From 10c3f0dcedc80dccf294f14ee2fc9fcd874c94bd Mon Sep 17 00:00:00 2001 From: Christian Hoffmann Date: Mon, 22 Aug 2022 22:16:45 +0200 Subject: [PATCH 1/2] Github: Fix bump-dependencies runs on existing PRs The workflow got permission errors from the Github API when trying to edit existing PRs which had already been added to an organization project. The reason for this is that the GITHUB_TOKEN of the run is scoped to the repo, but `gh edit` tries to fetch all fields of a PR which includes the inaccessible organization project field. Therefore, use `gh api` instead which can be used in a more fine-grained way. Fixes: https://github.com/jamulussoftware/jamulus/pull/2777#issuecomment-1222793504 --- .github/workflows/bump-dependencies.yml | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/.github/workflows/bump-dependencies.yml b/.github/workflows/bump-dependencies.yml index 5889ece4ac..b3373d6182 100644 --- a/.github/workflows/bump-dependencies.yml +++ b/.github/workflows/bump-dependencies.yml @@ -137,7 +137,14 @@ jobs: fi if [[ $existing_pr ]]; then existing_title="$(gh pr view "${existing_pr}" --json title --jq .title)" - gh pr edit "${existing_pr}" --title "${pr_title}" --body "${body}" + # Use Github's API directly instead of using `gh edit`. + # The latter internally queries all fields of the PR which leads to + # a permission error as the workflow does not have access to + # organization projects: + gh api --silent -H "Accept: application/vnd.github+json" --method PATCH \ + "/repos/${GITHUB_REPOSITORY}/pulls/${existing_pr}" \ + -f title="${pr_title}" \ + -f body="${body}" if [[ "${existing_title}" != "${pr_title}" ]]; then # If the title changed, this implies that we are updating the PR for a different version # (and not just rebasing it). Therefore, leave a comment to make that transparent: From d12aa80a2178648d1075803612395db442cb65c1 Mon Sep 17 00:00:00 2001 From: Christian Hoffmann Date: Mon, 22 Aug 2022 23:15:17 +0200 Subject: [PATCH 2/2] Github: Adjust bump-dependencies commit titles to dependabot-style Related: https://github.com/jamulussoftware/jamulus/pull/2787#issuecomment-1222783064 --- .github/workflows/bump-dependencies.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/bump-dependencies.yml b/.github/workflows/bump-dependencies.yml index b3373d6182..c3abdcef2e 100644 --- a/.github/workflows/bump-dependencies.yml +++ b/.github/workflows/bump-dependencies.yml @@ -114,7 +114,7 @@ jobs: # Therefore, use perl instead: perl -pe 's/${{ matrix.components.local_version_regex }}/${1}'"${upstream_version}"'${3}/gi' -i "${files[@]}" git add . - title="Build: Update ${{ matrix.components.name }} to ${upstream_version}" + title="Build: Bump ${{ matrix.components.name }} from ${local_version} to ${upstream_version}" pr_title="${title} (Automated PR)" existing_pr="$(gh pr list --head "${pr_branch}" --json number --jq '.[].number')" git commit -m "${title}"