Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

✨ Verified commits when using GH_INSTALLATION_TOKEN as authentication #153

Merged
merged 1 commit into from
Feb 8, 2022
Merged

✨ Verified commits when using GH_INSTALLATION_TOKEN as authentication #153

merged 1 commit into from
Feb 8, 2022

Conversation

alvarezfr
Copy link
Contributor

Related with #150.

This PR tries to replace the way that the commits are created when using GH_INSTALLATION_TOKEN as authentication.

Some resources:

When using the API to create the commits for the bots, we will get the verified flag for each bot commit, similar to the commits created by dependabot:
image

alvarezfr
alvarezfr commented Dec 28, 2021
View reviewed changes
src/git.js Show resolved Hide resolved
alvarezfr
alvarezfr commented Dec 28, 2021
View reviewed changes
src/git.js Show resolved Hide resolved
alvarezfr
alvarezfr commented Dec 28, 2021
View reviewed changes
src/git.js Show resolved Hide resolved
alvarezfr
alvarezfr commented Dec 28, 2021
View reviewed changes
src/git.js Show resolved Hide resolved
BetaHuhn
BetaHuhn reviewed Dec 29, 2021
View reviewed changes
Copy link
Owner

@BetaHuhn BetaHuhn left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks great, thanks for the comments explaining some of the changes!

src/git.js Show resolved Hide resolved
src/git.js Show resolved Hide resolved
@BetaHuhn
Copy link
Owner

I will test this a bit more and merge this sometime this week.

@BetaHuhn BetaHuhn changed the base branch from master to develop February 8, 2022 13:18
@BetaHuhn BetaHuhn changed the title Feature: verified commits when using GH_INSTALLATION_TOKEN as authentication ✨ Verified commits when using GH_INSTALLATION_TOKEN as authentication Feb 8, 2022
@BetaHuhn BetaHuhn merged commit a547f3c into BetaHuhn:develop Feb 8, 2022
@BetaHuhnBot
Copy link
Collaborator

🎉 This PR is included in version 1.17.0 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀

@alvarezfr alvarezfr deleted the feature/verified_commits branch February 9, 2022 22:32
@alvarezfr alvarezfr mentioned this pull request Feb 9, 2022
Merged
@ndom91 ndom91 mentioned this pull request Feb 13, 2022
Closed
This was referenced Jul 8, 2022
Closed
Merged
BetaHuhn pushed a commit that referenced this pull request Aug 13, 2022
@Nef10
🐛 Fix SKIP_PR option for runs with installation token (#232)
b598643 
The original implementation for signed commits in #153 did not
consider the `SKIP_PR` flag - if used together with an installation
token it fails now.

This change adds support by:
1) comparing changes against the remote branch, as base branch and HEAD
   are the same
2) Skipping pr branch creation
3) using the base instead of the undefined prBranch as upload target
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@BetaHuhn BetaHuhn BetaHuhn approved these changes

Assignees
No one assigned
Labels
released
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@alvarezfr @BetaHuhn @BetaHuhnBot