From 139c55774253e6073d508b2377b5b64afaf2fe55 Mon Sep 17 00:00:00 2001
From: Peter Evans <18365890+peter-evans@users.noreply.github.com>
Date: Wed, 14 Aug 2024 21:50:59 +0000
Subject: [PATCH] output head sha and verified status
---
README.md | 1 +
dist/index.js | 49 ++++++++++++++++++++++++--------------
src/create-pull-request.ts | 39 +++++++++++++++++++-----------
src/github-helper.ts | 26 ++++++++++++++------
4 files changed, 76 insertions(+), 39 deletions(-)
diff --git a/README.md b/README.md
index c79d464..8fc1205 100644
--- a/README.md
+++ b/README.md
@@ -119,6 +119,7 @@ The following outputs can be used by subsequent workflow steps.
- `pull-request-operation` - The pull request operation performed by the action, `created`, `updated` or `closed`.
- `pull-request-head-sha` - The commit SHA of the pull request branch.
- `pull-request-branch` - The branch name of the pull request.
+- `pull-request-commits-verified` - Whether GitHub considers the signature of the branch's commits to be verified; `true` or `false`.
Step outputs can be accessed as in the following example.
Note that in order to read the step outputs the action step must have an id.
diff --git a/dist/index.js b/dist/index.js
index e07aa85..5bd06a8 100644
--- a/dist/index.js
+++ b/dist/index.js
@@ -450,9 +450,13 @@ function createPullRequest(inputs) {
core.info(`Configured git committer as '${parsedCommitter.name} <${parsedCommitter.email}>'`);
core.info(`Configured git author as '${parsedAuthor.name} <${parsedAuthor.email}>'`);
core.endGroup();
+ // Action outputs
+ const outputs = new Map();
+ outputs.set('pull-request-commits-verified', 'false');
// Create or update the pull request branch
core.startGroup('Create or update the pull request branch');
const result = yield (0, create_or_update_branch_1.createOrUpdateBranch)(git, inputs.commitMessage, inputs.base, inputs.branch, branchRemoteName, inputs.signoff, inputs.addPaths, inputs.signCommits);
+ outputs.set('pull-request-head-sha', result.headSha);
// Set the base. It would have been '' if not specified as an input
inputs.base = result.base;
core.endGroup();
@@ -463,7 +467,9 @@ function createPullRequest(inputs) {
// Create signed commits via the GitHub API
const stashed = yield git.stashPush(['--include-untracked']);
yield git.checkout(inputs.branch);
- yield githubHelper.pushSignedCommits(result.branchCommits, result.baseSha, repoPath, branchRepository, inputs.branch);
+ const pushSignedCommitsResult = yield githubHelper.pushSignedCommits(result.branchCommits, result.baseSha, repoPath, branchRepository, inputs.branch);
+ outputs.set('pull-request-head-sha', pushSignedCommitsResult.sha);
+ outputs.set('pull-request-commits-verified', pushSignedCommitsResult.verified.toString());
yield git.checkout('-');
if (stashed) {
yield git.stashPop();
@@ -483,21 +489,18 @@ function createPullRequest(inputs) {
core.startGroup('Create or update the pull request');
const pull = yield githubHelper.createOrUpdatePullRequest(inputs, baseRemote.repository, branchRepository);
core.endGroup();
- // Set outputs
- core.startGroup('Setting outputs');
- core.setOutput('pull-request-number', pull.number);
- core.setOutput('pull-request-url', pull.html_url);
+ outputs.set('pull-request-number', pull.number.toString());
+ outputs.set('pull-request-url', pull.html_url);
if (pull.created) {
- core.setOutput('pull-request-operation', 'created');
+ outputs.set('pull-request-operation', 'created');
}
else if (result.action == 'updated') {
- core.setOutput('pull-request-operation', 'updated');
+ outputs.set('pull-request-operation', 'updated');
}
- core.setOutput('pull-request-head-sha', result.headSha);
- core.setOutput('pull-request-branch', inputs.branch);
+ outputs.set('pull-request-head-sha', result.headSha);
+ outputs.set('pull-request-branch', inputs.branch);
// Deprecated
core.exportVariable('PULL_REQUEST_NUMBER', pull.number);
- core.endGroup();
}
else {
// There is no longer a diff with the base
@@ -512,13 +515,16 @@ function createPullRequest(inputs) {
branchRemoteName,
`refs/heads/${inputs.branch}`
]);
- // Set outputs
- core.startGroup('Setting outputs');
- core.setOutput('pull-request-operation', 'closed');
- core.endGroup();
+ outputs.set('pull-request-operation', 'closed');
}
}
}
+ // Set outputs
+ core.startGroup('Setting outputs');
+ for (const [key, value] of outputs) {
+ core.setOutput(key, value);
+ }
+ core.endGroup();
}
catch (error) {
core.setFailed(utils.getErrorMessage(error));
@@ -1277,11 +1283,15 @@ class GitHubHelper {
}
pushSignedCommits(branchCommits, baseSha, repoPath, branchRepository, branch) {
return __awaiter(this, void 0, void 0, function* () {
- let headSha = baseSha;
+ let headCommit = {
+ sha: baseSha,
+ verified: false
+ };
for (const commit of branchCommits) {
- headSha = yield this.createCommit(commit, [headSha], repoPath, branchRepository);
+ headCommit = yield this.createCommit(commit, [headCommit.sha], repoPath, branchRepository);
}
- yield this.createOrUpdateRef(branchRepository, branch, headSha);
+ yield this.createOrUpdateRef(branchRepository, branch, headCommit.sha);
+ return headCommit;
});
}
createCommit(commit, parents, repoPath, branchRepository) {
@@ -1312,7 +1322,10 @@ class GitHubHelper {
const { data: remoteCommit } = yield this.octokit.rest.git.createCommit(Object.assign(Object.assign({}, repository), { parents: parents, tree: treeSha, message: `${commit.subject}\n\n${commit.body}` }));
core.info(`Created commit ${remoteCommit.sha} for local commit ${commit.sha}`);
core.info(`Commit verified: ${remoteCommit.verification.verified}; reason: ${remoteCommit.verification.reason}`);
- return remoteCommit.sha;
+ return {
+ sha: remoteCommit.sha,
+ verified: remoteCommit.verification.verified
+ };
});
}
createOrUpdateRef(branchRepository, branch, newHead) {
diff --git a/src/create-pull-request.ts b/src/create-pull-request.ts
index 5c77199..afaaef3 100644
--- a/src/create-pull-request.ts
+++ b/src/create-pull-request.ts
@@ -175,6 +175,10 @@ export async function createPullRequest(inputs: Inputs): Promise<void> {
)
core.endGroup()
+ // Action outputs
+ const outputs = new Map<string, string>()
+ outputs.set('pull-request-commits-verified', 'false')
+
// Create or update the pull request branch
core.startGroup('Create or update the pull request branch')
const result = await createOrUpdateBranch(
@@ -187,6 +191,7 @@ export async function createPullRequest(inputs: Inputs): Promise<void> {
inputs.addPaths,
inputs.signCommits
)
+ outputs.set('pull-request-head-sha', result.headSha)
// Set the base. It would have been '' if not specified as an input
inputs.base = result.base
core.endGroup()
@@ -200,13 +205,18 @@ export async function createPullRequest(inputs: Inputs): Promise<void> {
// Create signed commits via the GitHub API
const stashed = await git.stashPush(['--include-untracked'])
await git.checkout(inputs.branch)
- await githubHelper.pushSignedCommits(
+ const pushSignedCommitsResult = await githubHelper.pushSignedCommits(
result.branchCommits,
result.baseSha,
repoPath,
branchRepository,
inputs.branch
)
+ outputs.set('pull-request-head-sha', pushSignedCommitsResult.sha)
+ outputs.set(
+ 'pull-request-commits-verified',
+ pushSignedCommitsResult.verified.toString()
+ )
await git.checkout('-')
if (stashed) {
await git.stashPop()
@@ -231,20 +241,17 @@ export async function createPullRequest(inputs: Inputs): Promise<void> {
)
core.endGroup()
- // Set outputs
- core.startGroup('Setting outputs')
- core.setOutput('pull-request-number', pull.number)
- core.setOutput('pull-request-url', pull.html_url)
+ outputs.set('pull-request-number', pull.number.toString())
+ outputs.set('pull-request-url', pull.html_url)
if (pull.created) {
- core.setOutput('pull-request-operation', 'created')
+ outputs.set('pull-request-operation', 'created')
} else if (result.action == 'updated') {
- core.setOutput('pull-request-operation', 'updated')
+ outputs.set('pull-request-operation', 'updated')
}
- core.setOutput('pull-request-head-sha', result.headSha)
- core.setOutput('pull-request-branch', inputs.branch)
+ outputs.set('pull-request-head-sha', result.headSha)
+ outputs.set('pull-request-branch', inputs.branch)
// Deprecated
core.exportVariable('PULL_REQUEST_NUMBER', pull.number)
- core.endGroup()
} else {
// There is no longer a diff with the base
// Check we are in a state where a branch exists
@@ -260,13 +267,17 @@ export async function createPullRequest(inputs: Inputs): Promise<void> {
branchRemoteName,
`refs/heads/${inputs.branch}`
])
- // Set outputs
- core.startGroup('Setting outputs')
- core.setOutput('pull-request-operation', 'closed')
- core.endGroup()
+ outputs.set('pull-request-operation', 'closed')
}
}
}
+
+ // Set outputs
+ core.startGroup('Setting outputs')
+ for (const [key, value] of outputs) {
+ core.setOutput(key, value)
+ }
+ core.endGroup()
} catch (error) {
core.setFailed(utils.getErrorMessage(error))
} finally {
diff --git a/src/github-helper.ts b/src/github-helper.ts
index 5423603..f053e13 100644
--- a/src/github-helper.ts
+++ b/src/github-helper.ts
@@ -21,6 +21,11 @@ interface Pull {
created: boolean
}
+interface CommitResponse {
+ sha: string
+ verified: boolean
+}
+
type TreeObject = {
path: string
mode: '100644' | '100755' | '040000' | '160000' | '120000'
@@ -203,17 +208,21 @@ export class GitHubHelper {
repoPath: string,
branchRepository: string,
branch: string
- ): Promise<void> {
- let headSha = baseSha
+ ): Promise<CommitResponse> {
+ let headCommit: CommitResponse = {
+ sha: baseSha,
+ verified: false
+ }
for (const commit of branchCommits) {
- headSha = await this.createCommit(
+ headCommit = await this.createCommit(
commit,
- [headSha],
+ [headCommit.sha],
repoPath,
branchRepository
)
}
- await this.createOrUpdateRef(branchRepository, branch, headSha)
+ await this.createOrUpdateRef(branchRepository, branch, headCommit.sha)
+ return headCommit
}
private async createCommit(
@@ -221,7 +230,7 @@ export class GitHubHelper {
parents: string[],
repoPath: string,
branchRepository: string
- ): Promise<string> {
+ ): Promise<CommitResponse> {
const repository = this.parseRepository(branchRepository)
let treeSha = commit.tree
if (commit.changes.length > 0) {
@@ -270,7 +279,10 @@ export class GitHubHelper {
core.info(
`Commit verified: ${remoteCommit.verification.verified}; reason: ${remoteCommit.verification.reason}`
)
- return remoteCommit.sha
+ return {
+ sha: remoteCommit.sha,
+ verified: remoteCommit.verification.verified
+ }
}
private async createOrUpdateRef(