feat: signed commits (v7) (#3057)

* Add support for signed commits (#3055) * formatting * fix eslint and lint errors * shift setting the base to before the push * sign commits by default for testing * add debug lines * read to buffer not string and use non-legacy method to base64 * debug payload without contents * disable linter for debug code * fix filepath when using path input * try to fix head repo * remove commented code * Try refactor of file changes * add tests for building file changes * add build file changes test for binary files * refactor graphql code into github helper class * build file changes even when there is no diff * add function to get commit detail * fix format * build branch commits * use source mode for deleted files * try rest api route * fix check for branch existence * force push * try fix base tree * debug commit verification * debug commit verification * fix format and cleanup * add executable mode file to test * limit blob creation concurrency * only build commits when feature enabled * remove unused code * update readme link * update docs for commit signing * fix capital letter * update docs * add throttling * set default back to false * output head sha and verified status * log outputs * fix head sha output * default the operation output to none * output retryafter for secondary rate limit * use separate client for branch and pull operations * add maintainer-can-modify input * rename git-token to branch-token * fix branch token input * remove deprecated env output * update docs * fix doc * update docs * build branch commits when there is a diff with the base * check verification status of head commit when not known * fix verified output when no commit signing is being used * draft always-true * convert to draft on branch updates when there is a diff with base * update docs with blob size limit * catch errors during blob creation for debugging * parse empty commits * pass base commit to push signed commits * use parent commit details in create commit * use parent tree for base_tree * multipart tree creation * update docs * update readme about the permissions of the default token * fix edge case where changes are partially merged * add updating documentation * fix typo * update major version --------- Co-authored-by: Ravi <1299606+rustycl0ck@users.noreply.github.com>
2025-01-18 16:01:06 +01:00 · 2024-09-03 08:54:12 +01:00 · 2024-09-03 08:54:12 +01:00 · 4320041ed3
commit 4320041ed3
parent 0c2a66fe4a
20 changed files with 32759 additions and 8594 deletions
--- a/action.yml
+++ b/action.yml
@ -2,11 +2,11 @@ name: 'Create Pull Request'
 description: 'Creates a pull request for changes to your repository in the actions workspace'
 inputs:
  token:
-    description: 'GITHUB_TOKEN or a `repo` scoped Personal Access Token (PAT)'
+    description: 'The token that the action will use to create and update the pull request.'
    default: ${{ github.token }}
-  git-token:
+  branch-token:
    description: >
-      The Personal Access Token (PAT) that the action will use for git operations.
+      The token that the action will use to create and update the branch.
      Defaults to the value of `token`.
  path:
    description: >
@ -51,6 +51,9 @@ inputs:
      A fork of the checked out parent repository to which the pull request branch will be pushed.
      e.g. `owner/repo-fork`.
      The pull request will be created to merge the fork's branch into the parent's base.
+  sign-commits:
+    description: 'Sign commits as `github-actions[bot]` when using `GITHUB_TOKEN`, or your own bot when using GitHub App tokens.'
+    default: false
  title:
    description: 'The title of the pull request.'
    default: 'Changes by create-pull-request action'
@ -72,8 +75,13 @@ inputs:
  milestone:
    description: 'The number of the milestone to associate the pull request with.'
  draft:
-    description: 'Create a draft pull request. It is not possible to change draft status after creation except through the web interface'
+    description: >
+      Create a draft pull request.
+      Valid values are `true` (only on create), `always-true` (on create and update), and `false`.
    default: false
+  maintainer-can-modify:
+    description: 'Indicates whether maintainers can modify the pull request.'
+    default: true
 outputs:
  pull-request-number:
    description: 'The pull request number'