diff --git a/.github/workflows/add-labels.yml b/.github/workflows/add-labels.yml index 3f3a3bb70..d1760238f 100644 --- a/.github/workflows/add-labels.yml +++ b/.github/workflows/add-labels.yml @@ -12,13 +12,8 @@ jobs: steps: - name: Checkout uses: actions/checkout@v3 - with: - ref: ${{ github.event.pull_request.head.ref }} - repository: ${{ github.event.pull_request.head.repo.full_name }} - token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} - uses: ./ with: helper: add-labels labels: Test Label - github_token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} diff --git a/.github/workflows/add-late-review-label.yml b/.github/workflows/add-late-review-label.yml index 19e5ba25c..c4868ab26 100644 --- a/.github/workflows/add-late-review-label.yml +++ b/.github/workflows/add-late-review-label.yml @@ -13,10 +13,6 @@ jobs: steps: - name: Checkout uses: actions/checkout@v3 - with: - ref: ${{ github.event.pull_request.head.ref }} - repository: ${{ github.event.pull_request.head.repo.full_name }} - token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} - uses: ./ with: diff --git a/.github/workflows/add-pr-approval-label.yml b/.github/workflows/add-pr-approval-label.yml index 829f79505..816da365a 100644 --- a/.github/workflows/add-pr-approval-label.yml +++ b/.github/workflows/add-pr-approval-label.yml @@ -13,10 +13,6 @@ jobs: steps: - name: Checkout uses: actions/checkout@v3 - with: - ref: ${{ github.event.pull_request.head.ref }} - repository: ${{ github.event.pull_request.head.repo.full_name }} - token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} - uses: ./ with: diff --git a/.github/workflows/approvals-satisfied.yml b/.github/workflows/approvals-satisfied.yml index 81af30b6d..a55cf8cb6 100644 --- a/.github/workflows/approvals-satisfied.yml +++ b/.github/workflows/approvals-satisfied.yml @@ -12,10 +12,6 @@ jobs: steps: - name: Checkout uses: actions/checkout@v3 - with: - ref: ${{ github.event.pull_request.head.ref }} - repository: ${{ github.event.pull_request.head.repo.full_name }} - token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} - uses: ./ id: approvals-satisfied diff --git a/.github/workflows/approve-pr.yml b/.github/workflows/approve-pr.yml index 76a62ac45..31f7dc229 100644 --- a/.github/workflows/approve-pr.yml +++ b/.github/workflows/approve-pr.yml @@ -12,10 +12,6 @@ jobs: steps: - name: Checkout uses: actions/checkout@v3 - with: - ref: ${{ github.event.pull_request.head.ref }} - repository: ${{ github.event.pull_request.head.repo.full_name }} - token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} - uses: ./ with: diff --git a/.github/workflows/assign-pr-reviewers.yml b/.github/workflows/assign-pr-reviewers.yml index f0f294702..b02aac367 100644 --- a/.github/workflows/assign-pr-reviewers.yml +++ b/.github/workflows/assign-pr-reviewers.yml @@ -13,10 +13,6 @@ jobs: steps: - name: Checkout uses: actions/checkout@v3 - with: - ref: ${{ github.event.pull_request.head.ref }} - repository: ${{ github.event.pull_request.head.repo.full_name }} - token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} - uses: ./ with: diff --git a/.github/workflows/check-merge-safety.yml b/.github/workflows/check-merge-safety.yml index 55c060538..3b019d6fd 100644 --- a/.github/workflows/check-merge-safety.yml +++ b/.github/workflows/check-merge-safety.yml @@ -22,4 +22,3 @@ jobs: override_filter_paths: | package.json package-lock.json - github_token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} diff --git a/.github/workflows/check-pr-title.yml b/.github/workflows/check-pr-title.yml index baec23f6c..52dd9fbdd 100644 --- a/.github/workflows/check-pr-title.yml +++ b/.github/workflows/check-pr-title.yml @@ -25,4 +25,3 @@ jobs: with: helper: check-pr-title # pattern: 'my-regex-pattern' (optional: pattern must be wrapped in single quotes) - github_token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/close-pr.yml b/.github/workflows/close-pr.yml index 1a4e9a854..55022eb30 100644 --- a/.github/workflows/close-pr.yml +++ b/.github/workflows/close-pr.yml @@ -7,6 +7,8 @@ on: paths: - 'src/helpers/close-pr.ts' +permissions: write-all + jobs: test: if: contains(github.event.pull_request.labels.*.name, 'CLOSE ME') @@ -14,13 +16,8 @@ jobs: steps: - name: Checkout uses: actions/checkout@v3 - with: - ref: ${{ github.event.pull_request.head.ref }} - repository: ${{ github.event.pull_request.head.repo.full_name }} - token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} - uses: ./ with: helper: close-pr body: Closing this PR for testing purposes! - github_token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} diff --git a/.github/workflows/create-pr-comment.yml b/.github/workflows/create-pr-comment.yml index 7fe004903..5e16a69f8 100644 --- a/.github/workflows/create-pr-comment.yml +++ b/.github/workflows/create-pr-comment.yml @@ -12,13 +12,8 @@ jobs: steps: - name: Checkout uses: actions/checkout@v3 - with: - ref: ${{ github.event.pull_request.head.ref }} - repository: ${{ github.event.pull_request.head.repo.full_name }} - token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} - uses: ./ with: helper: create-pr-comment body: Test Comment - github_token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} diff --git a/.github/workflows/create-pr.yml b/.github/workflows/create-pr.yml index 3287f6d3b..ac6b2f97a 100644 --- a/.github/workflows/create-pr.yml +++ b/.github/workflows/create-pr.yml @@ -5,6 +5,8 @@ on: branches: - create-pull-request +permissions: write-all + jobs: test: runs-on: ubuntu-latest @@ -17,6 +19,3 @@ jobs: helper: create-pr title: New PR body: Implemented new feature. Added tests. - github_token: ${{ secrets.GITHUB_TOKEN }} - -permissions: write-all diff --git a/.github/workflows/create-project-card.yml b/.github/workflows/create-project-card.yml index 31ab1de63..109b66224 100644 --- a/.github/workflows/create-project-card.yml +++ b/.github/workflows/create-project-card.yml @@ -12,14 +12,9 @@ jobs: steps: - name: Checkout uses: actions/checkout@v3 - with: - ref: ${{ github.event.pull_request.head.ref }} - repository: ${{ github.event.pull_request.head.repo.full_name }} - token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} - uses: ./ with: helper: create-project-card project_name: Test Project project_destination_column_name: Test Column 1 - github_token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} diff --git a/.github/workflows/deployments.yml b/.github/workflows/deployments.yml index de774a702..9921e4448 100644 --- a/.github/workflows/deployments.yml +++ b/.github/workflows/deployments.yml @@ -15,10 +15,6 @@ jobs: steps: - name: Checkout uses: actions/checkout@v3 - with: - ref: ${{ github.event.pull_request.head.ref }} - repository: ${{ github.event.pull_request.head.repo.full_name }} - token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} - uses: ./ with: @@ -26,7 +22,6 @@ jobs: sha: ${{ github.event.pull_request.head.sha }} environment: test description: PR#${{ github.event.pull_request.number }} has been merged; pipeline in progress... - github_token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} set-deployment-status: name: Set Deployment Status @@ -35,10 +30,6 @@ jobs: steps: - name: Checkout uses: actions/checkout@v3 - with: - ref: ${{ github.event.pull_request.head.ref }} - repository: ${{ github.event.pull_request.head.repo.full_name }} - token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} - uses: ./ with: @@ -48,7 +39,6 @@ jobs: state: success description: Deployment succeeded. target_url: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }} - github_token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} delete-deployment: name: Delete Deployment @@ -57,14 +47,9 @@ jobs: steps: - name: Checkout uses: actions/checkout@v3 - with: - ref: ${{ github.event.pull_request.head.ref }} - repository: ${{ github.event.pull_request.head.repo.full_name }} - token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} - uses: ./ with: helper: delete-deployment sha: ${{ github.event.pull_request.head.sha }} environment: test - github_token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} diff --git a/.github/workflows/filter-paths.yml b/.github/workflows/filter-paths.yml index 4e60d730a..51ba5bf77 100644 --- a/.github/workflows/filter-paths.yml +++ b/.github/workflows/filter-paths.yml @@ -12,10 +12,6 @@ jobs: steps: - name: Checkout uses: actions/checkout@v3 - with: - ref: ${{ github.event.pull_request.head.ref }} - repository: ${{ github.event.pull_request.head.repo.full_name }} - token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} - uses: ./ id: paths @@ -25,7 +21,6 @@ jobs: src package.json yarn.lock - github_token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} - if: steps.paths.outputs.output == 'true' run: echo "One of those file paths changed!" diff --git a/.github/workflows/generate-path-matrix.yml b/.github/workflows/generate-path-matrix.yml index 3bc9f0a26..3285233af 100644 --- a/.github/workflows/generate-path-matrix.yml +++ b/.github/workflows/generate-path-matrix.yml @@ -22,7 +22,6 @@ jobs: src/helpers/generate-path-matrix.ts package/two package/three - github_token: ${{ secrets.GITHUB_TOKEN }} outputs: matrix: ${{ steps.path_matrix.outputs.output }} diff --git a/.github/workflows/get-changed-files.yml b/.github/workflows/get-changed-files.yml index acf6fc0b8..5a4265948 100644 --- a/.github/workflows/get-changed-files.yml +++ b/.github/workflows/get-changed-files.yml @@ -12,15 +12,10 @@ jobs: steps: - name: Checkout uses: actions/checkout@v3 - with: - ref: ${{ github.event.pull_request.head.ref }} - repository: ${{ github.event.pull_request.head.repo.full_name }} - token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} - uses: ./ id: changed with: helper: get-changed-files - github_token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} - run: echo "Changed files are ${{ steps.changed.outputs.output }}" diff --git a/.github/workflows/manage-merge-queue.yml b/.github/workflows/manage-merge-queue.yml index 508744684..941131f49 100644 --- a/.github/workflows/manage-merge-queue.yml +++ b/.github/workflows/manage-merge-queue.yml @@ -15,12 +15,7 @@ jobs: steps: - name: Checkout uses: actions/checkout@v3 - with: - ref: ${{ github.event.pull_request.head.ref }} - repository: ${{ github.event.pull_request.head.repo.full_name }} - token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} - uses: ./ with: helper: manage-merge-queue - github_token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} # must have repo:write permission diff --git a/.github/workflows/move-project-card.yml b/.github/workflows/move-project-card.yml index 7c8aa47a6..15f409952 100644 --- a/.github/workflows/move-project-card.yml +++ b/.github/workflows/move-project-card.yml @@ -12,10 +12,6 @@ jobs: steps: - name: Checkout uses: actions/checkout@v3 - with: - ref: ${{ github.event.pull_request.head.ref }} - repository: ${{ github.event.pull_request.head.repo.full_name }} - token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} - uses: ./ with: @@ -23,4 +19,3 @@ jobs: project_name: Test Project project_origin_column_name: Test Column 1 project_destination_column_name: Test Column 2 - github_token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} diff --git a/.github/workflows/notify-pipeline-complete.yml b/.github/workflows/notify-pipeline-complete.yml index c41115135..4e12fbd34 100644 --- a/.github/workflows/notify-pipeline-complete.yml +++ b/.github/workflows/notify-pipeline-complete.yml @@ -12,12 +12,7 @@ jobs: steps: - name: Checkout uses: actions/checkout@v3 - with: - ref: ${{ github.event.pull_request.head.ref }} - repository: ${{ github.event.pull_request.head.repo.full_name }} - token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} - uses: ./ with: helper: notify-pipeline-complete - github_token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} diff --git a/.github/workflows/prepare-queued-pr-for-merge.yml b/.github/workflows/prepare-queued-pr-for-merge.yml index 03e8fdbf2..90bb93bdc 100644 --- a/.github/workflows/prepare-queued-pr-for-merge.yml +++ b/.github/workflows/prepare-queued-pr-for-merge.yml @@ -16,4 +16,3 @@ jobs: - uses: ./ with: helper: prepare-queued-pr-for-merge - github_token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} # must have repo:write permission diff --git a/.github/workflows/remove-label.yml b/.github/workflows/remove-label.yml index 60456d7ea..1d600a527 100644 --- a/.github/workflows/remove-label.yml +++ b/.github/workflows/remove-label.yml @@ -12,13 +12,8 @@ jobs: steps: - name: Checkout uses: actions/checkout@v3 - with: - ref: ${{ github.event.pull_request.head.ref }} - repository: ${{ github.event.pull_request.head.repo.full_name }} - token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} - uses: ./ with: helper: remove-label label: Test Label - github_token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} diff --git a/.github/workflows/remove-pr-from-merge-queue.yml b/.github/workflows/remove-pr-from-merge-queue.yml index 379baff6c..3598adae7 100644 --- a/.github/workflows/remove-pr-from-merge-queue.yml +++ b/.github/workflows/remove-pr-from-merge-queue.yml @@ -12,13 +12,8 @@ jobs: steps: - name: Checkout uses: actions/checkout@v3 - with: - ref: ${{ github.event.pull_request.head.ref }} - repository: ${{ github.event.pull_request.head.repo.full_name }} - token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} - uses: ./ with: helper: remove-pr-from-merge-queue seconds: 3600 - github_token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} diff --git a/.github/workflows/rerun-pr-checks.yml b/.github/workflows/rerun-pr-checks.yml index 001f9b9c0..2bb4119af 100644 --- a/.github/workflows/rerun-pr-checks.yml +++ b/.github/workflows/rerun-pr-checks.yml @@ -11,18 +11,12 @@ jobs: steps: - name: Checkout uses: actions/checkout@v3 - with: - ref: ${{ github.event.pull_request.head.ref }} - repository: ${{ github.event.pull_request.head.repo.full_name }} - token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} - uses: ./ with: helper: rerun-pr-checks - github_token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} - uses: ./ with: helper: remove-label label: RE-RUN PR CHECKS - github_token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/set-commit-status.yml b/.github/workflows/set-commit-status.yml index 03d883caf..c80245904 100644 --- a/.github/workflows/set-commit-status.yml +++ b/.github/workflows/set-commit-status.yml @@ -20,4 +20,3 @@ jobs: context: Commit Status Test state: success description: set-commit-status is working! - github_token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} diff --git a/.github/workflows/set-latest-pipeline-status.yml b/.github/workflows/set-latest-pipeline-status.yml index e52b4eaab..3373c30ba 100644 --- a/.github/workflows/set-latest-pipeline-status.yml +++ b/.github/workflows/set-latest-pipeline-status.yml @@ -12,13 +12,8 @@ jobs: steps: - name: Checkout uses: actions/checkout@v3 - with: - ref: ${{ github.event.pull_request.head.ref }} - repository: ${{ github.event.pull_request.head.repo.full_name }} - token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} - uses: ./ with: helper: set-latest-pipeline-status sha: ${{ github.event.pull_request.head.sha }} - github_token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index fab01334f..4b7fe665e 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -11,10 +11,6 @@ jobs: steps: - name: Checkout uses: actions/checkout@v3 - with: - ref: ${{ github.event.pull_request.head.ref }} - repository: ${{ github.event.pull_request.head.repo.full_name }} - token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN || secrets.GITHUB_TOKEN }} - name: Validate package.json uses: ExpediaGroup/package-json-validator@v1 diff --git a/README.md b/README.md index 83ee02936..db10901ca 100644 --- a/README.md +++ b/README.md @@ -8,12 +8,10 @@ ```yaml uses: ExpediaGroup/github-helpers@v1 with: - helper: < HELPER NAME > - ... - github_token: ${{ secrets.GITHUB_TOKEN }} + helper: ``` -The `helper` and `github_token` inputs are required for all helpers. Additional inputs vary by helper. Each helper file in `src/helpers` contains an interface that defines which additional inputs are required or optional. If a required input is ommitted, the helper will throw a descriptive error. +The `helper` input is required for all helpers, and the `github_token` input defaults to the included workflow token `${{ github.token }}`. Additional inputs vary by helper. Each helper file in `src/helpers` contains an interface that defines which additional inputs are required or optional. If a required input is ommitted, the helper will throw a descriptive error. ### Example Input interface in `src/helpers/set-commit-status.ts`: @@ -35,7 +33,6 @@ with: context: My Context state: success description: My Description - github_token: ${{ secrets.GITHUB_TOKEN }} ``` ## Available Helpers diff --git a/action.yml b/action.yml index ab211539f..4ff3f9679 100644 --- a/action.yml +++ b/action.yml @@ -6,7 +6,8 @@ inputs: required: true github_token: description: 'The github token' - required: true + required: false + default: ${{ github.token }} body: description: 'The comment body' required: false diff --git a/dist/action.yml b/dist/action.yml index ab211539f..4ff3f9679 100644 --- a/dist/action.yml +++ b/dist/action.yml @@ -6,7 +6,8 @@ inputs: required: true github_token: description: 'The github token' - required: true + required: false + default: ${{ github.token }} body: description: 'The comment body' required: false diff --git a/templates/workflow.hbs b/templates/workflow.hbs index 512886b32..3b0c2bc6d 100644 --- a/templates/workflow.hbs +++ b/templates/workflow.hbs @@ -12,12 +12,7 @@ jobs: steps: - name: Checkout uses: actions/checkout@v3 - with: - ref: $\{{ github.event.pull_request.head.ref }} - repository: $\{{ github.event.pull_request.head.repo.full_name }} - token: $\{{ secrets.GH_PERSONAL_ACCESS_TOKEN }} - uses: ./ with: helper: {{ dashCase helper }} - github_token: $\{{ secrets.GH_PERSONAL_ACCESS_TOKEN }}