ci: init get-merge-commit workflow

Signed-off-by: John Titor <50095635+JohnRTitor@users.noreply.github.com>
This commit is contained in:
John Titor 2024-12-03 22:15:15 +05:30
parent 32adb65c08
commit b5a6aeb5df
No known key found for this signature in database
GPG Key ID: 29B0514F4E3C1CC0
2 changed files with 51 additions and 21 deletions

43
.github/workflows/get-merge-commit.yml vendored Normal file
View File

@ -0,0 +1,43 @@
name: Get merge commit
on:
workflow_call:
outputs:
mergedSha:
description: "The merge commit SHA"
value: ${{ jobs.resolve-merge-commit.outputs.mergedSha }}
# We need a token to query the API, but it doesn't need any special permissions
permissions: {}
jobs:
resolve-merge-commit:
runs-on: ubuntu-latest
outputs:
mergedSha: ${{ steps.merged.outputs.mergedSha }}
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
path: base
sparse-checkout: ci
- name: Check if the PR can be merged and get the test merge commit
id: merged
env:
GH_TOKEN: ${{ github.token }}
GH_EVENT: ${{ github.event_name }}
run: |
case "$GH_EVENT" in
push)
echo "mergedSha=${{ github.sha }}" >> "$GITHUB_OUTPUT"
;;
pull_request_target)
if mergedSha=$(base/ci/get-merge-commit.sh ${{ github.repository }} ${{ github.event.number }}); then
echo "Checking the merge commit $mergedSha"
echo "mergedSha=$mergedSha" >> "$GITHUB_OUTPUT"
else
# Skipping so that no notifications are sent
echo "Skipping the rest..."
fi
;;
esac
rm -rf base

View File

@ -58,7 +58,7 @@ Exit codes:
### Usage
This script can be used in GitHub Actions workflows as follows:
This script is implemented as a reusable GitHub Actions workflow, and can be used as follows:
```yaml
on: pull_request_target
@ -67,32 +67,19 @@ on: pull_request_target
permissions: {}
jobs:
get-merge-commit:
# use the relative path of the get-merge-commit workflow yaml here
uses: ./.github/workflows/get-merge-commit.yml
build:
name: Build
runs-on: ubuntu-latest
needs: get-merge-commit
steps:
# Important: Because of `pull_request_target`, this doesn't check out the PR,
# but rather the base branch of the PR, which is needed so we don't run untrusted code
- uses: actions/checkout@<VERSION>
with:
path: base
sparse-checkout: ci
- name: Resolving the merge commit
env:
GH_TOKEN: ${{ github.token }}
run: |
if mergedSha=$(base/ci/get-merge-commit.sh ${{ github.repository }} ${{ github.event.number }}); then
echo "Checking the merge commit $mergedSha"
echo "mergedSha=$mergedSha" >> "$GITHUB_ENV"
else
# Skipping so that no notifications are sent
echo "Skipping the rest..."
fi
rm -rf base
- uses: actions/checkout@<VERSION>
# Add this to _all_ subsequent steps to skip them
if: env.mergedSha
if: needs.get-merge-commit.outputs.mergedSha
with:
ref: ${{ env.mergedSha }}
ref: ${{ needs.get-merge-commit.outputs.mergedSha }}
- ...
```