Tests aren't ran for PRs
For projects with decent coverage I could just merge these PRs without doing any manual checking out and testing of the branch. When this bot creates the PRs Github actions aren't ran so my tests aren't run automatically. I'm not sure if there is a way around this or if it could be changed to run npm test or something before creating the PRs.
When looking into this I found https://help.github.com/en/actions/reference/events-that-trigger-workflows#triggering-new-workflows-using-a-personal-access-token with info and https://github.com/peter-evans/create-pull-request/blob/master/docs/concepts-guidelines.md#triggering-further-workflow-runs with some info about how to work around this issue.
You can work around this GitHub Actions limitation using deploy keys:
https://docs.github.com/en/developers/overview/managing-deploy-keys#setup-2
Create a deploy key, add the public key to your repo under deploy keys, and then add the private key to your secrets under something like ACTION_DEPLOY_KEY.
I then used the package through npx directly in a normal node action (rather than the actions-package-update action) to get the ssh-agent running in the same place:
jobs:
package-update:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Use Node.js 14
uses: actions/setup-node@v1
with:
node-version: 14
- env:
ACTION_DEPLOY_KEY: ${{ secrets.ACTION_DEPLOY_KEY }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
AUTHOR_EMAIL: [email protected]
AUTHOR_NAME: GitHub Actions
EXECUTE: 'true'
LOG_LEVEL: debug
run: |
git remote set-url origin "$(git config --get remote.origin.url | sed 's#http.*com/#[email protected]:#g')"
eval `ssh-agent -t 600 -s`
echo "$ACTION_DEPLOY_KEY" | ssh-add -
mkdir -p ~/.ssh/
ssh-keyscan github.com >> ~/.ssh/known_hosts
npx actions-package-update -u --packageFile package.json --loglevel verbose
ssh-agent -k
It would be nice to have this natively supported in the action though - the agent code could be run inside the Dockerfile command/entrypoint and take the ssh key via an env variable.
Above script by @nihalgonsalves will work but requires two additional steps:
- To prevent fails with
Error: spawn ncu ENOENTerrors, install ncu before running the npx command
npm install npm-check-updates --global
npx actions-package-update -u --packageFile package.json --loglevel info
- Because SSH Deploy Keys will only trigger
on: pushworkflows, also update the workflow file containing your tests for thepackage-updatebranches:
on:
push:
branches:
- main
- package-update/**
pull_request:
branches:
- main