You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@couchdb.apache.org by wi...@apache.org on 2022/10/25 07:37:24 UTC
[couchdb-helm] 01/01: inline GitHub actions
This is an automated email from the ASF dual-hosted git repository.
willholley pushed a commit to branch releaser-contents-permission
in repository https://gitbox.apache.org/repos/asf/couchdb-helm.git
commit ee1143a01aa8daf21cff0a13c5ccb9891fabf0a2
Author: Will Holley <wi...@uk.ibm.com>
AuthorDate: Tue Oct 25 08:31:00 2022 +0100
inline GitHub actions
Why:
ASF guidance is to [inline 3rd party GitHub actions](https://cwiki.apache.org/confluence/display/BUILDS/GitHub+Actions+status#GitHubActionsstatus-Security) as repository
submodules. This had already been done for the chart-releaser, chart-testing
and kind actions, but not for the helm-setup or create-pull-request
actionsl
What:
Inline the remaining 3rd party GitHub Actions as submodules. The
official GitHub Action (checkout) remains external.
This also grants the chart-releaser workflow `content:write` permissions
to allow it to create releases.
---
.github/workflows/chart-rebuild.yaml | 4 ++--
.github/workflows/chart-releaser.yaml | 4 ++--
.github/workflows/chart-test.yaml | 6 +++---
.gitmodules | 6 ++++++
4 files changed, 13 insertions(+), 7 deletions(-)
diff --git a/.github/workflows/chart-rebuild.yaml b/.github/workflows/chart-rebuild.yaml
index dc0ed36..945cd73 100644
--- a/.github/workflows/chart-rebuild.yaml
+++ b/.github/workflows/chart-rebuild.yaml
@@ -19,7 +19,7 @@ jobs:
fetch-depth: 0
- name: Set up Helm
- uses: azure/setup-helm@v3
+ uses: ./.github/actions/setup-helm
with:
version: v3.10.0
@@ -52,7 +52,7 @@ jobs:
- name: Create Pull Request
id: cpr
- uses: peter-evans/create-pull-request@v4
+ uses: ./.github/actions/create-pull-request
with:
commit-message: Rebuild index.yaml
title: Rebuild index.yaml
diff --git a/.github/workflows/chart-releaser.yaml b/.github/workflows/chart-releaser.yaml
index 648e3c1..eadf362 100644
--- a/.github/workflows/chart-releaser.yaml
+++ b/.github/workflows/chart-releaser.yaml
@@ -6,7 +6,7 @@ on:
- main
permissions:
- contents: read
+ contents: write
deployments: write
jobs:
@@ -26,7 +26,7 @@ jobs:
git config user.email "$GITHUB_ACTOR@users.noreply.github.com"
- name: Install Helm
- uses: azure/setup-helm@v3
+ uses: ./.github/actions/setup-helm
with:
version: v3.10.0
diff --git a/.github/workflows/chart-test.yaml b/.github/workflows/chart-test.yaml
index 5865e50..7197351 100644
--- a/.github/workflows/chart-test.yaml
+++ b/.github/workflows/chart-test.yaml
@@ -27,7 +27,7 @@ jobs:
submodules: recursive
- name: Set up Helm
- uses: azure/setup-helm@v3
+ uses: ./.github/actions/setup-helm
with:
version: v3.10.0
@@ -41,14 +41,14 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout
- uses: actions/checkout@v2
+ uses: actions/checkout@v3
with:
fetch-depth: 0
persist-credentials: false
submodules: recursive
- name: Set up Helm
- uses: azure/setup-helm@v3
+ uses: ./.github/actions/setup-helm
with:
version: v3.10.0
diff --git a/.gitmodules b/.gitmodules
index e7cadd5..70f3305 100644
--- a/.gitmodules
+++ b/.gitmodules
@@ -7,3 +7,9 @@
[submodule ".github/actions/chart-releaser-action"]
path = .github/actions/chart-releaser-action
url = https://github.com/helm/chart-releaser-action.git
+[submodule ".github/actions/setup-helm"]
+ path = .github/actions/setup-helm
+ url = https://github.com/Azure/setup-helm.git
+[submodule ".github/actions/create-pull-request"]
+ path = .github/actions/create-pull-request
+ url = https://github.com/peter-evans/create-pull-request.git