From 4a94b8ecf99db6f4629d6c68206e4d425d4a2822 Mon Sep 17 00:00:00 2001 From: Sam Lanning Date: Sun, 25 Aug 2024 13:26:41 +0100 Subject: [PATCH 01/13] Create tags on GitHub using API To allow for signed tags to be created, rather than use the git CLI to push tags, manually push each tag using the GitHub API, which will sign the tag using the built-in GitHub GPG key. --- src/gitUtils.ts | 4 ---- src/run.ts | 34 ++++++++++++++++++++++------------ 2 files changed, 22 insertions(+), 16 deletions(-) diff --git a/src/gitUtils.ts b/src/gitUtils.ts index b15151ab..b7ed3256 100644 --- a/src/gitUtils.ts +++ b/src/gitUtils.ts @@ -29,10 +29,6 @@ export const push = async ( ); }; -export const pushTags = async () => { - await exec("git", ["push", "origin", "--tags"]); -}; - export const switchToMaybeExistingBranch = async (branch: string) => { let { stderr } = await getExecOutput("git", ["checkout", branch], { ignoreReturnCode: true, diff --git a/src/run.ts b/src/run.ts index 326b9618..f8ab931e 100644 --- a/src/run.ts +++ b/src/run.ts @@ -130,8 +130,6 @@ export async function runPublish({ { cwd } ); - await gitUtils.pushTags(); - let { packages, tool } = await getPackages(cwd); let releasedPackages: Package[] = []; @@ -157,12 +155,19 @@ export async function runPublish({ if (createGithubReleases) { await Promise.all( - releasedPackages.map((pkg) => - createRelease(octokit, { - pkg, - tagName: `${pkg.packageJson.name}@${pkg.packageJson.version}`, - }) - ) + releasedPackages.map(async (pkg) => { + const tagName = `${pkg.packageJson.name}@${pkg.packageJson.version}`; + // Tag will only be created locally, + // Create it using the GitHub API so it's signed. + await octokit.rest.git.createRef({ + ...github.context.repo, + ref: `refs/tags/${tagName}`, + sha: github.context.sha, + }); + if (createGithubReleases) { + await createRelease(octokit, { pkg, tagName }); + } + }) ); } } else { @@ -180,11 +185,16 @@ export async function runPublish({ if (match) { releasedPackages.push(pkg); + const tagName = `v${pkg.packageJson.version}`; + // Tag will only be created locally, + // Create it using the GitHub API so it's signed. + await octokit.rest.git.createRef({ + ...github.context.repo, + ref: `refs/tags/${tagName}`, + sha: github.context.sha, + }); if (createGithubReleases) { - await createRelease(octokit, { - pkg, - tagName: `v${pkg.packageJson.version}`, - }); + await createRelease(octokit, { pkg, tagName }); } break; } From 9ae1eeaf52dbc3a71b7795af35312ec98d7df559 Mon Sep 17 00:00:00 2001 From: Sam Lanning Date: Sun, 25 Aug 2024 14:25:50 +0100 Subject: [PATCH 02/13] Use ghcommit to push changes To allow for all commits to be signed, use the GitHub API to push changes. --- package.json | 17 ++++--- src/gitUtils.ts | 47 +----------------- src/run.test.ts | 1 + src/run.ts | 33 ++++++++----- tsconfig.json | 2 +- yarn.lock | 128 +++++++++++++++++++++++++++++++++++++++++++++++- 6 files changed, 159 insertions(+), 69 deletions(-) diff --git a/package.json b/package.json index 44c5af07..8b829387 100644 --- a/package.json +++ b/package.json @@ -4,23 +4,23 @@ "main": "dist/index.js", "license": "MIT", "devDependencies": { - "@changesets/changelog-github": "^0.4.2", - "@changesets/cli": "^2.20.0", - "@changesets/write": "^0.1.6", - "@vercel/ncc": "^0.36.1", - "fixturez": "^1.1.0", - "prettier": "^2.0.5", - "typescript": "^5.0.4", "@babel/core": "^7.13.10", "@babel/preset-env": "^7.13.10", "@babel/preset-typescript": "^7.13.0", + "@changesets/changelog-github": "^0.4.2", + "@changesets/cli": "^2.20.0", + "@changesets/write": "^0.1.6", "@types/fs-extra": "^8.0.0", "@types/jest": "^29.5.1", "@types/node": "^20.11.17", "@types/semver": "^7.5.0", + "@vercel/ncc": "^0.36.1", "babel-jest": "^29.5.0", + "fixturez": "^1.1.0", "husky": "^3.0.3", - "jest": "^29.5.0" + "jest": "^29.5.0", + "prettier": "^2.0.5", + "typescript": "^5.0.4" }, "scripts": { "build": "ncc build src/index.ts -o dist --transpile-only --minify", @@ -41,6 +41,7 @@ "@changesets/read": "^0.5.3", "@manypkg/get-packages": "^1.1.3", "@octokit/plugin-throttling": "^5.2.1", + "@s0/ghcommit": "^1.1.0", "fs-extra": "^8.1.0", "mdast-util-to-string": "^1.0.6", "remark-parse": "^7.0.1", diff --git a/src/gitUtils.ts b/src/gitUtils.ts index b7ed3256..16d9bf21 100644 --- a/src/gitUtils.ts +++ b/src/gitUtils.ts @@ -11,49 +11,4 @@ export const setupUser = async () => { "user.email", `"github-actions[bot]@users.noreply.github.com"`, ]); -}; - -export const pullBranch = async (branch: string) => { - await exec("git", ["pull", "origin", branch]); -}; - -export const push = async ( - branch: string, - { force }: { force?: boolean } = {} -) => { - await exec( - "git", - ["push", "origin", `HEAD:${branch}`, force && "--force"].filter( - Boolean as any - ) - ); -}; - -export const switchToMaybeExistingBranch = async (branch: string) => { - let { stderr } = await getExecOutput("git", ["checkout", branch], { - ignoreReturnCode: true, - }); - let isCreatingBranch = !stderr - .toString() - .includes(`Switched to a new branch '${branch}'`); - if (isCreatingBranch) { - await exec("git", ["checkout", "-b", branch]); - } -}; - -export const reset = async ( - pathSpec: string, - mode: "hard" | "soft" | "mixed" = "hard" -) => { - await exec("git", ["reset", `--${mode}`, pathSpec]); -}; - -export const commitAll = async (message: string) => { - await exec("git", ["add", "."]); - await exec("git", ["commit", "-m", message]); -}; - -export const checkIfClean = async (): Promise => { - const { stdout } = await getExecOutput("git", ["status", "--porcelain"]); - return !stdout.length; -}; +}; \ No newline at end of file diff --git a/src/run.test.ts b/src/run.test.ts index 15d2e096..7b06a4ce 100644 --- a/src/run.test.ts +++ b/src/run.test.ts @@ -31,6 +31,7 @@ jest.mock("@actions/github/lib/utils", () => ({ getOctokitOptions: jest.fn(), })); jest.mock("./gitUtils"); +jest.mock("@s0/ghcommit/git"); let mockedGithubMethods = { pulls: { diff --git a/src/run.ts b/src/run.ts index f8ab931e..46baf92f 100644 --- a/src/run.ts +++ b/src/run.ts @@ -17,6 +17,7 @@ import * as gitUtils from "./gitUtils"; import readChangesetState from "./readChangesetState"; import resolveFrom from "resolve-from"; import { throttling } from "@octokit/plugin-throttling"; +import { commitChangesFromRepo } from "@s0/ghcommit/git"; // GitHub Issues/PRs messages have a max size limit on the // message body payload. @@ -334,9 +335,6 @@ export async function runVersion({ let { preState } = await readChangesetState(cwd); - await gitUtils.switchToMaybeExistingBranch(versionBranch); - await gitUtils.reset(github.context.sha); - let versionsByDirectory = await getVersionsByDirectory(cwd); if (script) { @@ -377,16 +375,25 @@ export async function runVersion({ ); const finalPrTitle = `${prTitle}${!!preState ? ` (${preState.tag})` : ""}`; - - // project with `commit: true` setting could have already committed files - if (!(await gitUtils.checkIfClean())) { - const finalCommitMessage = `${commitMessage}${ - !!preState ? ` (${preState.tag})` : "" - }`; - await gitUtils.commitAll(finalCommitMessage); - } - - await gitUtils.push(versionBranch, { force: true }); + const finalCommitMessage = `${commitMessage}${ + !!preState ? ` (${preState.tag})` : "" + }`; + + await commitChangesFromRepo({ + octokit, + owner: github.context.repo.owner, + repository: github.context.repo.repo, + branch: versionBranch, + // TODO: switch this to use direct string input when supported + message: { + headline: finalCommitMessage.split("\n", 2)[0].trim(), + body: finalCommitMessage.split("\n", 2)[1]?.trim(), + }, + base: { + commit: github.context.sha, + }, + force: true, + }); let existingPullRequests = await existingPullRequestsPromise; core.info(JSON.stringify(existingPullRequests.data, null, 2)); diff --git a/tsconfig.json b/tsconfig.json index b4669823..fbffb3e1 100644 --- a/tsconfig.json +++ b/tsconfig.json @@ -39,7 +39,7 @@ // "noFallthroughCasesInSwitch": true, /* Report errors for fallthrough cases in switch statement. */ /* Module Resolution Options */ - // "moduleResolution": "node", /* Specify module resolution strategy: 'node' (Node.js) or 'classic' (TypeScript pre-1.6). */ + "moduleResolution": "nodenext", /* Specify module resolution strategy: 'node' (Node.js) or 'classic' (TypeScript pre-1.6). */ // "baseUrl": "./", /* Base directory to resolve non-absolute module names. */ // "paths": {}, /* A series of entries which re-map imports to lookup locations relative to the 'baseUrl'. */ // "rootDirs": [], /* List of root folders whose combined content represents the structure of the project at runtime. */ diff --git a/yarn.lock b/yarn.lock index 06c45b9a..b84975a8 100644 --- a/yarn.lock +++ b/yarn.lock @@ -1618,6 +1618,13 @@ dependencies: "@octokit/openapi-types" "^17.2.0" +"@s0/ghcommit@^1.1.0": + version "1.1.0" + resolved "https://registry.yarnpkg.com/@s0/ghcommit/-/ghcommit-1.1.0.tgz#789858feb3a9e9a799a6ce7abada988cd925c21f" + integrity sha512-1jEUzrfa9QvEdCaFicv2oc5ep9zFG4HE60vU48dIp+W1JzeOmPHOxNt9y5rE5TvXzTGAdLpoCvPnRrR6jCwFyw== + dependencies: + isomorphic-git "^1.27.1" + "@sinclair/typebox@^0.25.16": version "0.25.24" resolved "https://registry.yarnpkg.com/@sinclair/typebox/-/typebox-0.25.24.tgz#8c7688559979f7079aacaf31aa881c3aa410b718" @@ -1878,6 +1885,11 @@ arrify@^1.0.1: resolved "https://registry.yarnpkg.com/arrify/-/arrify-1.0.1.tgz#898508da2226f380df904728456849c1501a4b0d" integrity sha512-3CYzex9M9FGQjCGMGyi6/31c8GJbgb0qGyrx5HWxPd0aCwh4cB2YjMb2Xf9UuoogrMrlO9cTqnB5rI5GHZTcUA== +async-lock@^1.4.1: + version "1.4.1" + resolved "https://registry.yarnpkg.com/async-lock/-/async-lock-1.4.1.tgz#56b8718915a9b68b10fce2f2a9a3dddf765ef53f" + integrity sha512-Az2ZTpuytrtqENulXwO3GGv1Bztugx6TT37NIo7imr/Qo0gsYiGtSdBa2B6fsXhTpVZDNfu1Qn3pk531e3q+nQ== + available-typed-arrays@^1.0.5: version "1.0.5" resolved "https://registry.yarnpkg.com/available-typed-arrays/-/available-typed-arrays-1.0.5.tgz#92f95616501069d07d10edb2fc37d3e1c65123b7" @@ -2161,6 +2173,11 @@ cjs-module-lexer@^1.0.0: resolved "https://registry.yarnpkg.com/cjs-module-lexer/-/cjs-module-lexer-1.2.2.tgz#9f84ba3244a512f3a54e5277e8eef4c489864e40" integrity sha512-cOU9usZw8/dXIXKtwa8pM0OTJQuJkxMN6w30csNRUerHfeQ5R6U3kkU/FtJeIf3M202OHfY2U8ccInBG7/xogA== +clean-git-ref@^2.0.1: + version "2.0.1" + resolved "https://registry.yarnpkg.com/clean-git-ref/-/clean-git-ref-2.0.1.tgz#dcc0ca093b90e527e67adb5a5e55b1af6816dcd9" + integrity sha512-bLSptAy2P0s6hU4PzuIMKmMJJSE6gLXGH1cntDu7bWJUksvuM+7ReOK61mozULErYvP6a15rnYl0zFDef+pyPw== + cliui@^6.0.0: version "6.0.0" resolved "https://registry.yarnpkg.com/cliui/-/cliui-6.0.0.tgz#511d702c0c4e41ca156d7d0e96021f23e13225b1" @@ -2255,6 +2272,11 @@ cosmiconfig@^5.2.1: js-yaml "^3.13.1" parse-json "^4.0.0" +crc-32@^1.2.0: + version "1.2.2" + resolved "https://registry.yarnpkg.com/crc-32/-/crc-32-1.2.2.tgz#3cad35a934b8bf71f25ca524b6da51fb7eace2ff" + integrity sha512-ROmzCKrTnOwybPcJApAA6WBWij23HVfGVNKqqrZpuyZOHqK2CwHSvpGuyt/UNNvaIjEd8X5IFGp4Mh+Ie1IHJQ== + cross-spawn@^5.1.0: version "5.1.0" resolved "https://registry.yarnpkg.com/cross-spawn/-/cross-spawn-5.1.0.tgz#e8bd0efee58fcff6f8f94510a0a554bbfa235449" @@ -2339,6 +2361,13 @@ decamelize@^1.1.0, decamelize@^1.2.0: resolved "https://registry.yarnpkg.com/decamelize/-/decamelize-1.2.0.tgz#f6534d15148269b20352e7bee26f501f9a191290" integrity sha512-z2S+W9X73hAUUki+N+9Za2lBlun89zigOyGrsax+KUQ6wKW4ZoWpEYBkGhQjwAjjDCkWxhY0VKEhk8wzY7F5cA== +decompress-response@^6.0.0: + version "6.0.0" + resolved "https://registry.yarnpkg.com/decompress-response/-/decompress-response-6.0.0.tgz#ca387612ddb7e104bd16d85aab00d5ecf09c66fc" + integrity sha512-aW35yZM6Bb/4oJlZncMH2LCoZtJXTRxES17vE3hoRiowU2kWHaJKFkSBDnDR+cm9J+9QhXmREyIfv0pji9ejCQ== + dependencies: + mimic-response "^3.1.0" + dedent@^0.7.0: version "0.7.0" resolved "https://registry.yarnpkg.com/dedent/-/dedent-0.7.0.tgz#2495ddbaf6eb874abb0e1be9df22d2e5a544326c" @@ -2384,6 +2413,11 @@ diff-sequences@^29.4.3: resolved "https://registry.yarnpkg.com/diff-sequences/-/diff-sequences-29.4.3.tgz#9314bc1fabe09267ffeca9cbafc457d8499a13f2" integrity sha512-ofrBgwpPhCD85kMKtE9RYFFq6OC1A89oW2vvgWZNCwxrUpRUILopY7lsYyMDSjc8g6U6aiO0Qubg6r4Wgt5ZnA== +diff3@0.0.3: + version "0.0.3" + resolved "https://registry.yarnpkg.com/diff3/-/diff3-0.0.3.tgz#d4e5c3a4cdf4e5fe1211ab42e693fcb4321580fc" + integrity sha512-iSq8ngPOt0K53A6eVr4d5Kn6GNrM2nQZtC740pzIriHtn4pOQ2lyzEXQMBeVcWERN0ye7fhBsk9PbLLQOnUx/g== + dir-glob@^2.0.0: version "2.2.2" resolved "https://registry.yarnpkg.com/dir-glob/-/dir-glob-2.2.2.tgz#fa09f0694153c8918b18ba0deafae94769fc50c4" @@ -2949,6 +2983,11 @@ ignore@^3.3.5: resolved "https://registry.yarnpkg.com/ignore/-/ignore-3.3.10.tgz#0a97fb876986e8081c631160f8f9f389157f0043" integrity sha512-Pgs951kaMm5GXP7MOvxERINe3gsaVjUWFm+UZPSq9xYriQAksyhg0csnS0KXSNRD5NmNdapXEpjxG49+AKh/ug== +ignore@^5.1.4: + version "5.3.2" + resolved "https://registry.yarnpkg.com/ignore/-/ignore-5.3.2.tgz#3cd40e729f3643fd87cb04e50bf0eb722bc596f5" + integrity sha512-hsBTNUqQTDwkWtcdYI2i06Y/nUBEsNEDJKjWdigLvegy8kDuJAS8uRlpkkcQpyEXL0Z/pjDy5HBmMjRCJ2gq+g== + ignore@^5.2.0: version "5.2.4" resolved "https://registry.yarnpkg.com/ignore/-/ignore-5.2.4.tgz#a291c0c6178ff1b960befe47fcdec301674a6324" @@ -2988,7 +3027,7 @@ inflight@^1.0.4: once "^1.3.0" wrappy "1" -inherits@2, inherits@^2.0.0: +inherits@2, inherits@^2.0.0, inherits@^2.0.1, inherits@^2.0.3: version "2.0.4" resolved "https://registry.yarnpkg.com/inherits/-/inherits-2.0.4.tgz#0fa2c64f932917c3433a0ded55363aae37416b7c" integrity sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ== @@ -3233,6 +3272,23 @@ isexe@^2.0.0: resolved "https://registry.yarnpkg.com/isexe/-/isexe-2.0.0.tgz#e8fbf374dc556ff8947a10dcb0572d633f2cfa10" integrity sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw== +isomorphic-git@^1.27.1: + version "1.27.1" + resolved "https://registry.yarnpkg.com/isomorphic-git/-/isomorphic-git-1.27.1.tgz#a2752fce23a09f04baa590c41cfaf61e973405b3" + integrity sha512-X32ph5zIWfT75QAqW2l3JCIqnx9/GWd17bRRehmn3qmWc34OYbSXY6Cxv0o9bIIY+CWugoN4nQFHNA+2uYf2nA== + dependencies: + async-lock "^1.4.1" + clean-git-ref "^2.0.1" + crc-32 "^1.2.0" + diff3 "0.0.3" + ignore "^5.1.4" + minimisted "^2.0.0" + pako "^1.0.10" + pify "^4.0.1" + readable-stream "^3.4.0" + sha.js "^2.4.9" + simple-get "^4.0.1" + istanbul-lib-coverage@^3.0.0, istanbul-lib-coverage@^3.2.0: version "3.2.0" resolved "https://registry.yarnpkg.com/istanbul-lib-coverage/-/istanbul-lib-coverage-3.2.0.tgz#189e7909d0a39fa5a3dfad5b03f71947770191d3" @@ -3853,6 +3909,11 @@ mimic-fn@^2.1.0: resolved "https://registry.yarnpkg.com/mimic-fn/-/mimic-fn-2.1.0.tgz#7ed2c2ccccaf84d3ffcb7a69b57711fc2083401b" integrity sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg== +mimic-response@^3.1.0: + version "3.1.0" + resolved "https://registry.yarnpkg.com/mimic-response/-/mimic-response-3.1.0.tgz#2d1d59af9c1b129815accc2c46a022a5ce1fa3c9" + integrity sha512-z0yWI+4FDrrweS8Zmt4Ej5HdJmky15+L2e6Wgn3+iK5fWzb6T3fhNFq2+MeTRb064c6Wr4N/wv0DzQTjNzHNGQ== + min-indent@^1.0.0: version "1.0.1" resolved "https://registry.yarnpkg.com/min-indent/-/min-indent-1.0.1.tgz#a63f681673b30571fbe8bc25686ae746eefa9869" @@ -3874,6 +3935,18 @@ minimist-options@^4.0.2: is-plain-obj "^1.1.0" kind-of "^6.0.3" +minimist@^1.2.5: + version "1.2.8" + resolved "https://registry.yarnpkg.com/minimist/-/minimist-1.2.8.tgz#c1a464e7693302e082a075cee0c057741ac4772c" + integrity sha512-2yyAR8qBkN3YuheJanUpWC5U3bb5osDywNB8RzDVlDwDHbocAJveqqj1u8+SVD7jkWT4yvsHCpWqqWqAxb0zCA== + +minimisted@^2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/minimisted/-/minimisted-2.0.1.tgz#d059fb905beecf0774bc3b308468699709805cb1" + integrity sha512-1oPjfuLQa2caorJUM8HV8lGgWCc0qqAO1MNv/k05G4qslmsndV/5WdNZrqCiyqiz3wohia2Ij2B7w2Dr7/IyrA== + dependencies: + minimist "^1.2.5" + mixme@^0.5.1: version "0.5.9" resolved "https://registry.yarnpkg.com/mixme/-/mixme-0.5.9.tgz#a5a58e17354632179ff3ce5b0fc130899c8ba81c" @@ -4039,6 +4112,11 @@ p-try@^2.0.0: resolved "https://registry.yarnpkg.com/p-try/-/p-try-2.2.0.tgz#cb2868540e313d61de58fafbe35ce9004d5540e6" integrity sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ== +pako@^1.0.10: + version "1.0.11" + resolved "https://registry.yarnpkg.com/pako/-/pako-1.0.11.tgz#6c9599d340d54dfd3946380252a35705a6b992bf" + integrity sha512-4hLB8Py4zZce5s4yd9XzopqwVv/yGNhV1Bl8NTmCq1763HeK2+EwVTv+leGeL13Dnh2wfbqowVPXCIO0z4taYw== + parse-entities@^1.0.2, parse-entities@^1.1.0: version "1.2.2" resolved "https://registry.yarnpkg.com/parse-entities/-/parse-entities-1.2.2.tgz#c31bf0f653b6661354f8973559cb86dd1d5edf50" @@ -4244,6 +4322,15 @@ read-yaml-file@^1.1.0: pify "^4.0.1" strip-bom "^3.0.0" +readable-stream@^3.4.0: + version "3.6.2" + resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-3.6.2.tgz#56a9b36ea965c00c5a93ef31eb111a0f11056967" + integrity sha512-9u/sniCrY3D5WdsERHzHE4G2YCXqoG5FTHUiCC4SIbr6XcLZBY05ya9EKjYek9O5xOAwjGq+1JdGBAS7Q9ScoA== + dependencies: + inherits "^2.0.3" + string_decoder "^1.1.1" + util-deprecate "^1.0.1" + redent@^3.0.0: version "3.0.0" resolved "https://registry.yarnpkg.com/redent/-/redent-3.0.0.tgz#e557b7998316bb53c9f1f56fa626352c6963059f" @@ -4408,6 +4495,11 @@ run-parallel@^1.1.9: dependencies: queue-microtask "^1.2.2" +safe-buffer@^5.0.1, safe-buffer@~5.2.0: + version "5.2.1" + resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.2.1.tgz#1eaf9fa9bdb1fdd4ec75f58f9cdb4e6b7827eec6" + integrity sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ== + safe-regex-test@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/safe-regex-test/-/safe-regex-test-1.0.0.tgz#793b874d524eb3640d1873aad03596db2d4f2295" @@ -4456,6 +4548,14 @@ set-blocking@^2.0.0: resolved "https://registry.yarnpkg.com/set-blocking/-/set-blocking-2.0.0.tgz#045f9782d011ae9a6803ddd382b24392b3d890f7" integrity sha512-KiKBS8AnWGEyLzofFfmvKwpdPzqiy16LvQfK3yv/fVH7Bj13/wl3JSR1J+rfgRE9q7xUJK4qvgS8raSOeLUehw== +sha.js@^2.4.9: + version "2.4.11" + resolved "https://registry.yarnpkg.com/sha.js/-/sha.js-2.4.11.tgz#37a5cf0b81ecbc6943de109ba2960d1b26584ae7" + integrity sha512-QMEp5B7cftE7APOjk5Y6xgrbWu+WkLVQwk8JNjZ8nKRciZaByEW6MubieAiToS7+dwvrjGhH8jRXz3MVd0AYqQ== + dependencies: + inherits "^2.0.1" + safe-buffer "^5.0.1" + shebang-command@^1.2.0: version "1.2.0" resolved "https://registry.yarnpkg.com/shebang-command/-/shebang-command-1.2.0.tgz#44aac65b695b03398968c39f363fee5deafdf1ea" @@ -4494,6 +4594,20 @@ signal-exit@^3.0.0, signal-exit@^3.0.2, signal-exit@^3.0.3, signal-exit@^3.0.7: resolved "https://registry.yarnpkg.com/signal-exit/-/signal-exit-3.0.7.tgz#a9a1767f8af84155114eaabd73f99273c8f59ad9" integrity sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ== +simple-concat@^1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/simple-concat/-/simple-concat-1.0.1.tgz#f46976082ba35c2263f1c8ab5edfe26c41c9552f" + integrity sha512-cSFtAPtRhljv69IK0hTVZQ+OfE9nePi/rtJmw5UjHeVyVroEqJXP1sFztKUy1qU+xvz3u/sfYJLa947b7nAN2Q== + +simple-get@^4.0.1: + version "4.0.1" + resolved "https://registry.yarnpkg.com/simple-get/-/simple-get-4.0.1.tgz#4a39db549287c979d352112fa03fd99fd6bc3543" + integrity sha512-brv7p5WgH0jmQJr1ZDDfKDOSeWWg+OVypG99A/5vYGPqJ6pxiaHLy8nxtFjBA7oMa01ebA9gfh1uMCFqOuXxvA== + dependencies: + decompress-response "^6.0.0" + once "^1.3.1" + simple-concat "^1.0.0" + sisteransi@^1.0.5: version "1.0.5" resolved "https://registry.yarnpkg.com/sisteransi/-/sisteransi-1.0.5.tgz#134d681297756437cc05ca01370d3a7a571075ed" @@ -4636,6 +4750,13 @@ string.prototype.trimstart@^1.0.6: define-properties "^1.1.4" es-abstract "^1.20.4" +string_decoder@^1.1.1: + version "1.3.0" + resolved "https://registry.yarnpkg.com/string_decoder/-/string_decoder-1.3.0.tgz#42f114594a46cf1a8e30b0a84f56c78c3edac21e" + integrity sha512-hkRX8U1WjJFd8LsDJ2yQ/wWWxaopEsABU1XfkM8A+j0+85JAGppt16cr1Whg6KIbb4okU6Mql6BOj+uup/wKeA== + dependencies: + safe-buffer "~5.2.0" + stringify-entities@^2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/stringify-entities/-/stringify-entities-2.0.0.tgz#fa7ca6614b355fb6c28448140a20c4ede7462827" @@ -4960,6 +5081,11 @@ update-browserslist-db@^1.0.10: escalade "^3.1.1" picocolors "^1.0.0" +util-deprecate@^1.0.1: + version "1.0.2" + resolved "https://registry.yarnpkg.com/util-deprecate/-/util-deprecate-1.0.2.tgz#450d4dc9fa70de732762fbd2d4a28981419a0ccf" + integrity sha512-EPD5q1uXyFxJpCrLnCc1nHnq3gOa6DZBocAIiI2TaSCA7VCJ1UJDMagCzIkXNsUYfD1daK//LTEQ8xiIbrHtcw== + uuid@^8.3.2: version "8.3.2" resolved "https://registry.yarnpkg.com/uuid/-/uuid-8.3.2.tgz#80d5b5ced271bb9af6c445f21a1a04c606cefbe2" From 35f08a8ee945816fcf550977183616a72fa8b2af Mon Sep 17 00:00:00 2001 From: Sam Lanning Date: Sun, 25 Aug 2024 14:30:55 +0100 Subject: [PATCH 03/13] Add changeset version --- .changeset/green-dogs-change.md | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 .changeset/green-dogs-change.md diff --git a/.changeset/green-dogs-change.md b/.changeset/green-dogs-change.md new file mode 100644 index 00000000..05a0e5d6 --- /dev/null +++ b/.changeset/green-dogs-change.md @@ -0,0 +1,10 @@ +--- +"@changesets/action": major +--- + +Start using GitHub API to push tags and commits to repos + +Rather than use local git commands to push changes to GitHub, +this action now uses the GitHub API directly, +which means that all tags and commits will be attributed to the user whose +GITHUB_TOKEN is used, and signed. From 72e31f001810a7fc085493975e42e6abc2276b73 Mon Sep 17 00:00:00 2001 From: Sam Lanning Date: Sun, 25 Aug 2024 14:55:50 +0100 Subject: [PATCH 04/13] Allow tag publish to fail, assume it was manually published --- src/run.ts | 30 ++++++++++++++++++++---------- 1 file changed, 20 insertions(+), 10 deletions(-) diff --git a/src/run.ts b/src/run.ts index 46baf92f..66afe6b3 100644 --- a/src/run.ts +++ b/src/run.ts @@ -160,11 +160,16 @@ export async function runPublish({ const tagName = `${pkg.packageJson.name}@${pkg.packageJson.version}`; // Tag will only be created locally, // Create it using the GitHub API so it's signed. - await octokit.rest.git.createRef({ - ...github.context.repo, - ref: `refs/tags/${tagName}`, - sha: github.context.sha, - }); + await octokit.rest.git + .createRef({ + ...github.context.repo, + ref: `refs/tags/${tagName}`, + sha: github.context.sha, + }) + .catch((err) => { + // Assuming tag was manually pushed in custom publish script + core.warning(`Failed to create tag ${tagName}: ${err.message}`); + }); if (createGithubReleases) { await createRelease(octokit, { pkg, tagName }); } @@ -189,11 +194,16 @@ export async function runPublish({ const tagName = `v${pkg.packageJson.version}`; // Tag will only be created locally, // Create it using the GitHub API so it's signed. - await octokit.rest.git.createRef({ - ...github.context.repo, - ref: `refs/tags/${tagName}`, - sha: github.context.sha, - }); + await octokit.rest.git + .createRef({ + ...github.context.repo, + ref: `refs/tags/${tagName}`, + sha: github.context.sha, + }) + .catch((err) => { + // Assuming tag was manually pushed in custom publish script + core.warning(`Failed to create tag ${tagName}: ${err.message}`); + }); if (createGithubReleases) { await createRelease(octokit, { pkg, tagName }); } From a8a756b58cf174afb4cd3265b9e02bb858d768ef Mon Sep 17 00:00:00 2001 From: Sam Lanning Date: Sun, 25 Aug 2024 14:57:41 +0100 Subject: [PATCH 05/13] Add to changeset --- .changeset/thick-jars-chew.md | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 .changeset/thick-jars-chew.md diff --git a/.changeset/thick-jars-chew.md b/.changeset/thick-jars-chew.md new file mode 100644 index 00000000..f5a3f095 --- /dev/null +++ b/.changeset/thick-jars-chew.md @@ -0,0 +1,5 @@ +--- +"@changesets/action": minor +--- + +Handle custom publish commands more gracefully From 50b4be2b5ce5350adb360d0ab15da3324e9976f5 Mon Sep 17 00:00:00 2001 From: Sam Lanning Date: Sun, 25 Aug 2024 18:16:01 +0100 Subject: [PATCH 06/13] Update @s0/ghcommit --- .changeset/ninety-poems-explode.md | 5 +++++ package.json | 2 +- src/run.ts | 9 ++------- yarn.lock | 8 ++++---- 4 files changed, 12 insertions(+), 12 deletions(-) create mode 100644 .changeset/ninety-poems-explode.md diff --git a/.changeset/ninety-poems-explode.md b/.changeset/ninety-poems-explode.md new file mode 100644 index 00000000..b5d592ff --- /dev/null +++ b/.changeset/ninety-poems-explode.md @@ -0,0 +1,5 @@ +--- +"@changesets/action": patch +--- + +Update to latest version of ghcommit diff --git a/package.json b/package.json index 8b829387..79716a3a 100644 --- a/package.json +++ b/package.json @@ -41,7 +41,7 @@ "@changesets/read": "^0.5.3", "@manypkg/get-packages": "^1.1.3", "@octokit/plugin-throttling": "^5.2.1", - "@s0/ghcommit": "^1.1.0", + "@s0/ghcommit": "^1.2.0", "fs-extra": "^8.1.0", "mdast-util-to-string": "^1.0.6", "remark-parse": "^7.0.1", diff --git a/src/run.ts b/src/run.ts index 66afe6b3..25b35c93 100644 --- a/src/run.ts +++ b/src/run.ts @@ -391,14 +391,9 @@ export async function runVersion({ await commitChangesFromRepo({ octokit, - owner: github.context.repo.owner, - repository: github.context.repo.repo, + ...github.context.repo, branch: versionBranch, - // TODO: switch this to use direct string input when supported - message: { - headline: finalCommitMessage.split("\n", 2)[0].trim(), - body: finalCommitMessage.split("\n", 2)[1]?.trim(), - }, + message: finalCommitMessage, base: { commit: github.context.sha, }, diff --git a/yarn.lock b/yarn.lock index b84975a8..33800a11 100644 --- a/yarn.lock +++ b/yarn.lock @@ -1618,10 +1618,10 @@ dependencies: "@octokit/openapi-types" "^17.2.0" -"@s0/ghcommit@^1.1.0": - version "1.1.0" - resolved "https://registry.yarnpkg.com/@s0/ghcommit/-/ghcommit-1.1.0.tgz#789858feb3a9e9a799a6ce7abada988cd925c21f" - integrity sha512-1jEUzrfa9QvEdCaFicv2oc5ep9zFG4HE60vU48dIp+W1JzeOmPHOxNt9y5rE5TvXzTGAdLpoCvPnRrR6jCwFyw== +"@s0/ghcommit@^1.2.0": + version "1.2.0" + resolved "https://registry.yarnpkg.com/@s0/ghcommit/-/ghcommit-1.2.0.tgz#27b7e474653f98fb8126e249db929180b025082c" + integrity sha512-v3HlIX/OYWG32mT97JLPJQ2iCFI7hWtC2OONFoEAeiySAnbLhiToC1xlbT7fdlUcXTT2FktEJosfNbEbS9LniQ== dependencies: isomorphic-git "^1.27.1" From 67a10a13a7dd20a47115c415473f7c7dd8dc937c Mon Sep 17 00:00:00 2001 From: Sam Lanning Date: Sat, 2 Nov 2024 11:05:38 +0000 Subject: [PATCH 07/13] Update ghcommit to fix missing ref bug --- package.json | 2 +- yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package.json b/package.json index 79716a3a..fc3a84f1 100644 --- a/package.json +++ b/package.json @@ -41,7 +41,7 @@ "@changesets/read": "^0.5.3", "@manypkg/get-packages": "^1.1.3", "@octokit/plugin-throttling": "^5.2.1", - "@s0/ghcommit": "^1.2.0", + "@s0/ghcommit": "^1.2.1", "fs-extra": "^8.1.0", "mdast-util-to-string": "^1.0.6", "remark-parse": "^7.0.1", diff --git a/yarn.lock b/yarn.lock index 33800a11..007d3dcb 100644 --- a/yarn.lock +++ b/yarn.lock @@ -1618,10 +1618,10 @@ dependencies: "@octokit/openapi-types" "^17.2.0" -"@s0/ghcommit@^1.2.0": - version "1.2.0" - resolved "https://registry.yarnpkg.com/@s0/ghcommit/-/ghcommit-1.2.0.tgz#27b7e474653f98fb8126e249db929180b025082c" - integrity sha512-v3HlIX/OYWG32mT97JLPJQ2iCFI7hWtC2OONFoEAeiySAnbLhiToC1xlbT7fdlUcXTT2FktEJosfNbEbS9LniQ== +"@s0/ghcommit@^1.2.1": + version "1.2.1" + resolved "https://registry.yarnpkg.com/@s0/ghcommit/-/ghcommit-1.2.1.tgz#b906c164c453de5deb776f265f0f591f6f299bce" + integrity sha512-bsW81c87V5P6Prn4lqxCoMlO4dot1RpcnyT1er4gE8ytFxY1cEMZUkTd4HGk+8wTS4hpYB4f/42WIYXP4gHPXg== dependencies: isomorphic-git "^1.27.1" From 893ba16eb15f436c0f29fa125b17858767f08f4e Mon Sep 17 00:00:00 2001 From: Sam Lanning Date: Sat, 2 Nov 2024 11:27:25 +0000 Subject: [PATCH 08/13] Make using GitHub API Optional Change this to a minor version bump, with a new feature that allows for using the GitHub API to create tags and commits. --- .changeset/green-dogs-change.md | 12 ++-- .changeset/ninety-poems-explode.md | 5 -- .changeset/thick-jars-chew.md | 5 -- README.md | 1 + action.yml | 7 ++ src/gitUtils.ts | 51 ++++++++++++++- src/index.ts | 4 ++ src/run.ts | 100 ++++++++++++++++++----------- 8 files changed, 131 insertions(+), 54 deletions(-) delete mode 100644 .changeset/ninety-poems-explode.md delete mode 100644 .changeset/thick-jars-chew.md diff --git a/.changeset/green-dogs-change.md b/.changeset/green-dogs-change.md index 05a0e5d6..4820bebb 100644 --- a/.changeset/green-dogs-change.md +++ b/.changeset/green-dogs-change.md @@ -1,10 +1,10 @@ --- -"@changesets/action": major +"@changesets/action": minor --- -Start using GitHub API to push tags and commits to repos +Introduce a new input commitUsingApi that allows pushing tags and commits +using the GitHub API instead of the git CLI. -Rather than use local git commands to push changes to GitHub, -this action now uses the GitHub API directly, -which means that all tags and commits will be attributed to the user whose -GITHUB_TOKEN is used, and signed. +When used, this means means that all tags and commits will be attributed +to the user whose GITHUB_TOKEN is used, +and also signed using GitHub's internal GPG key. diff --git a/.changeset/ninety-poems-explode.md b/.changeset/ninety-poems-explode.md deleted file mode 100644 index b5d592ff..00000000 --- a/.changeset/ninety-poems-explode.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -"@changesets/action": patch ---- - -Update to latest version of ghcommit diff --git a/.changeset/thick-jars-chew.md b/.changeset/thick-jars-chew.md deleted file mode 100644 index f5a3f095..00000000 --- a/.changeset/thick-jars-chew.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -"@changesets/action": minor ---- - -Handle custom publish commands more gracefully diff --git a/README.md b/README.md index cc7f703b..c531e98d 100644 --- a/README.md +++ b/README.md @@ -12,6 +12,7 @@ This action for [Changesets](https://github.com/atlassian/changesets) creates a - title - The pull request title. Default to `Version Packages` - setupGitUser - Sets up the git user for commits as `"github-actions[bot]"`. Default to `true` - createGithubReleases - A boolean value to indicate whether to create Github releases after `publish` or not. Default to `true` +- commitUsingApi - A boolean value to indicate whether to use the GitHub API to push changes or not, so changes are GPG-signed. Default to `false` - cwd - Changes node's `process.cwd()` if the project is not located on the root. Default to `process.cwd()` ### Outputs diff --git a/action.yml b/action.yml index 86b97909..d067082e 100644 --- a/action.yml +++ b/action.yml @@ -28,6 +28,13 @@ inputs: description: "A boolean value to indicate whether to create Github releases after `publish` or not" required: false default: true + commitUsingApi: + description: > + A boolean value to indicate whether to push changes via Github API or not, + this will mean all commits and tags are signed using GitHub's GPG key, + and attributed to the user or app who owns the GITHUB_TOKEN + required: false + default: false branch: description: Sets the branch in which the action will run. Default to `github.ref_name` if not provided required: false diff --git a/src/gitUtils.ts b/src/gitUtils.ts index 16d9bf21..b15151ab 100644 --- a/src/gitUtils.ts +++ b/src/gitUtils.ts @@ -11,4 +11,53 @@ export const setupUser = async () => { "user.email", `"github-actions[bot]@users.noreply.github.com"`, ]); -}; \ No newline at end of file +}; + +export const pullBranch = async (branch: string) => { + await exec("git", ["pull", "origin", branch]); +}; + +export const push = async ( + branch: string, + { force }: { force?: boolean } = {} +) => { + await exec( + "git", + ["push", "origin", `HEAD:${branch}`, force && "--force"].filter( + Boolean as any + ) + ); +}; + +export const pushTags = async () => { + await exec("git", ["push", "origin", "--tags"]); +}; + +export const switchToMaybeExistingBranch = async (branch: string) => { + let { stderr } = await getExecOutput("git", ["checkout", branch], { + ignoreReturnCode: true, + }); + let isCreatingBranch = !stderr + .toString() + .includes(`Switched to a new branch '${branch}'`); + if (isCreatingBranch) { + await exec("git", ["checkout", "-b", branch]); + } +}; + +export const reset = async ( + pathSpec: string, + mode: "hard" | "soft" | "mixed" = "hard" +) => { + await exec("git", ["reset", `--${mode}`, pathSpec]); +}; + +export const commitAll = async (message: string) => { + await exec("git", ["add", "."]); + await exec("git", ["commit", "-m", message]); +}; + +export const checkIfClean = async (): Promise => { + const { stdout } = await getExecOutput("git", ["status", "--porcelain"]); + return !stdout.length; +}; diff --git a/src/index.ts b/src/index.ts index 194204dc..8b85e450 100644 --- a/src/index.ts +++ b/src/index.ts @@ -27,6 +27,8 @@ const getOptionalInput = (name: string) => core.getInput(name) || undefined; await gitUtils.setupUser(); } + const commitUsingApi = core.getBooleanInput("commitUsingApi"); + core.info("setting GitHub credentials"); await fs.writeFile( `${process.env.HOME}/.netrc`, @@ -88,6 +90,7 @@ const getOptionalInput = (name: string) => core.getInput(name) || undefined; script: publishScript, githubToken, createGithubReleases: core.getBooleanInput("createGithubReleases"), + commitUsingApi }); if (result.published) { @@ -109,6 +112,7 @@ const getOptionalInput = (name: string) => core.getInput(name) || undefined; prTitle: getOptionalInput("title"), commitMessage: getOptionalInput("commit"), hasPublishScript, + commitUsingApi, branch: getOptionalInput("branch"), }); diff --git a/src/run.ts b/src/run.ts index 25b35c93..c1ea9efd 100644 --- a/src/run.ts +++ b/src/run.ts @@ -101,6 +101,7 @@ type PublishOptions = { script: string; githubToken: string; createGithubReleases: boolean; + commitUsingApi: boolean; cwd?: string; }; @@ -119,6 +120,7 @@ export async function runPublish({ script, githubToken, createGithubReleases, + commitUsingApi, cwd = process.cwd(), }: PublishOptions): Promise { const octokit = setupOctokit(githubToken); @@ -131,6 +133,10 @@ export async function runPublish({ { cwd } ); + if (!commitUsingApi) { + await gitUtils.pushTags(); + } + let { packages, tool } = await getPackages(cwd); let releasedPackages: Package[] = []; @@ -158,21 +164,21 @@ export async function runPublish({ await Promise.all( releasedPackages.map(async (pkg) => { const tagName = `${pkg.packageJson.name}@${pkg.packageJson.version}`; - // Tag will only be created locally, - // Create it using the GitHub API so it's signed. - await octokit.rest.git - .createRef({ - ...github.context.repo, - ref: `refs/tags/${tagName}`, - sha: github.context.sha, - }) - .catch((err) => { - // Assuming tag was manually pushed in custom publish script - core.warning(`Failed to create tag ${tagName}: ${err.message}`); - }); - if (createGithubReleases) { - await createRelease(octokit, { pkg, tagName }); + if (commitUsingApi) { + // Tag will usually only be created locally, + // Create it using the GitHub API so it's signed. + await octokit.rest.git + .createRef({ + ...github.context.repo, + ref: `refs/tags/${tagName}`, + sha: github.context.sha, + }) + .catch((err) => { + // Assuming tag was manually pushed in custom publish script + core.warning(`Failed to create tag ${tagName}: ${err.message}`); + }); } + await createRelease(octokit, { pkg, tagName }); }) ); } @@ -191,20 +197,22 @@ export async function runPublish({ if (match) { releasedPackages.push(pkg); - const tagName = `v${pkg.packageJson.version}`; - // Tag will only be created locally, - // Create it using the GitHub API so it's signed. - await octokit.rest.git - .createRef({ - ...github.context.repo, - ref: `refs/tags/${tagName}`, - sha: github.context.sha, - }) - .catch((err) => { - // Assuming tag was manually pushed in custom publish script - core.warning(`Failed to create tag ${tagName}: ${err.message}`); - }); if (createGithubReleases) { + const tagName = `v${pkg.packageJson.version}`; + if (commitUsingApi) { + // Tag will only be created locally, + // Create it using the GitHub API so it's signed. + await octokit.rest.git + .createRef({ + ...github.context.repo, + ref: `refs/tags/${tagName}`, + sha: github.context.sha, + }) + .catch((err) => { + // Assuming tag was manually pushed in custom publish script + core.warning(`Failed to create tag ${tagName}: ${err.message}`); + }); + } await createRelease(octokit, { pkg, tagName }); } break; @@ -320,6 +328,7 @@ type VersionOptions = { commitMessage?: string; hasPublishScript?: boolean; prBodyMaxCharacters?: number; + commitUsingApi: boolean; branch?: string; }; @@ -335,6 +344,7 @@ export async function runVersion({ commitMessage = "Version Packages", hasPublishScript = false, prBodyMaxCharacters = MAX_CHARACTERS_PER_MESSAGE, + commitUsingApi, branch, }: VersionOptions): Promise { const octokit = setupOctokit(githubToken); @@ -345,6 +355,11 @@ export async function runVersion({ let { preState } = await readChangesetState(cwd); + if (!commitUsingApi) { + await gitUtils.switchToMaybeExistingBranch(versionBranch); + await gitUtils.reset(github.context.sha); + } + let versionsByDirectory = await getVersionsByDirectory(cwd); if (script) { @@ -389,16 +404,27 @@ export async function runVersion({ !!preState ? ` (${preState.tag})` : "" }`; - await commitChangesFromRepo({ - octokit, - ...github.context.repo, - branch: versionBranch, - message: finalCommitMessage, - base: { - commit: github.context.sha, - }, - force: true, - }); + if (commitUsingApi) { + await commitChangesFromRepo({ + octokit, + ...github.context.repo, + branch: versionBranch, + message: finalCommitMessage, + base: { + commit: github.context.sha, + }, + force: true, + }); + } else { + // project with `commit: true` setting could have already committed files + if (!(await gitUtils.checkIfClean())) { + await gitUtils.commitAll(finalCommitMessage); + } + } + + if (!commitUsingApi) { + await gitUtils.push(versionBranch, { force: true }); + } let existingPullRequests = await existingPullRequestsPromise; core.info(JSON.stringify(existingPullRequests.data, null, 2)); From 379e12c8b648a66c039352bb69eae256c2d3b8cb Mon Sep 17 00:00:00 2001 From: Sam Lanning Date: Sat, 12 Apr 2025 14:01:50 +0100 Subject: [PATCH 09/13] Use a strategy pattern for GitHub API vs CLI usage --- src/index.ts | 34 +++++++--- src/run.test.ts | 37 ++++++----- src/run.ts | 160 +++++++++++++++++++++++++++--------------------- 3 files changed, 138 insertions(+), 93 deletions(-) diff --git a/src/index.ts b/src/index.ts index 8b85e450..cc2fbb94 100644 --- a/src/index.ts +++ b/src/index.ts @@ -1,7 +1,15 @@ import * as core from "@actions/core"; import fs from "fs-extra"; import * as gitUtils from "./gitUtils"; -import { runPublish, runVersion } from "./run"; +import { + getApiPushStrategy, + getApiTaggingStrategy, + getCliPushStrategy, + getCliTaggingStrategy, + runPublish, + runVersion, + setupOctokit, +} from "./run"; import readChangesetState from "./readChangesetState"; const getOptionalInput = (name: string) => core.getInput(name) || undefined; @@ -50,7 +58,9 @@ const getOptionalInput = (name: string) => core.getInput(name) || undefined; switch (true) { case !hasChangesets && !hasPublishScript: - core.info("No changesets present or were removed by merging release PR. Not publishing because no publish script found."); + core.info( + "No changesets present or were removed by merging release PR. Not publishing because no publish script found." + ); return; case !hasChangesets && hasPublishScript: { core.info( @@ -86,11 +96,16 @@ const getOptionalInput = (name: string) => core.getInput(name) || undefined; ); } + const octokit = setupOctokit(githubToken); + const taggingStrategy = commitUsingApi + ? getApiTaggingStrategy(octokit) + : getCliTaggingStrategy(); + const result = await runPublish({ script: publishScript, - githubToken, + octokit, createGithubReleases: core.getBooleanInput("createGithubReleases"), - commitUsingApi + taggingStrategy, }); if (result.published) { @@ -105,20 +120,25 @@ const getOptionalInput = (name: string) => core.getInput(name) || undefined; case hasChangesets && !hasNonEmptyChangesets: core.info("All changesets are empty; not creating PR"); return; - case hasChangesets: + case hasChangesets: { + const octokit = setupOctokit(githubToken); + const gitPushStrategy = commitUsingApi + ? getApiPushStrategy(octokit) + : getCliPushStrategy(); const { pullRequestNumber } = await runVersion({ script: getOptionalInput("version"), - githubToken, + octokit, prTitle: getOptionalInput("title"), commitMessage: getOptionalInput("commit"), hasPublishScript, - commitUsingApi, + gitPushStrategy, branch: getOptionalInput("branch"), }); core.setOutput("pullRequestNumber", String(pullRequestNumber)); return; + } } })().catch((err) => { core.error(err); diff --git a/src/run.test.ts b/src/run.test.ts index 7b06a4ce..bc9e5b06 100644 --- a/src/run.test.ts +++ b/src/run.test.ts @@ -5,7 +5,7 @@ import fs from "fs-extra"; import path from "path"; import writeChangeset from "@changesets/write"; import { Changeset } from "@changesets/types"; -import { runVersion } from "./run"; +import { getCliPushStrategy, runVersion, setupOctokit } from "./run"; jest.mock("@actions/github", () => ({ context: { @@ -18,17 +18,17 @@ jest.mock("@actions/github", () => ({ }, })); jest.mock("@actions/github/lib/utils", () => ({ - GitHub: { - plugin: () => { - // function necessary to be used as constructor - return function() { - return { - rest: mockedGithubMethods, - } - } - }, + GitHub: { + plugin: () => { + // function necessary to be used as constructor + return function () { + return { + rest: mockedGithubMethods, + }; + }; }, - getOctokitOptions: jest.fn(), + }, + getOctokitOptions: jest.fn(), })); jest.mock("./gitUtils"); jest.mock("@s0/ghcommit/git"); @@ -90,7 +90,8 @@ describe("version", () => { ); await runVersion({ - githubToken: "@@GITHUB_TOKEN", + octokit: setupOctokit("@@GITHUB_TOKEN"), + gitPushStrategy: getCliPushStrategy(), cwd, }); @@ -123,7 +124,8 @@ describe("version", () => { ); await runVersion({ - githubToken: "@@GITHUB_TOKEN", + octokit: setupOctokit("@@GITHUB_TOKEN"), + gitPushStrategy: getCliPushStrategy(), cwd, }); @@ -156,7 +158,8 @@ describe("version", () => { ); await runVersion({ - githubToken: "@@GITHUB_TOKEN", + octokit: setupOctokit("@@GITHUB_TOKEN"), + gitPushStrategy: getCliPushStrategy(), cwd, }); @@ -209,7 +212,8 @@ fluminis divesque vulnere aquis parce lapsis rabie si visa fulmineis. ); await runVersion({ - githubToken: "@@GITHUB_TOKEN", + octokit: setupOctokit("@@GITHUB_TOKEN"), + gitPushStrategy: getCliPushStrategy(), cwd, prBodyMaxCharacters: 1000, }); @@ -266,7 +270,8 @@ fluminis divesque vulnere aquis parce lapsis rabie si visa fulmineis. ); await runVersion({ - githubToken: "@@GITHUB_TOKEN", + octokit: setupOctokit("@@GITHUB_TOKEN"), + gitPushStrategy: getCliPushStrategy(), cwd, prBodyMaxCharacters: 500, }); diff --git a/src/run.ts b/src/run.ts index c1ea9efd..c37ce933 100644 --- a/src/run.ts +++ b/src/run.ts @@ -25,7 +25,7 @@ import { commitChangesFromRepo } from "@s0/ghcommit/git"; // To avoid that, we ensure to cap the message to 60k chars. const MAX_CHARACTERS_PER_MESSAGE = 60000; -const setupOctokit = (githubToken: string) => { +export const setupOctokit = (githubToken: string) => { return new (GitHub.plugin(throttling))( getOctokitOptions(githubToken, { throttle: { @@ -59,8 +59,10 @@ const setupOctokit = (githubToken: string) => { ); }; +export type Octokit = ReturnType; + const createRelease = async ( - octokit: ReturnType, + octokit: Octokit, { pkg, tagName }: { pkg: Package; tagName: string } ) => { try { @@ -97,11 +99,45 @@ const createRelease = async ( } }; +export type GitTaggingStrategy = { + pushAllTags: () => Promise; + pushTag: (tag: string) => Promise; +}; + +export const getCliTaggingStrategy = (): GitTaggingStrategy => ({ + pushAllTags: async () => { + await gitUtils.pushTags(); + }, + pushTag: async () => { + // When using the CLI, we push all tags together at once + }, +}); + +export const getApiTaggingStrategy = ( + octokit: Octokit +): GitTaggingStrategy => ({ + pushAllTags: async () => { + // When using the API, we push all tags individually + }, + pushTag: async (tagName: string) => { + await octokit.rest.git + .createRef({ + ...github.context.repo, + ref: `refs/tags/${tagName}`, + sha: github.context.sha, + }) + .catch((err) => { + // Assuming tag was manually pushed in custom publish script + core.warning(`Failed to create tag ${tagName}: ${err.message}`); + }); + }, +}); + type PublishOptions = { script: string; - githubToken: string; + octokit: Octokit; createGithubReleases: boolean; - commitUsingApi: boolean; + taggingStrategy: GitTaggingStrategy; cwd?: string; }; @@ -118,13 +154,11 @@ type PublishResult = export async function runPublish({ script, - githubToken, + octokit, createGithubReleases, - commitUsingApi, + taggingStrategy, cwd = process.cwd(), }: PublishOptions): Promise { - const octokit = setupOctokit(githubToken); - let [publishCommand, ...publishArgs] = script.split(/\s+/); let changesetPublishOutput = await getExecOutput( @@ -133,9 +167,7 @@ export async function runPublish({ { cwd } ); - if (!commitUsingApi) { - await gitUtils.pushTags(); - } + await taggingStrategy.pushAllTags(); let { packages, tool } = await getPackages(cwd); let releasedPackages: Package[] = []; @@ -164,20 +196,7 @@ export async function runPublish({ await Promise.all( releasedPackages.map(async (pkg) => { const tagName = `${pkg.packageJson.name}@${pkg.packageJson.version}`; - if (commitUsingApi) { - // Tag will usually only be created locally, - // Create it using the GitHub API so it's signed. - await octokit.rest.git - .createRef({ - ...github.context.repo, - ref: `refs/tags/${tagName}`, - sha: github.context.sha, - }) - .catch((err) => { - // Assuming tag was manually pushed in custom publish script - core.warning(`Failed to create tag ${tagName}: ${err.message}`); - }); - } + await taggingStrategy.pushTag(tagName); await createRelease(octokit, { pkg, tagName }); }) ); @@ -199,20 +218,7 @@ export async function runPublish({ releasedPackages.push(pkg); if (createGithubReleases) { const tagName = `v${pkg.packageJson.version}`; - if (commitUsingApi) { - // Tag will only be created locally, - // Create it using the GitHub API so it's signed. - await octokit.rest.git - .createRef({ - ...github.context.repo, - ref: `refs/tags/${tagName}`, - sha: github.context.sha, - }) - .catch((err) => { - // Assuming tag was manually pushed in custom publish script - core.warning(`Failed to create tag ${tagName}: ${err.message}`); - }); - } + await taggingStrategy.pushTag(tagName); await createRelease(octokit, { pkg, tagName }); } break; @@ -320,15 +326,54 @@ export async function getVersionPrBody({ return fullMessage; } +type GitPushStrategy = { + prepareVersionBranch: (versionBranch: string) => Promise; + pushChanges: (params: { + versionBranch: string; + finalCommitMessage: string; + }) => Promise; +}; + +export const getCliPushStrategy = (): GitPushStrategy => ({ + prepareVersionBranch: async (versionBranch: string) => { + await gitUtils.switchToMaybeExistingBranch(versionBranch); + await gitUtils.reset(github.context.sha); + }, + pushChanges: async ({ versionBranch, finalCommitMessage }) => { + if (!(await gitUtils.checkIfClean())) { + await gitUtils.commitAll(finalCommitMessage); + } + await gitUtils.push(versionBranch, { force: true }); + }, +}); + +export const getApiPushStrategy = (octokit: Octokit): GitPushStrategy => ({ + prepareVersionBranch: async () => { + // Preparing a new local branch is not necessary when using the API + }, + pushChanges: async ({ versionBranch, finalCommitMessage }) => { + await commitChangesFromRepo({ + octokit, + ...github.context.repo, + branch: versionBranch, + message: finalCommitMessage, + base: { + commit: github.context.sha, + }, + force: true, + }); + }, +}); + type VersionOptions = { script?: string; - githubToken: string; + octokit: Octokit; cwd?: string; prTitle?: string; commitMessage?: string; hasPublishScript?: boolean; prBodyMaxCharacters?: number; - commitUsingApi: boolean; + gitPushStrategy: GitPushStrategy; branch?: string; }; @@ -338,27 +383,22 @@ type RunVersionResult = { export async function runVersion({ script, - githubToken, + octokit, cwd = process.cwd(), prTitle = "Version Packages", commitMessage = "Version Packages", hasPublishScript = false, prBodyMaxCharacters = MAX_CHARACTERS_PER_MESSAGE, - commitUsingApi, + gitPushStrategy, branch, }: VersionOptions): Promise { - const octokit = setupOctokit(githubToken); - let repo = `${github.context.repo.owner}/${github.context.repo.repo}`; branch = branch ?? github.context.ref.replace("refs/heads/", ""); let versionBranch = `changeset-release/${branch}`; let { preState } = await readChangesetState(cwd); - if (!commitUsingApi) { - await gitUtils.switchToMaybeExistingBranch(versionBranch); - await gitUtils.reset(github.context.sha); - } + await gitPushStrategy.prepareVersionBranch(versionBranch); let versionsByDirectory = await getVersionsByDirectory(cwd); @@ -404,27 +444,7 @@ export async function runVersion({ !!preState ? ` (${preState.tag})` : "" }`; - if (commitUsingApi) { - await commitChangesFromRepo({ - octokit, - ...github.context.repo, - branch: versionBranch, - message: finalCommitMessage, - base: { - commit: github.context.sha, - }, - force: true, - }); - } else { - // project with `commit: true` setting could have already committed files - if (!(await gitUtils.checkIfClean())) { - await gitUtils.commitAll(finalCommitMessage); - } - } - - if (!commitUsingApi) { - await gitUtils.push(versionBranch, { force: true }); - } + await gitPushStrategy.pushChanges({ versionBranch, finalCommitMessage }); let existingPullRequests = await existingPullRequestsPromise; core.info(JSON.stringify(existingPullRequests.data, null, 2)); From 0c32ff7ca7133cc02be6f1c9e8f2072418fcf12f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mateusz=20Burzy=C5=84ski?= Date: Fri, 2 May 2025 12:23:42 +0200 Subject: [PATCH 10/13] refactor git interactions --- package.json | 3 +- src/git.ts | 106 ++++++++++++++++++++++++++++++++++ src/gitUtils.ts | 63 --------------------- src/index.ts | 33 ++++------- src/octokit.ts | 39 +++++++++++++ src/run.test.ts | 20 +++---- src/run.ts | 147 ++++++------------------------------------------ 7 files changed, 184 insertions(+), 227 deletions(-) create mode 100644 src/git.ts delete mode 100644 src/gitUtils.ts create mode 100644 src/octokit.ts diff --git a/package.json b/package.json index fc3a84f1..368a3d96 100644 --- a/package.json +++ b/package.json @@ -58,5 +58,6 @@ "**/@octokit/core": "4.2.0", "trim": "^0.0.3", "y18n": "^4.0.1" - } + }, + "packageManager": "yarn@1.22.22+sha512.a6b2f7906b721bba3d67d4aff083df04dad64c399707841b7acf00f6b133b7ac24255f2652fa22ae3534329dc6180534e98d17432037ff6fd140556e2bb3137e" } diff --git a/src/git.ts b/src/git.ts new file mode 100644 index 00000000..9ea6e9e0 --- /dev/null +++ b/src/git.ts @@ -0,0 +1,106 @@ +import * as core from "@actions/core"; +import { exec, getExecOutput } from "@actions/exec"; +import * as github from "@actions/github"; +import { commitChangesFromRepo } from "@s0/ghcommit/git"; +import { Octokit } from "./octokit"; + +const push = async (branch: string, { force }: { force?: boolean } = {}) => { + await exec( + "git", + ["push", "origin", `HEAD:${branch}`, force && "--force"].filter( + Boolean as any + ) + ); +}; + +const switchToMaybeExistingBranch = async (branch: string) => { + let { stderr } = await getExecOutput("git", ["checkout", branch], { + ignoreReturnCode: true, + }); + let isCreatingBranch = !stderr + .toString() + .includes(`Switched to a new branch '${branch}'`); + if (isCreatingBranch) { + await exec("git", ["checkout", "-b", branch]); + } +}; + +const reset = async ( + pathSpec: string, + mode: "hard" | "soft" | "mixed" = "hard" +) => { + await exec("git", ["reset", `--${mode}`, pathSpec]); +}; + +const commitAll = async (message: string) => { + await exec("git", ["add", "."]); + await exec("git", ["commit", "-m", message]); +}; + +const checkIfClean = async (): Promise => { + const { stdout } = await getExecOutput("git", ["status", "--porcelain"]); + return !stdout.length; +}; + +export class Git { + octokit; + constructor(octokit?: Octokit) { + this.octokit = octokit; + } + + async setupUser() { + if (this.octokit) { + return; + } + await exec("git", ["config", "user.name", `"github-actions[bot]"`]); + await exec("git", [ + "config", + "user.email", + `"github-actions[bot]@users.noreply.github.com"`, + ]); + } + + async pushTag(tag: string) { + if (this.octokit) { + return this.octokit.rest.git + .createRef({ + ...github.context.repo, + ref: `refs/tags/${tag}`, + sha: github.context.sha, + }) + .catch((err) => { + // Assuming tag was manually pushed in custom publish script + core.warning(`Failed to create tag ${tag}: ${err.message}`); + }); + } + await exec("git", ["push", "origin", tag]); + } + + async prepareBranch(branch: string) { + if (this.octokit) { + // Preparing a new local branch is not necessary when using the API + return; + } + await switchToMaybeExistingBranch(branch); + await reset(github.context.sha); + } + + async pushChanges({ branch, message }: { branch: string; message: string }) { + if (this.octokit) { + return commitChangesFromRepo({ + octokit: this.octokit, + ...github.context.repo, + branch, + message, + base: { + commit: github.context.sha, + }, + force: true, + }); + } + if (!(await checkIfClean())) { + await commitAll(message); + } + await push(branch, { force: true }); + } +} diff --git a/src/gitUtils.ts b/src/gitUtils.ts deleted file mode 100644 index b15151ab..00000000 --- a/src/gitUtils.ts +++ /dev/null @@ -1,63 +0,0 @@ -import { exec, getExecOutput } from "@actions/exec"; - -export const setupUser = async () => { - await exec("git", [ - "config", - "user.name", - `"github-actions[bot]"`, - ]); - await exec("git", [ - "config", - "user.email", - `"github-actions[bot]@users.noreply.github.com"`, - ]); -}; - -export const pullBranch = async (branch: string) => { - await exec("git", ["pull", "origin", branch]); -}; - -export const push = async ( - branch: string, - { force }: { force?: boolean } = {} -) => { - await exec( - "git", - ["push", "origin", `HEAD:${branch}`, force && "--force"].filter( - Boolean as any - ) - ); -}; - -export const pushTags = async () => { - await exec("git", ["push", "origin", "--tags"]); -}; - -export const switchToMaybeExistingBranch = async (branch: string) => { - let { stderr } = await getExecOutput("git", ["checkout", branch], { - ignoreReturnCode: true, - }); - let isCreatingBranch = !stderr - .toString() - .includes(`Switched to a new branch '${branch}'`); - if (isCreatingBranch) { - await exec("git", ["checkout", "-b", branch]); - } -}; - -export const reset = async ( - pathSpec: string, - mode: "hard" | "soft" | "mixed" = "hard" -) => { - await exec("git", ["reset", `--${mode}`, pathSpec]); -}; - -export const commitAll = async (message: string) => { - await exec("git", ["add", "."]); - await exec("git", ["commit", "-m", message]); -}; - -export const checkIfClean = async (): Promise => { - const { stdout } = await getExecOutput("git", ["status", "--porcelain"]); - return !stdout.length; -}; diff --git a/src/index.ts b/src/index.ts index cc2fbb94..758f4096 100644 --- a/src/index.ts +++ b/src/index.ts @@ -1,16 +1,9 @@ import * as core from "@actions/core"; import fs from "fs-extra"; -import * as gitUtils from "./gitUtils"; -import { - getApiPushStrategy, - getApiTaggingStrategy, - getCliPushStrategy, - getCliTaggingStrategy, - runPublish, - runVersion, - setupOctokit, -} from "./run"; +import { Git } from "./git"; +import { setupOctokit } from "./octokit"; import readChangesetState from "./readChangesetState"; +import { runPublish, runVersion } from "./run"; const getOptionalInput = (name: string) => core.getInput(name) || undefined; @@ -28,15 +21,17 @@ const getOptionalInput = (name: string) => core.getInput(name) || undefined; process.chdir(inputCwd); } + const octokit = setupOctokit(githubToken); + const commitUsingApi = core.getBooleanInput("commitUsingApi"); + const git = new Git(commitUsingApi ? octokit : undefined); + let setupGitUser = core.getBooleanInput("setupGitUser"); if (setupGitUser) { core.info("setting git user"); - await gitUtils.setupUser(); + await git.setupUser(); } - const commitUsingApi = core.getBooleanInput("commitUsingApi"); - core.info("setting GitHub credentials"); await fs.writeFile( `${process.env.HOME}/.netrc`, @@ -96,16 +91,11 @@ const getOptionalInput = (name: string) => core.getInput(name) || undefined; ); } - const octokit = setupOctokit(githubToken); - const taggingStrategy = commitUsingApi - ? getApiTaggingStrategy(octokit) - : getCliTaggingStrategy(); - const result = await runPublish({ script: publishScript, + git, octokit, createGithubReleases: core.getBooleanInput("createGithubReleases"), - taggingStrategy, }); if (result.published) { @@ -122,16 +112,13 @@ const getOptionalInput = (name: string) => core.getInput(name) || undefined; return; case hasChangesets: { const octokit = setupOctokit(githubToken); - const gitPushStrategy = commitUsingApi - ? getApiPushStrategy(octokit) - : getCliPushStrategy(); const { pullRequestNumber } = await runVersion({ script: getOptionalInput("version"), + git: new Git(commitUsingApi ? octokit : undefined), octokit, prTitle: getOptionalInput("title"), commitMessage: getOptionalInput("commit"), hasPublishScript, - gitPushStrategy, branch: getOptionalInput("branch"), }); diff --git a/src/octokit.ts b/src/octokit.ts new file mode 100644 index 00000000..11bbed24 --- /dev/null +++ b/src/octokit.ts @@ -0,0 +1,39 @@ +import * as core from "@actions/core"; +import { GitHub, getOctokitOptions } from "@actions/github/lib/utils"; +import { throttling } from "@octokit/plugin-throttling"; + +export const setupOctokit = (githubToken: string) => { + return new (GitHub.plugin(throttling))( + getOctokitOptions(githubToken, { + throttle: { + onRateLimit: (retryAfter, options: any, octokit, retryCount) => { + core.warning( + `Request quota exhausted for request ${options.method} ${options.url}` + ); + + if (retryCount <= 2) { + core.info(`Retrying after ${retryAfter} seconds!`); + return true; + } + }, + onSecondaryRateLimit: ( + retryAfter, + options: any, + octokit, + retryCount + ) => { + core.warning( + `SecondaryRateLimit detected for request ${options.method} ${options.url}` + ); + + if (retryCount <= 2) { + core.info(`Retrying after ${retryAfter} seconds!`); + return true; + } + }, + }, + }) + ); +}; + +export type Octokit = ReturnType; diff --git a/src/run.test.ts b/src/run.test.ts index bc9e5b06..b0130620 100644 --- a/src/run.test.ts +++ b/src/run.test.ts @@ -1,11 +1,11 @@ +import { Changeset } from "@changesets/types"; +import writeChangeset from "@changesets/write"; import fixturez from "fixturez"; -import * as github from "@actions/github"; -import * as githubUtils from "@actions/github/lib/utils"; import fs from "fs-extra"; import path from "path"; -import writeChangeset from "@changesets/write"; -import { Changeset } from "@changesets/types"; -import { getCliPushStrategy, runVersion, setupOctokit } from "./run"; +import { Git } from "./git"; +import { setupOctokit } from "./octokit"; +import { runVersion } from "./run"; jest.mock("@actions/github", () => ({ context: { @@ -91,7 +91,7 @@ describe("version", () => { await runVersion({ octokit: setupOctokit("@@GITHUB_TOKEN"), - gitPushStrategy: getCliPushStrategy(), + git: new Git(), cwd, }); @@ -125,7 +125,7 @@ describe("version", () => { await runVersion({ octokit: setupOctokit("@@GITHUB_TOKEN"), - gitPushStrategy: getCliPushStrategy(), + git: new Git(), cwd, }); @@ -159,7 +159,7 @@ describe("version", () => { await runVersion({ octokit: setupOctokit("@@GITHUB_TOKEN"), - gitPushStrategy: getCliPushStrategy(), + git: new Git(), cwd, }); @@ -213,7 +213,7 @@ fluminis divesque vulnere aquis parce lapsis rabie si visa fulmineis. await runVersion({ octokit: setupOctokit("@@GITHUB_TOKEN"), - gitPushStrategy: getCliPushStrategy(), + git: new Git(), cwd, prBodyMaxCharacters: 1000, }); @@ -271,7 +271,7 @@ fluminis divesque vulnere aquis parce lapsis rabie si visa fulmineis. await runVersion({ octokit: setupOctokit("@@GITHUB_TOKEN"), - gitPushStrategy: getCliPushStrategy(), + git: new Git(), cwd, prBodyMaxCharacters: 500, }); diff --git a/src/run.ts b/src/run.ts index c37ce933..7d6fdd40 100644 --- a/src/run.ts +++ b/src/run.ts @@ -1,23 +1,21 @@ +import * as core from "@actions/core"; import { exec, getExecOutput } from "@actions/exec"; -import { GitHub, getOctokitOptions } from "@actions/github/lib/utils"; import * as github from "@actions/github"; -import * as core from "@actions/core"; +import { PreState } from "@changesets/types"; +import { Package, getPackages } from "@manypkg/get-packages"; import fs from "fs-extra"; -import { getPackages, Package } from "@manypkg/get-packages"; import path from "path"; +import resolveFrom from "resolve-from"; import * as semver from "semver"; -import { PreState } from "@changesets/types"; +import { Git } from "./git"; +import { Octokit } from "./octokit"; +import readChangesetState from "./readChangesetState"; import { - getChangelogEntry, getChangedPackages, - sortTheThings, + getChangelogEntry, getVersionsByDirectory, + sortTheThings, } from "./utils"; -import * as gitUtils from "./gitUtils"; -import readChangesetState from "./readChangesetState"; -import resolveFrom from "resolve-from"; -import { throttling } from "@octokit/plugin-throttling"; -import { commitChangesFromRepo } from "@s0/ghcommit/git"; // GitHub Issues/PRs messages have a max size limit on the // message body payload. @@ -25,42 +23,6 @@ import { commitChangesFromRepo } from "@s0/ghcommit/git"; // To avoid that, we ensure to cap the message to 60k chars. const MAX_CHARACTERS_PER_MESSAGE = 60000; -export const setupOctokit = (githubToken: string) => { - return new (GitHub.plugin(throttling))( - getOctokitOptions(githubToken, { - throttle: { - onRateLimit: (retryAfter, options: any, octokit, retryCount) => { - core.warning( - `Request quota exhausted for request ${options.method} ${options.url}` - ); - - if (retryCount <= 2) { - core.info(`Retrying after ${retryAfter} seconds!`); - return true; - } - }, - onSecondaryRateLimit: ( - retryAfter, - options: any, - octokit, - retryCount - ) => { - core.warning( - `SecondaryRateLimit detected for request ${options.method} ${options.url}` - ); - - if (retryCount <= 2) { - core.info(`Retrying after ${retryAfter} seconds!`); - return true; - } - }, - }, - }) - ); -}; - -export type Octokit = ReturnType; - const createRelease = async ( octokit: Octokit, { pkg, tagName }: { pkg: Package; tagName: string } @@ -99,45 +61,11 @@ const createRelease = async ( } }; -export type GitTaggingStrategy = { - pushAllTags: () => Promise; - pushTag: (tag: string) => Promise; -}; - -export const getCliTaggingStrategy = (): GitTaggingStrategy => ({ - pushAllTags: async () => { - await gitUtils.pushTags(); - }, - pushTag: async () => { - // When using the CLI, we push all tags together at once - }, -}); - -export const getApiTaggingStrategy = ( - octokit: Octokit -): GitTaggingStrategy => ({ - pushAllTags: async () => { - // When using the API, we push all tags individually - }, - pushTag: async (tagName: string) => { - await octokit.rest.git - .createRef({ - ...github.context.repo, - ref: `refs/tags/${tagName}`, - sha: github.context.sha, - }) - .catch((err) => { - // Assuming tag was manually pushed in custom publish script - core.warning(`Failed to create tag ${tagName}: ${err.message}`); - }); - }, -}); - type PublishOptions = { script: string; octokit: Octokit; createGithubReleases: boolean; - taggingStrategy: GitTaggingStrategy; + git: Git; cwd?: string; }; @@ -154,9 +82,9 @@ type PublishResult = export async function runPublish({ script, + git, octokit, createGithubReleases, - taggingStrategy, cwd = process.cwd(), }: PublishOptions): Promise { let [publishCommand, ...publishArgs] = script.split(/\s+/); @@ -167,8 +95,6 @@ export async function runPublish({ { cwd } ); - await taggingStrategy.pushAllTags(); - let { packages, tool } = await getPackages(cwd); let releasedPackages: Package[] = []; @@ -196,7 +122,7 @@ export async function runPublish({ await Promise.all( releasedPackages.map(async (pkg) => { const tagName = `${pkg.packageJson.name}@${pkg.packageJson.version}`; - await taggingStrategy.pushTag(tagName); + await git.pushTag(tagName); await createRelease(octokit, { pkg, tagName }); }) ); @@ -218,7 +144,7 @@ export async function runPublish({ releasedPackages.push(pkg); if (createGithubReleases) { const tagName = `v${pkg.packageJson.version}`; - await taggingStrategy.pushTag(tagName); + await git.pushTag(tagName); await createRelease(octokit, { pkg, tagName }); } break; @@ -326,54 +252,15 @@ export async function getVersionPrBody({ return fullMessage; } -type GitPushStrategy = { - prepareVersionBranch: (versionBranch: string) => Promise; - pushChanges: (params: { - versionBranch: string; - finalCommitMessage: string; - }) => Promise; -}; - -export const getCliPushStrategy = (): GitPushStrategy => ({ - prepareVersionBranch: async (versionBranch: string) => { - await gitUtils.switchToMaybeExistingBranch(versionBranch); - await gitUtils.reset(github.context.sha); - }, - pushChanges: async ({ versionBranch, finalCommitMessage }) => { - if (!(await gitUtils.checkIfClean())) { - await gitUtils.commitAll(finalCommitMessage); - } - await gitUtils.push(versionBranch, { force: true }); - }, -}); - -export const getApiPushStrategy = (octokit: Octokit): GitPushStrategy => ({ - prepareVersionBranch: async () => { - // Preparing a new local branch is not necessary when using the API - }, - pushChanges: async ({ versionBranch, finalCommitMessage }) => { - await commitChangesFromRepo({ - octokit, - ...github.context.repo, - branch: versionBranch, - message: finalCommitMessage, - base: { - commit: github.context.sha, - }, - force: true, - }); - }, -}); - type VersionOptions = { script?: string; + git: Git; octokit: Octokit; cwd?: string; prTitle?: string; commitMessage?: string; hasPublishScript?: boolean; prBodyMaxCharacters?: number; - gitPushStrategy: GitPushStrategy; branch?: string; }; @@ -383,13 +270,13 @@ type RunVersionResult = { export async function runVersion({ script, + git, octokit, cwd = process.cwd(), prTitle = "Version Packages", commitMessage = "Version Packages", hasPublishScript = false, prBodyMaxCharacters = MAX_CHARACTERS_PER_MESSAGE, - gitPushStrategy, branch, }: VersionOptions): Promise { let repo = `${github.context.repo.owner}/${github.context.repo.repo}`; @@ -398,7 +285,7 @@ export async function runVersion({ let { preState } = await readChangesetState(cwd); - await gitPushStrategy.prepareVersionBranch(versionBranch); + await git.prepareBranch(versionBranch); let versionsByDirectory = await getVersionsByDirectory(cwd); @@ -444,7 +331,7 @@ export async function runVersion({ !!preState ? ` (${preState.tag})` : "" }`; - await gitPushStrategy.pushChanges({ versionBranch, finalCommitMessage }); + await git.pushChanges({ branch: versionBranch, message: finalCommitMessage }); let existingPullRequests = await existingPullRequestsPromise; core.info(JSON.stringify(existingPullRequests.data, null, 2)); From 8bd1dac00ed1712304cb90cc4ec7aadac9a24462 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mateusz=20Burzy=C5=84ski?= Date: Fri, 2 May 2025 12:28:31 +0200 Subject: [PATCH 11/13] fix mock thing --- src/run.test.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/run.test.ts b/src/run.test.ts index b0130620..3a8c8d4b 100644 --- a/src/run.test.ts +++ b/src/run.test.ts @@ -30,7 +30,7 @@ jest.mock("@actions/github/lib/utils", () => ({ }, getOctokitOptions: jest.fn(), })); -jest.mock("./gitUtils"); +jest.mock("./git"); jest.mock("@s0/ghcommit/git"); let mockedGithubMethods = { From 0105bde4dbe21ae4f062bf2a133639e0886fcc59 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mateusz=20Burzy=C5=84ski?= Date: Fri, 2 May 2025 12:50:22 +0200 Subject: [PATCH 12/13] usechangesets pkg --- package.json | 2 +- src/git.ts | 2 +- src/run.test.ts | 2 +- yarn.lock | 14 +++++++------- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/package.json b/package.json index b7f01738..588b8a2a 100644 --- a/package.json +++ b/package.json @@ -37,11 +37,11 @@ "@actions/core": "^1.10.0", "@actions/exec": "^1.1.1", "@actions/github": "^5.1.1", + "@changesets/ghcommit": "1.3.0", "@changesets/pre": "^1.0.9", "@changesets/read": "^0.5.3", "@manypkg/get-packages": "^1.1.3", "@octokit/plugin-throttling": "^5.2.1", - "@s0/ghcommit": "^1.2.1", "fs-extra": "^8.1.0", "mdast-util-to-string": "^1.0.6", "remark-parse": "^7.0.1", diff --git a/src/git.ts b/src/git.ts index e38e98ae..682e6252 100644 --- a/src/git.ts +++ b/src/git.ts @@ -1,7 +1,7 @@ import * as core from "@actions/core"; import { exec, getExecOutput } from "@actions/exec"; import * as github from "@actions/github"; -import { commitChangesFromRepo } from "@s0/ghcommit/git"; +import { commitChangesFromRepo } from "@changesets/ghcommit/git"; import { Octokit } from "./octokit"; const push = async (branch: string, { force }: { force?: boolean } = {}) => { diff --git a/src/run.test.ts b/src/run.test.ts index 3a8c8d4b..2af9c994 100644 --- a/src/run.test.ts +++ b/src/run.test.ts @@ -31,7 +31,7 @@ jest.mock("@actions/github/lib/utils", () => ({ getOctokitOptions: jest.fn(), })); jest.mock("./git"); -jest.mock("@s0/ghcommit/git"); +jest.mock("@changesets/ghcommit/git"); let mockedGithubMethods = { pulls: { diff --git a/yarn.lock b/yarn.lock index 007d3dcb..af8ae3ad 100644 --- a/yarn.lock +++ b/yarn.lock @@ -1139,6 +1139,13 @@ resolved "https://registry.yarnpkg.com/@changesets/get-version-range-type/-/get-version-range-type-0.3.2.tgz#8131a99035edd11aa7a44c341cbb05e668618c67" integrity sha512-SVqwYs5pULYjYT4op21F2pVbcrca4qA/bAA3FmFXKMN7Y+HcO8sbZUTx3TAy2VXulP2FACd1aC7f2nTuqSPbqg== +"@changesets/ghcommit@1.3.0": + version "1.3.0" + resolved "https://registry.yarnpkg.com/@changesets/ghcommit/-/ghcommit-1.3.0.tgz#8978eac4d5c2d4dc63865eeac00bc5922db7c0f3" + integrity sha512-Bbg4NlEqVWnykX12XlHw8V1JV/xdAJvuai3eEd7pPMiHT9k4n9FQyPdKs6ww1zooM0Xrjy0CC2INGtD8vKkc1Q== + dependencies: + isomorphic-git "^1.27.1" + "@changesets/git@^2.0.0": version "2.0.0" resolved "https://registry.yarnpkg.com/@changesets/git/-/git-2.0.0.tgz#8de57649baf13a86eb669a25fa51bcad5cea517f" @@ -1618,13 +1625,6 @@ dependencies: "@octokit/openapi-types" "^17.2.0" -"@s0/ghcommit@^1.2.1": - version "1.2.1" - resolved "https://registry.yarnpkg.com/@s0/ghcommit/-/ghcommit-1.2.1.tgz#b906c164c453de5deb776f265f0f591f6f299bce" - integrity sha512-bsW81c87V5P6Prn4lqxCoMlO4dot1RpcnyT1er4gE8ytFxY1cEMZUkTd4HGk+8wTS4hpYB4f/42WIYXP4gHPXg== - dependencies: - isomorphic-git "^1.27.1" - "@sinclair/typebox@^0.25.16": version "0.25.24" resolved "https://registry.yarnpkg.com/@sinclair/typebox/-/typebox-0.25.24.tgz#8c7688559979f7079aacaf31aa881c3aa410b718" From 313b693f7ac8204d02932286897b9b6706dac1ea Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mateusz=20Burzy=C5=84ski?= Date: Fri, 2 May 2025 15:31:09 +0200 Subject: [PATCH 13/13] switch to `commitMode` --- .changeset/green-dogs-change.md | 7 ++----- README.md | 4 ++-- action.yml | 11 ++++++----- src/index.ts | 10 +++++++--- 4 files changed, 17 insertions(+), 15 deletions(-) diff --git a/.changeset/green-dogs-change.md b/.changeset/green-dogs-change.md index 4820bebb..9a9035ad 100644 --- a/.changeset/green-dogs-change.md +++ b/.changeset/green-dogs-change.md @@ -2,9 +2,6 @@ "@changesets/action": minor --- -Introduce a new input commitUsingApi that allows pushing tags and commits -using the GitHub API instead of the git CLI. +Introduce a new input `commitMode` that allows using the GitHub API for pushing tags and commits instead of the Git CLI. -When used, this means means that all tags and commits will be attributed -to the user whose GITHUB_TOKEN is used, -and also signed using GitHub's internal GPG key. +When used with `"github-api"` value all tags and commits will be attributed to the user whose GITHUB_TOKEN is used, and also signed using GitHub's internal GPG key. diff --git a/README.md b/README.md index c531e98d..5ea2e5e5 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # Changesets Release Action -This action for [Changesets](https://github.com/atlassian/changesets) creates a pull request with all of the package versions updated and changelogs updated and when there are new changesets on [your configured `baseBranch`](https://github.com/changesets/changesets/blob/main/docs/config-file-options.md#basebranch-git-branch-name), the PR will be updated. When you're ready, you can merge the pull request and you can either publish the packages to npm manually or setup the action to do it for you. +This action for [Changesets](https://github.com/changesets/changesets) creates a pull request with all of the package versions updated and changelogs updated and when there are new changesets on [your configured `baseBranch`](https://github.com/changesets/changesets/blob/main/docs/config-file-options.md#basebranch-git-branch-name), the PR will be updated. When you're ready, you can merge the pull request and you can either publish the packages to npm manually or setup the action to do it for you. ## Usage @@ -12,7 +12,7 @@ This action for [Changesets](https://github.com/atlassian/changesets) creates a - title - The pull request title. Default to `Version Packages` - setupGitUser - Sets up the git user for commits as `"github-actions[bot]"`. Default to `true` - createGithubReleases - A boolean value to indicate whether to create Github releases after `publish` or not. Default to `true` -- commitUsingApi - A boolean value to indicate whether to use the GitHub API to push changes or not, so changes are GPG-signed. Default to `false` +- commitMode - Specifies the commit mode. Use `"git-cli"` to push changes using the Git CLI, or `"github-api"` to push changes via the GitHub API. When using `"github-api"`, all commits and tags are GPG-signed and attributed to the user or app who owns the `GITHUB_TOKEN`. Default to `git-cli`. - cwd - Changes node's `process.cwd()` if the project is not located on the root. Default to `process.cwd()` ### Outputs diff --git a/action.yml b/action.yml index d067082e..5b74beca 100644 --- a/action.yml +++ b/action.yml @@ -28,13 +28,14 @@ inputs: description: "A boolean value to indicate whether to create Github releases after `publish` or not" required: false default: true - commitUsingApi: + commitMode: description: > - A boolean value to indicate whether to push changes via Github API or not, - this will mean all commits and tags are signed using GitHub's GPG key, - and attributed to the user or app who owns the GITHUB_TOKEN + An enum to specify the commit mode. Use "git-cli" to push changes using the Git CLI, + or "github-api" to push changes via the GitHub API. When using "github-api", + all commits and tags are signed using GitHub's GPG key and attributed to the user + or app who owns the GITHUB_TOKEN. required: false - default: false + default: "git-cli" branch: description: Sets the branch in which the action will run. Default to `github.ref_name` if not provided required: false diff --git a/src/index.ts b/src/index.ts index 758f4096..8f9cd180 100644 --- a/src/index.ts +++ b/src/index.ts @@ -22,8 +22,12 @@ const getOptionalInput = (name: string) => core.getInput(name) || undefined; } const octokit = setupOctokit(githubToken); - const commitUsingApi = core.getBooleanInput("commitUsingApi"); - const git = new Git(commitUsingApi ? octokit : undefined); + const commitMode = getOptionalInput("commitMode") ?? "git-cli"; + if (commitMode !== "git-cli" && commitMode !== "github-api") { + core.setFailed(`Invalid commit mode: ${commitMode}`); + return; + } + const git = new Git(commitMode === "github-api" ? octokit : undefined); let setupGitUser = core.getBooleanInput("setupGitUser"); @@ -114,7 +118,7 @@ const getOptionalInput = (name: string) => core.getInput(name) || undefined; const octokit = setupOctokit(githubToken); const { pullRequestNumber } = await runVersion({ script: getOptionalInput("version"), - git: new Git(commitUsingApi ? octokit : undefined), + git, octokit, prTitle: getOptionalInput("title"), commitMessage: getOptionalInput("commit"),