github-actions icon indicating copy to clipboard operation
github-actions copied to clipboard
verified publisher icon fastlane

Change `communicate-on-pull-requets-merged` GitHub Action to be executed on `push` event

Open mollyIV opened this issue 5 years ago • 2 comments

Description

The communicate-on-pull-request-merged GitHub Action fails in most cases due to:

##[error]Input required and not supplied: repo-token
##[error]Docker run failed with exit code 1

It turns out that when a user opens a pull request on the base project from a fork, no secrets are provided to the workflow. According to the GitHub Actions documentation:

With the exception of GITHUB_TOKEN, secrets are not passed to the runner when a workflow is triggered from a forked repository.

Workaround

As a workaround, to being able to use the secrets in a workflow, we can use a push event to trigger the workflow. In the action itself, we can parse the detailed information about the push 💡

Testing

A workflow file used for a manual testing:

name: Processing pull requests
on: 
  push:
    branches: master

jobs:   
  communicate-on-pull-request-merged:
    name: communicate on pull request merged
    runs-on: ubuntu-latest    
    steps:
      - name: Git checkout
        uses: actions/checkout@master
        with:
          ref: refs/heads/master
      
      - name: Communicate on PR merged
        uses: mollyIV/github-actions/communicate-on-pull-request-merged@change-the-coprm-action-to-be-executed-on-push-event
        with:
          repo-token: ${{ secrets.BOT_GITHUB_TOKEN }}
          pr-label-to-add: 'status: included-in-next-release'
          pr-label-to-remove: 'status: needs-attention'
Screen Shot 2020-01-12 at 21 07 11

The bot is set to my private account, that's why you see the comments from the author.

The unit tests have been updated too.

🎊 🎊

mollyIV avatar Jan 12 '20 13:01 mollyIV

Hey @joshdholtz 👋

Would it be easier if we just rename the secret to GITHUB_TOKEN in our secrets? 🤔

According to the documentation:

GitHub automatically creates a GITHUB_TOKEN secret to use in your workflow. You can use the GITHUB_TOKEN to authenticate in a workflow run.

Taking that into account, I tried to add GITHUB_TOKEN to the secrets on my private repo, where the GitHub Actions are enabled:

Screen Shot 2020-01-28 at 07 35 50

💣 💥

If we were able to override GITHUB_TOKEN via our env variable in secrets, the benefit would be not adding repo-token: ${{ secrets.BOT_GITHUB_TOKEN }} to the action in a workflow file. However I do not think it bothers us 👍

mollyIV avatar Jan 28 '20 06:01 mollyIV

Hey @joshdholtz 👋

Did you get a chance to have a look at these changes? 😊

mollyIV avatar Apr 18 '20 09:04 mollyIV