From 5804923472d3e15df0b1352007c5472547452926 Mon Sep 17 00:00:00 2001 From: David Costa Date: Fri, 19 Apr 2024 23:01:21 +0100 Subject: [PATCH 1/2] chore: disable terraform-docs push when on forks and sign commit --- .github/workflows/ci.yaml | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 1ca02d5..51ba20d 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -5,6 +5,11 @@ on: jobs: ci: runs-on: ubuntu-latest + permissions: + # Give the default GITHUB_TOKEN write permission to commit and push the + # added or changed files to the repository. + contents: write + steps: # Setup dependencies - uses: actions/checkout@v4 @@ -34,5 +39,17 @@ jobs: output-method: inject fail-on-diff: true args: --lockfile=false - git-push: "true" # automatically push the changes to the branch + git-push: 'false' + # Push Terraform-docs changes + - uses: planetscale/ghcommit-action@v0.1.35 + # Run this step even if previous steps fails (there are changes to commit) + # but skip when on forks + if: ${{ !cancelled() && github.repository_owner == 'runatlantis' }} + with: + commit_message: "terraform-docs: automated action" + repo: ${{ github.repository }} + branch: ${{ github.head_ref || github.ref_name }} + file_pattern: 'README.md' + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} From 1aef1f6e7034e5fdd29e601b533f97722c4e9254 Mon Sep 17 00:00:00 2001 From: David Costa Date: Sat, 20 Apr 2024 00:19:51 +0100 Subject: [PATCH 2/2] chore: add instructions to run tfdocs locally for forks in summary --- .github/workflows/ci.yaml | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 51ba20d..35959c2 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -33,6 +33,7 @@ jobs: # Terraform-docs - uses: terraform-docs/gh-actions@v1.1.0 + id: terraform-docs with: working-dir: . output-file: README.md @@ -53,3 +54,15 @@ jobs: file_pattern: 'README.md' env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + # Print instructions to run terraform-docs locally if changes are needed and workflow is running on fork + - if: ${{ !cancelled() && github.repository_owner != 'runatlantis' && steps.terraform-docs.outputs.num_changed > 0 }} + run: | + echo '### Please run terraform-docs locally and commit the changes:' >> $GITHUB_STEP_SUMMARY + echo '' >> $GITHUB_STEP_SUMMARY + echo '```sh' >> $GITHUB_STEP_SUMMARY + echo 'docker run --rm --volume "$(pwd):/terraform-docs" -u $(id -u) quay.io/terraform-docs/terraform-docs:0.17.0 markdown --output-file README.md --output-mode inject /terraform-docs' >> $GITHUB_STEP_SUMMARY + echo 'git add README.md' >> $GITHUB_STEP_SUMMARY + echo 'git commit --amend --no-edit' >> $GITHUB_STEP_SUMMARY + echo '```' >> $GITHUB_STEP_SUMMARY + echo '' >> $GITHUB_STEP_SUMMARY