Skip to content

Switch to unclog for the changelog. #2123

Switch to unclog for the changelog.

Switch to unclog for the changelog. #2123

Workflow file for this run

name: 'changelog'
on:
pull_request:
types:
- opened
- synchronize
- reopened
- ready_for_review
- labeled
- unlabeled
permissions:
contents: write
jobs:
changelog:
runs-on: ubuntu-latest
if: contains(github.event.pull_request.labels.*.name, 'dependencies')
steps:
- uses: actions/checkout@v4
with:
# Depending on your needs, you can use a token that will re-trigger workflows
# See https://github.com/stefanzweifel/git-auto-commit-action#commits-made-by-this-action-do-not-trigger-new-workflow-runs
token: ${{ secrets.BOT_CPR_PAT }}
# All commits must be signed, import key and sign commit of updated change log.
- name: Import GPG key
id: import_gpg
uses: crazy-max/ghaction-import-gpg@v6
with:
# Use a key associated with the provenanceio-bot github account.
gpg_private_key: ${{ secrets.BOT_GPG_PRIVATE_KEY }}
passphrase: ${{ secrets.BOT_GPG_PRIVATE_KEY_PW }}
git_user_signingkey: true
git_commit_gpgsign: true
- name: Generate entry
env:
# Getting the title directly in the run script opens an injection vulnerability.
# Using an env var for it (like this) prevents that vulnerability.
PR_TITLE: ${{ github.event.pull_request.title }}
PR_NUM: ${{ github.event.number }}
run: \
sudo apt update && sudo apt install git
git fetch origin "$GITHUB_BASE_REF" --depth 1
./scripts/dependabot-changelog.sh \
--verbose \
--pr "$PR_NUM" \
--title "$PR_TITLE" \
--head-branch "$GITHUB_HEAD_REF" \
--target-branch "$GITHUB_BASE_REF"
# This step is required for committing the changes to your branch.
# See https://github.com/stefanzweifel/git-auto-commit-action#commits-made-by-this-action-do-not-trigger-new-workflow-runs
- uses: stefanzweifel/git-auto-commit-action@v5
with:
commit_user_name: "Provenance-io Bot"
commit_user_email: "[email protected]"
commit_options: "-S"
commit_message: "Updated Changelog"