Find a file
Peter Evans 4320041ed3
feat: signed commits (v7) (#3057)
* Add support for signed commits (#3055)

* formatting

* fix eslint and lint errors

* shift setting the base to before the push

* sign commits by default for testing

* add debug lines

* read to buffer not string and use non-legacy method to base64

* debug payload without contents

* disable linter for debug code

* fix filepath when using path input

* try to fix head repo

* remove commented code

* Try refactor of file changes

* add tests for building file changes

* add build file changes test for binary files

* refactor graphql code into github helper class

* build file changes even when there is no diff

* add function to get commit detail

* fix format

* build branch commits

* use source mode for deleted files

* try rest api route

* fix check for branch existence

* force push

* try fix base tree

* debug commit verification

* debug commit verification

* fix format and cleanup

* add executable mode file to test

* limit blob creation concurrency

* only build commits when feature enabled

* remove unused code

* update readme link

* update docs for commit signing

* fix capital letter

* update docs

* add throttling

* set default back to false

* output head sha and verified status

* log outputs

* fix head sha output

* default the operation output to none

* output retryafter for secondary rate limit

* use separate client for branch and pull operations

* add maintainer-can-modify input

* rename git-token to branch-token

* fix branch token input

* remove deprecated env output

* update docs

* fix doc

* update docs

* build branch commits when there is a diff with the base

* check verification status of head commit when not known

* fix verified output when no commit signing is being used

* draft always-true

* convert to draft on branch updates when there is a diff with base

* update docs with blob size limit

* catch errors during blob creation for debugging

* parse empty commits

* pass base commit to push signed commits

* use parent commit details in create commit

* use parent tree for base_tree

* multipart tree creation

* update docs

* update readme about the permissions of the default token

* fix edge case where changes are partially merged

* add updating documentation

* fix typo

* update major version

---------

Co-authored-by: Ravi <1299606+rustycl0ck@users.noreply.github.com>
2024-09-03 08:54:12 +01:00
.github ci: separate test suite commands in pr comment 2024-08-14 14:00:39 -07:00
__test__ feat: signed commits (v7) (#3057) 2024-09-03 08:54:12 +01:00
dist feat: signed commits (v7) (#3057) 2024-09-03 08:54:12 +01:00
docs feat: signed commits (v7) (#3057) 2024-09-03 08:54:12 +01:00
src feat: signed commits (v7) (#3057) 2024-09-03 08:54:12 +01:00
.eslintignore Convert to typescript 2020-05-17 18:02:41 +09:00
.eslintrc.json fix: resolving path to module 2021-12-02 11:17:26 +09:00
.gitignore feat: add-paths input (#1010) 2021-12-14 11:23:29 +09:00
.prettierignore Convert to typescript 2020-05-17 18:02:41 +09:00
.prettierrc.json Convert to typescript 2020-05-17 18:02:41 +09:00
action.yml feat: signed commits (v7) (#3057) 2024-09-03 08:54:12 +01:00
jest.config.js Convert to typescript 2020-05-17 18:02:41 +09:00
LICENSE Initial commit 2019-07-16 19:53:24 +09:00
package-lock.json feat: signed commits (v7) (#3057) 2024-09-03 08:54:12 +01:00
package.json feat: signed commits (v7) (#3057) 2024-09-03 08:54:12 +01:00
README.md feat: signed commits (v7) (#3057) 2024-09-03 08:54:12 +01:00
tsconfig.json Convert to typescript 2020-05-17 18:02:41 +09:00

Create Pull Request

CI GitHub Marketplace

A GitHub action to create a pull request for changes to your repository in the actions workspace.

Changes to a repository in the Actions workspace persist between steps in a workflow. This action is designed to be used in conjunction with other steps that modify or add files to your repository. The changes will be automatically committed to a new branch and a pull request created.

Create Pull Request action will:

  1. Check for repository changes in the Actions workspace. This includes:
    • untracked (new) files
    • tracked (modified) files
    • commits made during the workflow that have not been pushed
  2. Commit all changes to a new branch, or update an existing pull request branch.
  3. Create a pull request to merge the new branch into the base—the branch checked out in the workflow.

Documentation

Usage

      - uses: actions/checkout@v4

      # Make changes to pull request here

      - name: Create Pull Request
        uses: peter-evans/create-pull-request@v7

You can also pin to a specific release version in the format @v7.x.x

Workflow permissions

For this action to work you must explicitly allow GitHub Actions to create pull requests. This setting can be found in a repository's settings under Actions > General > Workflow permissions.

For repositories belonging to an organization, this setting can be managed by admins in organization settings under Actions > General > Workflow permissions.

Action inputs

All inputs are optional. If not set, sensible defaults will be used.

Name Description Default
token The token that the action will use to create and update the pull request. See token. GITHUB_TOKEN
branch-token The token that the action will use to create and update the branch. See branch-token. Defaults to the value of token
path Relative path under GITHUB_WORKSPACE to the repository. GITHUB_WORKSPACE
add-paths A comma or newline-separated list of file paths to commit. Paths should follow git's pathspec syntax. If no paths are specified, all new and modified files are added. See Add specific paths.
commit-message The message to use when committing changes. See commit-message. [create-pull-request] automated change
committer The committer name and email address in the format Display Name <email@address.com>. Defaults to the GitHub Actions bot user on github.com. github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
author The author name and email address in the format Display Name <email@address.com>. Defaults to the user who triggered the workflow run. ${{ github.actor }} <${{ github.actor_id }}+${{ github.actor }}@users.noreply.github.com>
signoff Add Signed-off-by line by the committer at the end of the commit log message. false
branch The pull request branch name. create-pull-request/patch
delete-branch Delete the branch if it doesn't have an active pull request associated with it. See delete-branch. false
branch-suffix The branch suffix type when using the alternative branching strategy. Valid values are random, timestamp and short-commit-hash. See Alternative strategy for details.
base Sets the pull request base branch. Defaults to the branch checked out in the workflow.
push-to-fork A fork of the checked-out parent repository to which the pull request branch will be pushed. e.g. owner/repo-fork. The pull request will be created to merge the fork's branch into the parent's base. See push pull request branches to a fork for details.
sign-commits Sign commits as github-actions[bot] when using GITHUB_TOKEN, or your own bot when using GitHub App tokens. See commit signing for details. false
title The title of the pull request. Changes by create-pull-request action
body The body of the pull request. Automated changes by [create-pull-request](https://github.com/peter-evans/create-pull-request) GitHub action
body-path The path to a file containing the pull request body. Takes precedence over body.
labels A comma or newline-separated list of labels.
assignees A comma or newline-separated list of assignees (GitHub usernames).
reviewers A comma or newline-separated list of reviewers (GitHub usernames) to request a review from.
team-reviewers A comma or newline-separated list of GitHub teams to request a review from. Note that a repo scoped PAT, or equivalent GitHub App permissions, are required.
milestone The number of the milestone to associate this pull request with.
draft Create a draft pull request. Valid values are true (only on create), always-true (on create and update), and false. false
maintainer-can-modify Indicates whether maintainers can modify the pull request. true

token

The token input defaults to the repository's GITHUB_TOKEN.

Important

  • If you want pull requests created by this action to trigger an on: push or on: pull_request workflow then you cannot use the default GITHUB_TOKEN. See the documentation here for further details.
  • If using the repository's GITHUB_TOKEN and your repository was created after 2nd February 2023, the default permission is read-only. Elevate the permissions in your workflow.
    permissions:
      contents: write
      pull-requests: write
    

Other token options:

Tip

If pull requests could contain changes to Actions workflows you may also need the workflows scope.

branch-token

The action first creates a branch, and then creates a pull request for the branch. For some rare use cases it can be useful, or even neccessary, to use different tokens for these operations. It is not advisable to use this input unless you know you need to.

commit-message

In addition to a message, the commit-message input can also be used to populate the commit description. Leave a single blank line between the message and description.

          commit-message: |
            the first line is the commit message

            the commit description starts
            after a blank line and can be
            multiple lines            

delete-branch

The delete-branch feature doesn't delete branches immediately on merge. (It can't do that because it would require the merge to somehow trigger the action.) The intention of the feature is that when the action next runs it will delete the branch if there is no diff.

Enabling this feature leads to the following behaviour:

  1. If a pull request was merged and the branch is left undeleted, when the action next runs it will delete the branch if there is no further diff.
  2. If a pull request is open, but there is now no longer a diff and the PR is unnecessary, the action will delete the branch causing the PR to close.

If you want branches to be deleted immediately on merge then you should use GitHub's Automatically delete head branches feature in your repository settings.

Proxy support

For self-hosted runners behind a corporate proxy set the https_proxy environment variable.

      - name: Create Pull Request
        uses: peter-evans/create-pull-request@v7
        env:
          https_proxy: http://<proxy_address>:<port>

Action outputs

The following outputs can be used by subsequent workflow steps.

  • pull-request-number - The pull request number.
  • pull-request-url - The URL of the pull request.
  • pull-request-operation - The pull request operation performed by the action, created, updated, closed or none.
  • pull-request-head-sha - The commit SHA of the pull request branch.
  • pull-request-branch - The branch name of the pull request.
  • pull-request-commits-verified - Whether GitHub considers the signature of the branch's commits to be verified; true or false.

Step outputs can be accessed as in the following example. Note that in order to read the step outputs the action step must have an id.

      - name: Create Pull Request
        id: cpr
        uses: peter-evans/create-pull-request@v7
      - name: Check outputs
        if: ${{ steps.cpr.outputs.pull-request-number }}
        run: |
          echo "Pull Request Number - ${{ steps.cpr.outputs.pull-request-number }}"
          echo "Pull Request URL - ${{ steps.cpr.outputs.pull-request-url }}"          

Action behaviour

The default behaviour of the action is to create a pull request that will be continually updated with new changes until it is merged or closed. Changes are committed and pushed to a fixed-name branch, the name of which can be configured with the branch input. Any subsequent changes will be committed to the same branch and reflected in the open pull request.

How the action behaves:

  • If there are changes (i.e. a diff exists with the checked-out base branch), the changes will be pushed to a new branch and a pull request created.
  • If there are no changes (i.e. no diff exists with the checked-out base branch), no pull request will be created and the action exits silently.
  • If a pull request already exists it will be updated if necessary. Local changes in the Actions workspace, or changes on the base branch, can cause an update. If no update is required the action exits silently.
  • If a pull request exists and new changes on the base branch make the pull request unnecessary (i.e. there is no longer a diff between the pull request branch and the base), the pull request is automatically closed. Additionally, if delete-branch is set to true the branch will be deleted.

For further details about how the action works and usage guidelines, see Concepts, guidelines and advanced usage.

Alternative strategy - Always create a new pull request branch

For some use cases it may be desirable to always create a new unique branch each time there are changes to be committed. This strategy is not recommended because if not used carefully it could result in multiple pull requests being created unnecessarily. If in doubt, use the default strategy of creating an updating a fixed-name branch.

To use this strategy, set input branch-suffix with one of the following options.

  • random - Commits will be made to a branch suffixed with a random alpha-numeric string. e.g. create-pull-request/patch-6qj97jr, create-pull-request/patch-5jrjhvd

  • timestamp - Commits will be made to a branch suffixed by a timestamp. e.g. create-pull-request/patch-1569322532, create-pull-request/patch-1569322552

  • short-commit-hash - Commits will be made to a branch suffixed with the short SHA1 commit hash. e.g. create-pull-request/patch-fcdfb59, create-pull-request/patch-394710b

Controlling committed files

The action defaults to adding all new and modified files. If there are files that should not be included in the pull request, you can use the following methods to control the committed content.

Remove files

The most straightforward way to handle unwanted files is simply to remove them in a step before the action runs.

      - run: |
          rm -rf temp-dir
          rm temp-file.txt          

Ignore files

If there are files or directories you want to ignore you can simply add them to a .gitignore file at the root of your repository. The action will respect this file.

Add specific paths

You can control which files are committed with the add-paths input. Paths should follow git's pathspec syntax. File changes that do not match one of the paths will be stashed and restored after the action has completed.

      - name: Create Pull Request
        uses: peter-evans/create-pull-request@v7
        with:
          add-paths: |
            *.java
            docs/*.md            

Create your own commits

As well as relying on the action to handle uncommitted changes, you can additionally make your own commits before the action runs. Note that the repository must be checked out on a branch with a remote, it won't work for events which checkout a commit.

    steps:
      - uses: actions/checkout@v4
      - name: Create commits
        run: |
          git config user.name 'Peter Evans'
          git config user.email 'peter-evans@users.noreply.github.com'
          date +%s > report.txt
          git commit -am "Modify tracked file during workflow"
          date +%s > new-report.txt
          git add -A
          git commit -m "Add untracked file during workflow"          
      - name: Uncommitted change
        run: date +%s > report.txt
      - name: Create Pull Request
        uses: peter-evans/create-pull-request@v7

Create a project card

To create a project card for the pull request, pass the pull-request-number step output to create-or-update-project-card action.

      - name: Create Pull Request
        id: cpr
        uses: peter-evans/create-pull-request@v7

      - name: Create or Update Project Card
        if: ${{ steps.cpr.outputs.pull-request-number }}
        uses: peter-evans/create-or-update-project-card@v2
        with:
          project-name: My project
          column-name: My column
          issue-number: ${{ steps.cpr.outputs.pull-request-number }}

Auto-merge

Auto-merge can be enabled on a pull request allowing it to be automatically merged once requirements have been satisfied. See enable-pull-request-automerge action for usage details.

Reference Example

The following workflow sets many of the action's inputs for reference purposes. Check the defaults to avoid setting inputs unnecessarily.

See examples for more realistic use cases.

jobs:
  createPullRequest:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4

      - name: Make changes to pull request
        run: date +%s > report.txt

      - name: Create Pull Request
        id: cpr
        uses: peter-evans/create-pull-request@v7
        with:
          token: ${{ secrets.PAT }}
          commit-message: Update report
          committer: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
          author: ${{ github.actor }} <${{ github.actor_id }}+${{ github.actor }}@users.noreply.github.com>
          signoff: false
          branch: example-patches
          delete-branch: true
          title: '[Example] Update report'
          body: |
            Update report
            - Updated with *today's* date
            - Auto-generated by [create-pull-request][1]

            [1]: https://github.com/peter-evans/create-pull-request            
          labels: |
            report
            automated pr            
          assignees: peter-evans
          reviewers: peter-evans
          team-reviewers: |
            developers
            qa-team            
          milestone: 1
          draft: false

An example based on the above reference configuration creates pull requests that look like this:

Pull Request Example

License

MIT