Use GitHub app for scorecard #26
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: update-docs | |
on: | |
push: | |
branches: [ main ] | |
paths-ignore: | |
- '**/*.md' | |
workflow_dispatch: | |
permissions: {} | |
jobs: | |
update-docs: | |
runs-on: ubuntu-latest | |
concurrency: | |
group: ${{ github.workflow }} | |
steps: | |
- name: Generate GitHub application token | |
id: generate-application-token | |
uses: peter-murray/workflow-application-token-action@8e1ba3bf1619726336414f1014e37f17fbadf1db # v2.1.0 | |
with: | |
application_id: ${{ secrets.UPDATER_APPLICATION_ID }} | |
application_private_key: ${{ secrets.UPDATER_APPLICATION_PRIVATE_KEY }} | |
permissions: "contents:write, pull_requests:write" | |
- name: Checkout code | |
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | |
with: | |
token: ${{ steps.generate-application-token.outputs.token }} | |
- name: Setup .NET SDK | |
uses: actions/setup-dotnet@3447fd6a9f9e57506b15f895c5b76d3b197dc7c2 # v3.2.0 | |
- name: Update documentation | |
id: update-docs | |
shell: pwsh | |
env: | |
DOTNET_CLI_TELEMETRY_OPTOUT: true | |
DOTNET_SKIP_FIRST_TIME_EXPERIENCE: true | |
run: | | |
$ErrorActionPreference = "Stop" | |
$ProgressPreference = "SilentlyContinue" | |
dotnet tool restore | |
dotnet mdsnippets "$env:GITHUB_WORKSPACE" --exclude-directories ./artifacts | |
if ($LASTEXITCODE -ne 0) { | |
Write-Host "Failed to update documentation." | |
exit 1 | |
} | |
$gitStatus = (git status --porcelain) | |
if ([string]::IsNullOrEmpty($gitStatus)) { | |
Write-Host "No changes to commit." | |
exit 0 | |
} | |
$branchName = "update-docs/$($env:GITHUB_SHA)" | |
git config user.email "${{ vars.UPDATER_COMMIT_USER_EMAIL }}" | Out-Null | |
git config user.name "${{ vars.UPDATER_COMMIT_USER_NAME }}" | Out-Null | |
git remote set-url "${{ github.server_url }}/${{ github.repository }}.git" | Out-Null | |
git fetch origin | Out-Null | |
git rev-parse --verify --quiet "remotes/origin/$branchName" | Out-Null | |
if ($LASTEXITCODE -eq 0) { | |
Write-Host "Branch $branchName already exists." | |
exit 0 | |
} | |
git checkout -b $BranchName | |
git add . | |
git commit -m "Update documentation`n`nUpdate examples in documentation." -s | |
git push -u origin $branchName | |
"branchName=$branchName" >> $env:GITHUB_OUTPUT | |
"updated-docs=true" >> $env:GITHUB_OUTPUT | |
- name: Create pull request | |
uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410 # v6.4.1 | |
if: steps.update-docs.outputs.updated-docs == 'true' | |
env: | |
BRANCH_NAME: ${{ steps.update-docs.outputs.branchName }} | |
with: | |
github-token: ${{ steps.generate-application-token.outputs.token }} | |
script: | | |
const { repo, owner } = context.repo; | |
const workflowUrl = `${process.env.GITHUB_SERVER_URL}/${owner}/${repo}/actions/runs/${process.env.GITHUB_RUN_ID}`; | |
await github.rest.pulls.create({ | |
title: 'Update documentation', | |
owner, | |
repo, | |
head: process.env.BRANCH_NAME, | |
base: 'main', | |
body: [ | |
'Update examples in documentation.', | |
'', | |
`This pull request was generated by [GitHub Actions](${workflowUrl}).` | |
].join('\n') | |
}); |