Today we’re looking at ad-m/github-push-action, the third and final action related to pushing changes made during a GitHub Actions workflow run back to a repo.
What does it do?
github-push-action doesn’t handle committing files for you. It expects your workflow to add and commit any files you need and handles the act of pushing changes to GitHub.
You might be thinking that this seems like an odd action to build; surely it’s as simple as running
git push and it works? Unfortunately not! The repository provided in your workspace doesn’t have permission to push changes back so you need to configure your repo to use the
GITHUB_TOKEN provided in order to have write permission.
How does it work?
This action is an interesting one as it uses both
bash components to get the job done.
start.js is the main entry point, which allows the action to run
start.sh on Linux, MacOS and Windows runners.
Let’s take a look at
start.js first as it’s the main entry point:
- The action accepts both
repositoryisn’t provided it defaults to
GITHUB_REPOSITORYin the environment. If it is provided, that will be used as the destination repository, allowing your workflow to push to other repositories.
branchis provided it is used as-is. If it is not provided the script uses the GitHub API to fetch the default branch for the repo and uses that as the input value
- Finally, it executes
start.shensuring that both
What’s interesting to note here is that
start.js does not have any dependencies. It uses the
http module for making HTTP requests and the
child_process module to execute
actions/exec is typically used for this use case, but
github-push-action does not use any dependencies so that there is no build step required for the JS action.
Now, on to
- We see some new inputs that have defaults set in the script
false) which will run
git push --force
false) which will run
git push --tags
., the current directory) which controls which directory the push is run from
REPOSITORY, which is set to
GITHUB_REPOSITORY. This is a duplication of the logic in
GITHUB_TOKENsecret is required to push to the repo, so we check that it’s been set as
INPUT_FORCEis true then add
--forceto the push options
INPUT_TAGSis set then add
--tagsto the push options
- Configure the remote URL using the
- Push the current
Common use cases
As with the last post, this action is most useful for committing back changed files such as style fixes or build artefacts.
eslint and commit back:
name: Lint source codeon: pushjobs:run:name: Lint with ESLintruns-on: ubuntu-lateststeps:- name: Checkout repo- name: Set up Node.jswith:node-version: 12.x- name: Install dependenciesrun: npm install- name: Update source coderun: eslint "src/**" --fix- name: Commit filesrun: |git config --local user.email "41898282+github-actions[bot]@users.noreply.github.com"git config --local user.name "github-actions[bot]"git add srcgit commit -m "ESLint fixes"- name: Push changesuses: ad-m/[email protected]with:github_token: $branch: $
Or build your project and commit back the files:
name: Automatic Compileon: pushjobs:run:name: Compileruns-on: ubuntu-lateststeps:- name: Checkout repo- name: Set up Node.jswith:node-version: 12.x- name: Install dependenciesrun: npm install- name: Compilerun: npm run build- name: Commit filesrun: |git config --local user.email "41898282+github-actions[bot]@users.noreply.github.com"git config --local user.name "github-actions[bot]"git add libgit commit -m "Built files"- name: Push changesuses: ad-m/[email protected]with:github_token: $branch: $