - "version": "1.12.0", - "resolved": "https://registry.npmjs.org/bats/-/bats-1.12.0.tgz", - "integrity": "sha512-1HTv2n+fjn3bmY9SNDgmzS6bjoKtVlSK2pIHON5aSA2xaqGkZFoCCWP46/G6jm9zZ7MCi84mD+3Byw4t3KGwBg==", + "version": "1.13.0", + "resolved": "https://registry.npmjs.org/bats/-/bats-1.13.0.tgz", + "integrity": "sha512-giSYKGTOcPZyJDbfbTtzAedLcNWdjCLbXYU3/MwPnjyvDXzu6Dgw8d2M+8jHhZXSmsCMSQqCp+YBsJ603UO4vQ==", "dev": true, "license": "MIT", "bin": { diff --git a/package.json b/package.json index 06d7fc8d..e45dac4e 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "devDependencies": { - "bats": "^1.12.0", + "bats": "^1.13.0", "bats-assert": "ztombol/bats-assert", "bats-support": "ztombol/bats-support" }, From 65c56779c90b0324ac2a7e7c31ec876b8db47914 Mon Sep 17 00:00:00 2001 From: Gideon <87426140+GideonBear@users.noreply.github.com> Date: Wed, 3 Dec 2025 12:10:40 +0100 Subject: [PATCH 118/127] docs: fix typo in README.md (#400) --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 431335a9..1cdc4b00 100644 --- a/README.md +++ b/README.md @@ -216,7 +216,7 @@ If this Action doesn't work for your workflow, check out [EndBug/add-and-commit] ### Checkout the correct branch -You must use `action/checkout@v2` or later versions to check out the repository. +You must use `actions/checkout@v2` or later versions to check out the repository. In non-`push` events, such as `pull_request`, make sure to specify the `ref` to check out: ```yaml From 1e49d5001fa4bb7d02711af41f4af23c58ef1de8 Mon Sep 17 00:00:00 2001 From: Koen van Zuijlen <8818390+kvanzuijlen@users.noreply.github.com> Date: Wed, 17 Dec 2025 20:23:26 +0100 Subject: [PATCH 119/127] Add skip_push input option (#401) Co-authored-by: Stefan Zweifel --- README.md | 3 +++ action.yml | 4 ++++ entrypoint.sh | 4 ++++ tests/git-auto-commit.bats | 19 +++++++++++++++++++ 4 files changed, 30 insertions(+) diff --git a/README.md b/README.md index 1cdc4b00..07dbf82e 100644 --- a/README.md +++ b/README.md @@ -115,6 +115,9 @@ The following is an extended example with all available options. # Optional. Skip internal call to `git checkout` skip_checkout: true + + # Optional. Skip internal call to `git push` + skip_push: true # Optional. Prevents the shell from expanding filenames. # Details: https://www.gnu.org/software/bash/manual/html_node/Filename-Expansion.html diff --git a/action.yml b/action.yml index 6c1d098e..ed7e85fa 100644 --- a/action.yml +++ b/action.yml @@ -68,6 +68,10 @@ inputs: description: Skip the call to git-checkout. required: false default: false + skip_push: + description: Skip the call to git-push. + required: false + default: false disable_globbing: description: Stop the shell from expanding filenames (https://www.gnu.org/software/bash/manual/html_node/Filename-Expansion.html) default: false diff --git a/entrypoint.sh b/entrypoint.sh index d288a67a..09fb6b73 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -191,6 +191,10 @@ _tag_commit() { } _push_to_github() { + if "$INPUT_SKIP_PUSH"; then + _log "debug" "git-push will not be executed."; + return + fi echo "INPUT_BRANCH value: $INPUT_BRANCH"; diff --git a/tests/git-auto-commit.bats b/tests/git-auto-commit.bats index a0fdc366..9e39f7ea 100644 --- a/tests/git-auto-commit.bats +++ b/tests/git-auto-commit.bats @@ -38,6 +38,7 @@ setup() { export INPUT_SKIP_DIRTY_CHECK=false export INPUT_SKIP_FETCH=false export INPUT_SKIP_CHECKOUT=false + export INPUT_SKIP_PUSH=false export INPUT_DISABLE_GLOBBING=false export INPUT_CREATE_BRANCH=false export INPUT_INTERNAL_GIT_BINARY=git @@ -352,6 +353,24 @@ cat_github_output() { assert_equal $current_sha $remote_sha } +@test "If SKIP_PUSH is true git-push will not be called" { + touch "${FAKE_LOCAL_REPOSITORY}"/new-file-{1,2,3}.txt + + INPUT_SKIP_PUSH=true + + run git_auto_commit + + assert_success + + assert_line "::debug::git-push will not be executed." + + # Assert that the sha values are not equal on local and remote + current_sha="$(git rev-parse --verify --short ${FAKE_DEFAULT_BRANCH})" + remote_sha="$(git rev-parse --verify --short origin/${FAKE_DEFAULT_BRANCH})" + + refute [assert_equal $current_sha $remote_sha] +} + @test "It can checkout a different branch" { # Create foo-branch and then immediately switch back to ${FAKE_DEFAULT_BRANCH} git checkout -b foo From 04702edda442b2e678b25b537cec683a1493fcb9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 17 Dec 2025 20:23:57 +0100 Subject: [PATCH 120/127] Bump actions/checkout from 5 to 6 (#399) Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/git-auto-commit.yml | 2 +- .github/workflows/linter.yml | 2 +- .github/workflows/tests.yml | 2 +- .github/workflows/update-changelog.yaml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/git-auto-commit.yml b/.github/workflows/git-auto-commit.yml index f2db122c..40f7f0b4 100644 --- a/.github/workflows/git-auto-commit.yml +++ b/.github/workflows/git-auto-commit.yml @@ -16,7 +16,7 @@ jobs: contents: write steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 with: ref: ${{ github.head_ref }} diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml index 96268904..e954e2d3 100644 --- a/.github/workflows/linter.yml +++ b/.github/workflows/linter.yml @@ -9,7 +9,7 @@ jobs: steps: - name: Checkout Code - uses: actions/checkout@v5 + uses: actions/checkout@v6 - name: Lint Code Base uses: github/super-linter@v7 diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 5ca82191..451d19dc 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 - name: Install testing dependencies run: yarn install diff --git a/.github/workflows/update-changelog.yaml b/.github/workflows/update-changelog.yaml index 2fc63816..58d79b3c 100644 --- a/.github/workflows/update-changelog.yaml +++ b/.github/workflows/update-changelog.yaml @@ -16,7 +16,7 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@v5 + uses: actions/checkout@v6 with: ref: master From b811de3f2d9e17d5fa2a2e415eebf8129c596c7b Mon Sep 17 00:00:00 2001 From: stefanzweifel <1080923+stefanzweifel@users.noreply.github.com> Date: Wed, 17 Dec 2025 19:26:02 +0000 Subject: [PATCH 121/127] Update CHANGELOG --- CHANGELOG.md | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index b0bfb933..8e93c5ae 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,10 +5,25 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html). -## [Unreleased](https://github.com/stefanzweifel/git-auto-commit-action/compare/v7.0.0...HEAD) +## [Unreleased](https://github.com/stefanzweifel/git-auto-commit-action/compare/v7.1.0...HEAD) > TBD +## [v7.1.0](https://github.com/stefanzweifel/git-auto-commit-action/compare/v7.0.0...v7.1.0) - 2025-12-17 + +### Added + +- Add skip_push input option ([#401](https://github.com/stefanzweifel/git-auto-commit-action/pull/401)) [@kvanzuijlen](https://github.com/@kvanzuijlen) + +### Changes + +- docs: fix typo in README.md ([#400](https://github.com/stefanzweifel/git-auto-commit-action/pull/400)) [@GideonBear](https://github.com/@GideonBear) + +### Dependency Updates + +- Bump actions/checkout from 5 to 6 ([#399](https://github.com/stefanzweifel/git-auto-commit-action/pull/399)) [@[dependabot[bot]](https://github.com/apps/dependabot)](https://github.com/@[dependabot[bot]](https://github.com/apps/dependabot)) +- Bump bats from 1.12.0 to 1.13.0 ([#398](https://github.com/stefanzweifel/git-auto-commit-action/pull/398)) [@[dependabot[bot]](https://github.com/apps/dependabot)](https://github.com/@[dependabot[bot]](https://github.com/apps/dependabot)) + ## [v7.0.0](https://github.com/stefanzweifel/git-auto-commit-action/compare/v6.0.1...v7.0.0) - 2025-10-12 ### Added From 6739571eaee7f2e84e98784215d23acd69740d13 Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Sat, 3 Jan 2026 08:53:26 +0100 Subject: [PATCH 122/127] Add Note about persist-credentials to README --- README.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 07dbf82e..b98da52e 100644 --- a/README.md +++ b/README.md @@ -42,6 +42,8 @@ jobs: - uses: actions/checkout@v5 with: ref: ${{ github.head_ref }} + # Value already defaults to true, but `persist-credentials` is required to push new commits to the repository. + persist-credentials: true # Other steps that change files in the repository go here # … @@ -444,7 +446,9 @@ Make sure to [checkout the correct branch](#checkout-the-correct-branch). If your Workflow can't push the commit to the repository because of authentication issues, please update your Workflow configuration and usage of [`actions/checkout`](https://github.com/actions/checkout#usage). -Updating the `token` value with a Personal Access Token should fix your issues. +Please note that `persist-credentials` in `actions/checkout` must be set to `true` to push new commits to the repository. + +If you still can't push the commit, and you're using branch protection rules or similar features, updating the `token` value with a Personal Access Token should fix your issues. ### git-auto-commit fails to push commit that creates or updates files in `.github/workflows/` From e4b712e8e82ae48434d9f2232b90333ff01e748f Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Sat, 17 Jan 2026 08:24:22 +0100 Subject: [PATCH 123/127] Add Security Policy --- .github/ISSUE_TEMPLATE/config.yml | 5 ++++- .github/SECURITY.md | 3 +++ 2 files changed, 7 insertions(+), 1 deletion(-) create mode 100644 .github/SECURITY.md diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml index 640f4257..e8b0566b 100644 --- a/.github/ISSUE_TEMPLATE/config.yml +++ b/.github/ISSUE_TEMPLATE/config.yml @@ -5,4 +5,7 @@ contact_links: about: If you can't get something to work the way you expect, open a question in our discussion forums. - name: Feature Request url: https://github.com/stefanzweifel/git-auto-commit-action/discussions/new?category=ideas - about: 'Suggest any ideas you have using our discussion forums.' + about: "Suggest any ideas you have using our discussion forums." + - name: Report a security issue + url: https://github.com/stefanzweifel/git-auto-commit-action/security/policy + about: Learn how to notify us for sensitive bugs diff --git a/.github/SECURITY.md b/.github/SECURITY.md new file mode 100644 index 00000000..ec06066f --- /dev/null +++ b/.github/SECURITY.md @@ -0,0 +1,3 @@ +# Security Policy + +If you discover any security related issues, please email stefan@stefanzweifel.dev instead of using the issue tracker. From df21a760ddce5aca932ba20fa2ba4f17a182c39a Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Sat, 17 Jan 2026 08:25:12 +0100 Subject: [PATCH 124/127] Remove Security Link from config.yml --- .github/ISSUE_TEMPLATE/config.yml | 3 --- 1 file changed, 3 deletions(-) diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml index e8b0566b..fe104f76 100644 --- a/.github/ISSUE_TEMPLATE/config.yml +++ b/.github/ISSUE_TEMPLATE/config.yml @@ -6,6 +6,3 @@ contact_links: - name: Feature Request url: https://github.com/stefanzweifel/git-auto-commit-action/discussions/new?category=ideas about: "Suggest any ideas you have using our discussion forums." - - name: Report a security issue - url: https://github.com/stefanzweifel/git-auto-commit-action/security/policy - about: Learn how to notify us for sensitive bugs From fc84150d7c7500bbbaedb7ec522588fcc41f4d4d Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Mon, 19 Jan 2026 19:44:34 +0100 Subject: [PATCH 125/127] Add alternative actions --- README.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/README.md b/README.md index b98da52e..8ed269ad 100644 --- a/README.md +++ b/README.md @@ -11,6 +11,11 @@ By default, the commit is made in the name of "GitHub Actions" and co-authored b If you want to learn more how this Action works under the hood, check out [this article](https://michaelheap.com/git-auto-commit/) by Michael Heap. +If your use case is not covered by git-auto-commit, you might want to check out the following alternative Actions: + +- [planetscale/ghcommit-action](https://github.com/planetscale/ghcommit-action) +- [EndBug/add-and-commit](https://github.com/EndBug/add-and-commit) + ## Usage Adding git-auto-commit to your Workflow only takes a couple lines of code. From 4fc4bbf34c756a23fa53d40bc01e8ddd276d51b9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 16 Mar 2026 08:20:57 +0100 Subject: [PATCH 126/127] Bump release-drafter/release-drafter from 6 to 7 (#403) Bumps [release-drafter/release-drafter](https://github.com/release-drafter/release-drafter) from 6 to 7. - [Release notes](https://github.com/release-drafter/release-drafter/releases) - [Commits](https://github.com/release-drafter/release-drafter/compare/v6...v7) --- updated-dependencies: - dependency-name: release-drafter/release-drafter dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/release-drafter.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release-drafter.yml b/.github/workflows/release-drafter.yml index 1f36cb9d..5cfa1a0f 100644 --- a/.github/workflows/release-drafter.yml +++ b/.github/workflows/release-drafter.yml @@ -15,6 +15,6 @@ jobs: contents: write steps: - - uses: release-drafter/release-drafter@v6 + - uses: release-drafter/release-drafter@v7 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} From f53a62c26ed5971dd2ed8768e4142f08c767ea37 Mon Sep 17 00:00:00 2001 From: "M.Sz." Date: Sun, 22 Mar 2026 17:30:45 +0100 Subject: [PATCH 127/127] README: clearify meaning of the repository field (#404) --- README.md | 2 +- action.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 8ed269ad..f4d8ff6c 100644 --- a/README.md +++ b/README.md @@ -84,7 +84,7 @@ The following is an extended example with all available options. # - https://git-scm.com/docs/gitglossary#Documentation/gitglossary.txt-aiddefpathspecapathspec file_pattern: '*.php src/*.js tests/*.js' - # Optional. Local file path to the repository. + # Optional. Relative file path under $GITHUB_WORKSPACE to the repository. # Defaults to the root of the repository. repository: . diff --git a/action.yml b/action.yml index ed7e85fa..ad25cabf 100644 --- a/action.yml +++ b/action.yml @@ -29,7 +29,7 @@ inputs: required: false default: '.' repository: - description: Local file path to the git repository. Defaults to the current directory (`.`) + description: Relative file path under $GITHUB_WORKSPACE to the git repository. Defaults to the current directory (`.`) required: false default: '.' commit_user_name: