Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/step-security/ghcommit-action

GitHub Action to commit files to a git branch using the ghcommit utility. Secure drop-in replacement for planetscale/ghcommit-action.
https://github.com/step-security/ghcommit-action

step-security-maintained-actions

Last synced: 4 months ago
JSON representation

GitHub Action to commit files to a git branch using the ghcommit utility. Secure drop-in replacement for planetscale/ghcommit-action.

Awesome Lists containing this project

README 

          
# ghcommit-action



A GitHub Action to detect changed files during a Workflow run and to commit and

push them back to the GitHub repository using the [`ghcommit`](https://github.com/planetscale/ghcommit) utility.



The advantage of using `ghcommit` is that the commits will be signed by GitHub's

GPG key and show as **Verified**. This is important for repositories that require

signed commits.



## Usage



The plugin is currently implemented as a Docker style plugin. It must be run on

a Linux host, eg: `ubuntu-latest`.



```yaml

name: fmt



on:

  # NOTE: Need to run on a PR so that the ${{ github.head_ref }} (branch) is non-null

  pull_request:

    types:

      - opened

      - synchronize

      - reopened



jobs:

  fmt-code:

    runs-on: ubuntu-latest



    permissions:

      # Give the default GITHUB_TOKEN write permission to commit and push the

      # added or changed files to the repository.

      contents: write



    steps:

      - uses: actions/checkout@v5

      # Include the pull request ref in the checkout action to prevent merge commit

      # https://github.com/actions/checkout?tab=readme-ov-file#checkout-pull-request-head-commit-instead-of-merge-commit

        with:

          ref: ${{ github.event.pull_request.head.sha }}



      # Run steps that make changes to the local repo here.



      # Commit all changed files back to the repository

      - uses: step-security/ghcommit-action@v0

        with:

          commit_message: "🤖 fmt"

          repo: ${{ github.repository }}

          branch: ${{ github.head_ref || github.ref_name }}

        env:

          GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}

```



Example showing all options:



```yaml

      - uses: step-security/ghcommit-action@v0

        with:

          commit_message: "🤖 fmt"

          repo: ${{ github.repository }}

          branch: ${{ github.head_ref || github.ref_name }}

          empty: true

          file_pattern: '*.txt *.md *.json *.hcl'

        env:

          GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}

```



See [`action.yaml`](./action.yaml) for current list of supported inputs.