From f15bbc9393869b38b59e23119cc7707b6558848d Mon Sep 17 00:00:00 2001 From: Antoine du Hamel Date: Tue, 10 Jun 2025 20:55:34 +0200 Subject: [PATCH 1/2] tools: edit commit-queue workflow file PR-URL: https://github.com/nodejs/node-private/pull/1 --- .github/workflows/commit-queue.yml | 37 +++++++++++++++--------------- 1 file changed, 18 insertions(+), 19 deletions(-) diff --git a/.github/workflows/commit-queue.yml b/.github/workflows/commit-queue.yml index e9e151ba3d2..e6ee8b05d88 100644 --- a/.github/workflows/commit-queue.yml +++ b/.github/workflows/commit-queue.yml @@ -1,6 +1,6 @@ # This action requires the following secrets to be set on the repository: -# GH_USER_NAME: GitHub user whose Jenkins and GitHub token are defined below # GH_USER_TOKEN: GitHub user token, to be used by ncu and to push changes +# JENKINS_USER: GitHub user whose Jenkins token is defined below # JENKINS_TOKEN: Jenkins token, to be used to check CI status name: Commit Queue @@ -25,7 +25,7 @@ jobs: get_mergeable_prs: permissions: pull-requests: read - if: github.repository == 'nodejs/node' + if: github.repository == 'nodejs/node-auto-test' runs-on: ubuntu-latest outputs: numbers: ${{ steps.get_mergeable_prs.outputs.numbers }} @@ -34,16 +34,16 @@ jobs: id: get_mergeable_prs run: | prs=$(gh pr list \ - --repo ${{ github.repository }} \ - --base ${{ github.ref_name }} \ + --repo "$GITHUB_REPOSITORY" \ + --base "$GITHUB_REF_NAME" \ --label 'commit-queue' \ --json 'number' \ --search "created:<=$(date --date="2 days ago" +"%Y-%m-%dT%H:%M:%S%z") -label:blocked" \ -t '{{ range . }}{{ .number }} {{ end }}' \ --limit 100) fast_track_prs=$(gh pr list \ - --repo ${{ github.repository }} \ - --base ${{ github.ref_name }} \ + --repo "$GITHUB_REPOSITORY" \ + --base "$GITHUB_REF_NAME" \ --label 'commit-queue' \ --label 'fast-track' \ --search "-label:blocked" \ @@ -51,24 +51,24 @@ jobs: -t '{{ range . }}{{ .number }} {{ end }}' \ --limit 100) numbers=$(echo $prs' '$fast_track_prs | jq -r -s 'unique | join(" ")') - echo "numbers=$numbers" >> $GITHUB_OUTPUT + echo "numbers=$numbers" >> "$GITHUB_OUTPUT" env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} commitQueue: needs: get_mergeable_prs if: needs.get_mergeable_prs.outputs.numbers != '' + permissions: + contents: write + pull-requests: write runs-on: ubuntu-latest steps: - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: - # Needs the whole git history for ncu to work - # See https://github.com/nodejs/node-core-utils/pull/486 - fetch-depth: 0 # A personal token is required because pushing with GITHUB_TOKEN will # prevent commits from running CI after they land. It needs # to be set here because `checkout` configures GitHub authentication # for push as well. - token: ${{ secrets.GH_USER_TOKEN }} + token: ${{ secrets.GITHUB_TOKEN }} # Install dependencies - name: Install Node.js @@ -80,24 +80,23 @@ jobs: - name: Set variables run: | - echo "REPOSITORY=$(echo ${{ github.repository }} | cut -d/ -f2)" >> $GITHUB_ENV - echo "OWNER=${{ github.repository_owner }}" >> $GITHUB_ENV + echo "REPOSITORY=$(echo "$GITHUB_REPOSITORY" | cut -d/ -f2)" >> "$GITHUB_ENV" - name: Configure @node-core/utils run: | - ncu-config set branch ${GITHUB_REF_NAME} + ncu-config set branch "${GITHUB_REF_NAME}" ncu-config set upstream origin ncu-config set username "$USERNAME" - ncu-config set token "$GH_TOKEN" + ncu-config set token "$GITHUB_TOKEN" ncu-config set jenkins_token "$JENKINS_TOKEN" ncu-config set repo "${REPOSITORY}" - ncu-config set owner "${OWNER}" + ncu-config set owner "${GITHUB_REPOSITORY_OWNER}" env: USERNAME: ${{ secrets.JENKINS_USER }} - GH_TOKEN: ${{ secrets.GH_USER_TOKEN }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} JENKINS_TOKEN: ${{ secrets.JENKINS_TOKEN }} - name: Start the Commit Queue - run: ./tools/actions/commit-queue.sh ${{ env.OWNER }} ${{ env.REPOSITORY }} ${{ needs.get_mergeable_prs.outputs.numbers }} + run: ./tools/actions/commit-queue.sh "${GITHUB_REPOSITORY_OWNER}" "${REPOSITORY}" ${{ needs.get_mergeable_prs.outputs.numbers }} env: - GITHUB_TOKEN: ${{ secrets.GH_USER_TOKEN }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} From a1b3efb97450eee815032c79d30bc747ecf37516 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 1 Oct 2025 16:03:15 +0000 Subject: [PATCH 2/2] meta: bump actions/cache from 4.2.3 to 4.3.0 Bumps [actions/cache](https://github.com/actions/cache) from 4.2.3 to 4.3.0. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/5a3ec84eff668545956fd18022155c47e93e2684...0057852bfaa89a56745cba8c7296529d2fc39830) --- updated-dependencies: - dependency-name: actions/cache dependency-version: 4.3.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/update-v8.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/update-v8.yml b/.github/workflows/update-v8.yml index 0b290e41ada..678211d305e 100644 --- a/.github/workflows/update-v8.yml +++ b/.github/workflows/update-v8.yml @@ -20,7 +20,7 @@ jobs: with: persist-credentials: false - name: Cache node modules and update-v8 - uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 id: cache-v8-npm env: cache-name: cache-v8-npm