@@ -109,53 +109,13 @@ jobs:
109109 echo "No change in package.json, not regenerating third-party notices"
110110 fi
111111
112- name : Temporarily disable "required_pull_request_reviews" branch protection
113- id : disable-branch-protection
114- if : always()
115- uses : actions/github-script@v1
116- with :
117- github-token : ${{ secrets.OPENSOURCE_BOT_TOKEN }}
118- previews : luke-cage-preview
119- script : |
120- const result = await github.repos.updateBranchProtection({
121- owner: context.repo.owner,
122- repo: context.repo.repo,
123- branch: 'main',
124- required_status_checks: null,
125- restrictions: null,
126- enforce_admins: null,
127- required_pull_request_reviews: null
128- })
129- console.log("Result:", result)
130-
131112name : Push Commit
132113 if : steps.generate-notices.outputs.commit == 'true'
133114 uses : ad-m/github-push-action@v0.6.0
134115 with :
135116 github_token : ${{ secrets.OPENSOURCE_BOT_TOKEN }}
136117 branch : main
137118
138- - name : Re-enable "required_pull_request_reviews" branch protection
139- id : enable-branch-protection
140- if : always()
141- uses : actions/github-script@v1
142- with :
143- github-token : ${{ secrets.OPENSOURCE_BOT_TOKEN }}
144- previews : luke-cage-preview
145- script : |
146- const result = await github.repos.updateBranchProtection({
147- owner: context.repo.owner,
148- repo: context.repo.repo,
149- branch: 'main',
150- required_status_checks: null,
151- restrictions: null,
152- enforce_admins: null,
153- required_pull_request_reviews: {
154- required_approving_review_count: 1
155- }
156- })
157- console.log("Result:", result)
158-
159119 job-generate-release :
160120 runs-on : ubuntu-latest
161121 needs : [job-checkout-and-build, job-generate-third-party-notices]
@@ -166,6 +126,7 @@ jobs:
166126 uses : actions/checkout@v2
167127 with :
168128 ref : main
129+ persist-credentials : false
169130
170131 - name : Setup Node.js
171132 uses : actions/setup-node@v1
@@ -175,25 +136,6 @@ jobs:
175136 - name : Install dependencies
176137 run : npm ci
177138
178- - name : Temporarily disable "required_pull_request_reviews" branch protection
179- id : disable-branch-protection
180- if : always()
181- uses : actions/github-script@v1
182- with :
183- github-token : ${{ secrets.OPENSOURCE_BOT_TOKEN }}
184- previews : luke-cage-preview
185- script : |
186- const result = await github.repos.updateBranchProtection({
187- owner: context.repo.owner,
188- repo: context.repo.repo,
189- branch: 'main',
190- required_status_checks: null,
191- restrictions: null,
192- enforce_admins: null,
193- required_pull_request_reviews: null
194- })
195- console.log("Result:", result)
196-
197139 - name : Run semantic-release
198140 env :
199141 # Use nr-opensource-bot for authoring commits done by
@@ -202,26 +144,5 @@ jobs:
202144 GIT_AUTHOR_EMAIL : " opensource+bot@newrelic.com"
203145 GIT_COMMITTER_NAME : " nr-opensource-bot"
204146 GIT_COMMITTER_EMAIL : " opensource+bot@newrelic.com"
205- GITHUB_TOKEN : ${{ secrets.OPENSOURCE_BOT_TOKEN }}
147+ GH_TOKEN : ${{ secrets.OPENSOURCE_BOT_TOKEN }}
206148 run : npx semantic-release@^18.0.0
207-
208- - name : Re-enable "required_pull_request_reviews" branch protection
209- id : enable-branch-protection
210- if : always()
211- uses : actions/github-script@v1
212- with :
213- github-token : ${{ secrets.OPENSOURCE_BOT_TOKEN }}
214- previews : luke-cage-preview
215- script : |
216- const result = await github.repos.updateBranchProtection({
217- owner: context.repo.owner,
218- repo: context.repo.repo,
219- branch: 'main',
220- required_status_checks: null,
221- restrictions: null,
222- enforce_admins: null,
223- required_pull_request_reviews: {
224- required_approving_review_count: 1
225- }
226- })
227- console.log("Result:", result)
0 commit comments