Skip to content

Create dependabot.yml #25

Create dependabot.yml

Create dependabot.yml #25

Workflow file for this run

name: build app
on:
pull_request:
branches: [ master ]
jobs:
build-ui:
runs-on: ubuntu-latest
permissions:
contents: write
env:
NODE_ENV: production
steps:
- uses: actions/checkout@v3
- name: Setup Node 20.x
uses: actions/setup-node@v3
with:
node-version: 20.x
cache: npm
- name: "install"
run: npm ci --production
- name: "build"
run: npm run build
- name: "Check if build has changed"
if: success()
id: has-changes
run: |
echo "stdout<<EOF" >> $GITHUB_OUTPUT
echo "$(git diff --stat)" >> $GITHUB_OUTPUT
echo 'EOF' >> $GITHUB_OUTPUT
- name: Import GPG key
if: ${{ steps.has-changes.outputs.stdout }}
uses: crazy-max/ghaction-import-gpg@v5
with:
gpg_private_key: ${{ secrets.GPG_BOT }}
passphrase: ${{ secrets.GPG_PASSPHRASE }}
fingerprint: "68C0468E53A658D24C0C1B612DD506482092C18E"
git_config_global: true
git_user_signingkey: true
git_commit_gpgsign: true
git_committer_name: Github bot
git_committer_email: [email protected]
- name: "Commit files"
if: ${{ steps.has-changes.outputs.stdout }}
env:
GH_TOKEN: ${{ secrets.BOT_TOKEN }}
run: |
gh pr checkout ${{ github.event.pull_request.number }}
git commit -S -m "build action" -a
- name: "Push changes"
if: ${{ steps.has-changes.outputs.stdout }}
env:
GITHUB_TOKEN: ${{ secrets.BOT_TOKEN }}
run: git push -u origin HEAD