IBCornelsen/online-energieausweis
1
0
Fork 0
Code Issues 272 Pull Requests Actions Packages Projects 1 Releases Wiki Activity

Update

Browse Source
This commit is contained in:
Moritz Utcke
2025-04-28 16:40:49 -03:00
parent 3e09686cf6
commit 35c24b0380
1 changed files with 2 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
.github/workflows/auto-merge-staging-into-main.yml vendored
View File

@@ -33,43 +33,12 @@ jobs:
exit 1
fi
- name: Generate GitHub App Installation Token
run: |
echo "${{ secrets.IBCORNELSEN_APP_PRIVATE_KEY }}" > private-key.pem
chmod 600 private-key.pem
# Generate JWT
now=$(date +%s)
exp=$((now + 600)) # 10 minutes validity
header_base64=$(echo -n '{"alg":"RS256","typ":"JWT"}' | openssl base64 -e | tr -d '=' | tr '/+' '_-' | tr -d '\n')
payload_base64=$(echo -n "{\"iat\":$now,\"exp\":$exp,\"iss\":${{ secrets.IBCORNELSEN_APP_ID }}}" | openssl base64 -e | tr -d '=' | tr '/+' '_-' | tr -d '\n')
header_payload="${header_base64}.${payload_base64}"
signature=$(echo -n "$header_payload" | openssl dgst -sha256 -sign private-key.pem | openssl base64 -e | tr -d '=' | tr '/+' '_-' | tr -d '\n')
jwt="${header_payload}.${signature}"
# Request Installation Token
response=$(curl -s -X POST \
-H "Authorization: Bearer $jwt" \
-H "Accept: application/vnd.github+json" \
https://api.github.com/app/installations/${{ secrets.IBCORNELSEN_INSTALLATION_ID }}/access_tokens)
installation_token=$(echo "$response" | grep '"token"' | head -n 1 | cut -d '"' -f4)
# Save the token as a GitHub environment variable
echo "INSTALLATION_TOKEN=$installation_token" >> $GITHUB_ENV
echo $installation_token
# Clean up private key
rm -f private-key.pem
- name: Create or update PR from staging → main
if: steps.check.outcome == 'success'
id: cpr
uses: peter-evans/create-pull-request@v4
with:
token: ${{ env.INSTALLATION_TOKEN }} # Use the installation token here
token: ${{ secrets.GITHUB_TOKEN }}
commit-message: "chore: auto-merge staging into main"
branch: auto-merge/staging-to-main
base: main
@@ -83,7 +52,7 @@ jobs:
if: steps.cpr.outputs.pull-request-number != ''
uses: peter-evans/enable-pull-request-automerge@v3
with:
token: ${{ env.INSTALLATION_TOKEN }} # Use the installation token here
token: ${{ secrets.GITHUB_TOKEN }}
pull-request-number: ${{ steps.cpr.outputs.pull-request-number }}
merge-method: merge