diff --git a/README.md b/README.md index e6b3f5a..b1407d0 100644 --- a/README.md +++ b/README.md @@ -29,7 +29,7 @@ Add the following step at the end of your job, after other steps that might add # See the `pathspec`-documentation for git # - https://git-scm.com/docs/git-add#Documentation/git-add.txt-ltpathspecgt82308203 # - https://git-scm.com/docs/gitglossary#Documentation/gitglossary.txt-aiddefpathspecapathspec - file_pattern: src/*.js tests/*.js + file_pattern: src/*.js tests/*.js *.php # Optional local file path to the repository repository: . @@ -44,6 +44,7 @@ Add the following step at the end of your job, after other steps that might add tagging_message: 'v1.0.0' # Optional options appended to `git-push` + # See git-push documentation for details: https://git-scm.com/docs/git-push#_options push_options: '--force' # Optional: Disable dirty check and always try to create a commit and push @@ -124,18 +125,74 @@ storing the token as a secret in your repository and then passing the new token token: ${{ secrets.PAT }} ``` -### Unable to commit into PRs from forks +If you work in an organization and don't want to create a PAT from your personal account, we recommend using a [robot account](https://docs.github.com/en/github/getting-started-with-github/types-of-github-accounts) for the token. -GitHub currently prohibits Actions to push commits to forks, even when they created a PR and allow edits. -See [issue #25](https://github.com/stefanzweifel/git-auto-commit-action/issues/25) for more information. + +### Using the Action in forks from public repositories + +By default, this Action will not run on Pull Requests which have been opened by forks. (This is a limitation by GitHub, not by us.) + +If you want that a Workflow using this Action runs on Pull Requests opened by forks, 2 things have to be changed: + +1. In addition to listening to the `pull_request` event in your Workflow triggers, you have to add an additional event: `pull_request_target`. You can learn more about this event in [the GitHub docs](https://docs.github.com/en/actions/reference/events-that-trigger-workflows#pull_request_target). +2. GitHub Action has to be enabled on the forked repository. \ +For security reasons, GitHub does not automatically enable GitHub Actions on forks. The user has to explicitly enable GitHub Actions in the "Actions"-tab of the forked repository. (Mention this in your projects README or CONTRIBUTING.md!) + +After you have added the `pull_request_target` to your desired Workflow and the forked repository has enabled Actions and a new Pull Request is opened, the Workflow will run **on the forked repository**. + +Due to the fact that the Workflow is not run on the repository the Pull Request is opened in, you won't see any status indicators inside the Pull Request. + +#### Example + +The following workflow runs `php-cs-fixer` (a code linter and fixer for PHP) when a `pull_request` is opened. We've added the `pull_request_target`-trigger too, to make it work for forks. + +```yaml +name: Format PHP + +on: [pull_request, pull_request_target] + +jobs: + php-cs-fixer: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + with: + ref: ${{ github.head_ref }} + + - name: Run php-cs-fixer + uses: docker://oskarstark/php-cs-fixer-ga + + - uses: stefanzweifel/git-auto-commit-action@v4 + with: + commit_message: Apply php-cs-fixer changes +``` + +Next time a user forks your project **and** enabled GitHub Actions **and** opened a Pull Request, the Workflow will run on the the forked repository and will push commits to the same branch. + +Here's how the Pull Request will look like: + +![Screenshot of a Pull Request from a Fork](https://user-images.githubusercontent.com/1080923/90955964-9c74c080-e482-11ea-8097-aa7f5161f50e.png) + + +As you can see, your contributors have to go through hoops to make this work. For Workflows which runter linters and fixers (like the example above) we recommend running them when a push happens on the `master`-branch. + + +For more information about running Actions on forks, see [this announcement from GitHub](https://github.blog/2020-08-03-github-actions-improvements-for-fork-and-pull-request-workflows/). + +### Push to forks from private repositories + +By default, GitHub Actions doesn't run Workflows on forks from private repositories. To enable Actions for **private** repositories enable "Run workflows from pull requests" in your repository settings. + +See [this announcement from GitHub](https://github.blog/2020-08-03-github-actions-improvements-for-fork-and-pull-request-workflows/) or the [GitHub docs](https://docs.github.com/en/github/administering-a-repository/disabling-or-limiting-github-actions-for-a-repository#enabling-workflows-for-private-repository-forks) for details. ### Signing Commits & Other Git Command Line Options Using command lines options needs to be done manually for each workflow which you require the option enabled. So for example signing commits requires you to import the gpg signature each and every time. The following list of actions are worth checking out if you need to automate these tasks regulary + - [Import GPG Signature](https://github.com/crazy-max/ghaction-import-gpg) (Suggested by [TGTGamer](https://github.com/tgtgamer)) -## Troubleshooting +## Troubleshooting ### Action does not push commit to repository Make sure to [checkout the correct branch](#checkout-the-correct-branch).