mirror of
https://github.com/supabase/supabase.git
synced 2026-05-07 06:27:16 +08:00
aa9a10e65d
GITHUB_TOKEN is no longer allowed to create PRs, so use the generated app token instead. <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Chores** * Improved authentication for automated sync workflows by switching to an app-generated token, enhancing reliability of automated documentation/troubleshooting syncs. <!-- end of auto-generated comment: release notes by coderabbit.ai -->
95 lines
3.5 KiB
YAML
95 lines
3.5 KiB
YAML
# Sync AI-generated troubleshooting guides from supabase/troubleshooting
|
|
|
|
name: Sync from supabase/troubleshooting
|
|
|
|
on:
|
|
repository_dispatch:
|
|
types: [sync_from_upstream]
|
|
workflow_dispatch:
|
|
|
|
permissions:
|
|
contents: write
|
|
pull-requests: write
|
|
|
|
jobs:
|
|
sync:
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
- name: Checkout supabase/supabase
|
|
uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0
|
|
with:
|
|
persist-credentials: true
|
|
|
|
- name: Install pnpm
|
|
uses: pnpm/action-setup@41ff72655975bd51cab0327fa583b6e92b6d3061 # v4.2.0
|
|
with:
|
|
run_install: false
|
|
|
|
- name: Use Node.js
|
|
uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
|
|
with:
|
|
node-version-file: '.nvmrc'
|
|
cache: 'pnpm'
|
|
|
|
- name: Install deps
|
|
run: pnpm install --frozen-lockfile
|
|
|
|
- name: Decode the GitHub App Private Key
|
|
id: decode
|
|
run: |
|
|
private_key=$(echo "${{ secrets.DOCS_GITHUB_APP_PRIVATE_KEY }}" | base64 --decode | awk 'BEGIN {ORS="\\n"} {print}' | head -c -2) &> /dev/null
|
|
echo "::add-mask::$private_key"
|
|
echo "private-key=$private_key" >> "$GITHUB_OUTPUT"
|
|
|
|
- name: Create GitHub App token for supabase/troubleshooting
|
|
id: app-token
|
|
uses: actions/create-github-app-token@67018539274d69449ef7c02e8e71183d1719ab42 # v2.1.4
|
|
with:
|
|
app-id: ${{ vars.DOCS_GITHUB_APP_ID }}
|
|
private-key: ${{ steps.decode.outputs.private-key }}
|
|
repositories: troubleshooting
|
|
permission-contents: read
|
|
|
|
- name: Checkout supabase/troubleshooting
|
|
uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0
|
|
with:
|
|
persist-credentials: false
|
|
token: ${{ steps.app-token.outputs.token }}
|
|
repository: supabase/troubleshooting
|
|
path: troubleshooting-upstream
|
|
|
|
- name: Generate PR token
|
|
id: pr-token
|
|
uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
|
|
with:
|
|
app-id: ${{ secrets.GH_AUTOFIX_APP_ID }}
|
|
private-key: ${{ secrets.GH_AUTOFIX_PRIVATE_KEY }}
|
|
|
|
- name: Sync supabase/troubleshooting changes back to supabase/supabase
|
|
env:
|
|
GH_TOKEN: ${{ steps.pr-token.outputs.token }}
|
|
run: |
|
|
git config user.name 'github-docs-bot'
|
|
git config user.email 'github-docs-bot@supabase.com'
|
|
BRANCH_NAME="bot/sync-troubleshooting"
|
|
EXISTING_BRANCH=$(git ls-remote --heads origin $BRANCH_NAME)
|
|
if [[ -n "$EXISTING_BRANCH" ]]; then
|
|
git push origin --delete $BRANCH_NAME
|
|
fi
|
|
git checkout -b $BRANCH_NAME
|
|
rsync --archive --verbose --ignore-existing ./troubleshooting-upstream/guides/ ./apps/docs/content/troubleshooting/
|
|
pnpm format
|
|
git add apps/docs/content/troubleshooting/
|
|
if git diff --quiet --cached; then
|
|
echo "No changes to sync"
|
|
exit 0
|
|
fi
|
|
git commit --message "Sync from supabase/troubleshooting"
|
|
git push origin $BRANCH_NAME
|
|
if gh pr list --state open --head $BRANCH_NAME --json number --jq '.[0].number' | grep -q .; then
|
|
gh pr comment "$BRANCH_NAME" --body "Updated troubleshooting sync with latest changes."
|
|
else
|
|
gh pr create --title "[bot] Sync from supabase/troubleshooting" --body "This PR syncs the latest troubleshooting guides from the supabase/troubleshooting repository." --head $BRANCH_NAME
|
|
fi
|