[llvm-branch-commits] [llvm] release/19.x: workflows/release-documentation: Submit a pull request with changes (#108247) (PR #110665)

Tue, 01 Oct 2024 07:38:14 -0700 

https://github.com/llvmbot created 
https://github.com/llvm/llvm-project/pull/110665

Backport 9cd289fa4a7355e1bfd3129ba9c755f979fd0a72

Requested by: @tstellar

>From abb161a4a11b2d0077e028a7a40cb570fcc9845a Mon Sep 17 00:00:00 2001
From: Tom Stellard <tstel...@redhat.com>
Date: Tue, 1 Oct 2024 06:12:03 -0700
Subject: [PATCH] workflows/release-documentation: Submit a pull request with
 changes (#108247)

This is instead of pushing directly. Creating a pull request is slightly
more work for the release manager, but it is more secure as we no longer
need a secret with write access to the www-releases repo.

(cherry picked from commit 9cd289fa4a7355e1bfd3129ba9c755f979fd0a72)
---
 .github/workflows/release-documentation.yml | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/release-documentation.yml 
b/.github/workflows/release-documentation.yml
index 70e5f08b6f72e2..922c5093f13579 100644
--- a/.github/workflows/release-documentation.yml
+++ b/.github/workflows/release-documentation.yml
@@ -72,17 +72,20 @@ jobs:
           ref: main
           fetch-depth: 0
           path: www-releases
+          persist-credentials: false
 
       - name: Upload Release Notes
         if: env.upload
         env:
-          WWW_RELEASES_TOKEN: ${{ secrets.WWW_RELEASES_TOKEN }}
+          GH_TOKEN: ${{ secrets.WWW_RELEASES_TOKEN }}
         run: |
-          mkdir -p ../www-releases/${{ inputs.release-version }}
-          mv ./docs-build/html-export/* ../www-releases/${{ 
inputs.release-version }}
-          cd ../www-releases
+          mkdir -p www-releases/${{ inputs.release-version }}
+          mv ./docs-build/html-export/* www-releases/${{ 
inputs.release-version }}
+          cd www-releases
+          git checkout -b ${{ inputs.release-version }}
           git add ${{ inputs.release-version }}
           git config user.email "llvm...@llvm.org"
           git config user.name "llvmbot"
           git commit -a -m "Add ${{ inputs.release-version }} documentation"
-          git push "https://$www_releases_to...@github.com/${{ 
github.repository_owner }}/www-releases" main:main
+          git push --force  
"https://$gh_to...@github.com/llvmbot/www-releases.git"; HEAD:refs/heads/${{ 
inputs.release-version }}
+          gh pr create -f -B main -H ${{ inputs.release-version }} -R 
llvmbot/www-releases

_______________________________________________
llvm-branch-commits mailing list
llvm-branch-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-branch-commits

Reply via email to