From a9843062559229858009bef458f438af81e21ce3 Mon Sep 17 00:00:00 2001 From: Anand Pant Date: Sat, 28 Feb 2026 01:32:12 -0600 Subject: [PATCH] Ensure bump PR required checks are always triggered --- .github/workflows/check.yml | 1 + .github/workflows/publish-package.yml | 21 +++++++++++++++++++++ .github/workflows/validate-pr-title.yml | 8 +++++++- RELEASE.md | 3 ++- 4 files changed, 31 insertions(+), 2 deletions(-) diff --git a/.github/workflows/check.yml b/.github/workflows/check.yml index 16d66e9..037835a 100644 --- a/.github/workflows/check.yml +++ b/.github/workflows/check.yml @@ -5,6 +5,7 @@ on: branches: [main] push: branches: [main] + workflow_dispatch: permissions: contents: read diff --git a/.github/workflows/publish-package.yml b/.github/workflows/publish-package.yml index 758e597..323f0ad 100644 --- a/.github/workflows/publish-package.yml +++ b/.github/workflows/publish-package.yml @@ -9,6 +9,7 @@ concurrency: cancel-in-progress: false permissions: + actions: write contents: write pull-requests: write packages: write @@ -125,6 +126,7 @@ jobs: runs-on: blacksmith-4vcpu-ubuntu-2404 needs: resolve-merge-context permissions: + actions: write contents: write pull-requests: write packages: write @@ -316,3 +318,22 @@ jobs: - Next stable version prepared: `${{ steps.meta.outputs.next_stable_version }}` add-paths: | package.json + + - name: Trigger required checks for bump PR + if: steps.meta.outputs.create_bump_pr == 'true' + env: + GH_TOKEN: ${{ secrets.GH_PAT || secrets.GITHUB_TOKEN }} + REPO: ${{ github.repository }} + BUMP_BRANCH: ci/version-bump-${{ steps.meta.outputs.next_stable_version }} + BUMP_TITLE: chore: bump package version to ${{ steps.meta.outputs.next_stable_version }} + run: | + gh api \ + --method POST \ + "repos/${REPO}/actions/workflows/check.yml/dispatches" \ + -f ref="${BUMP_BRANCH}" + + gh api \ + --method POST \ + "repos/${REPO}/actions/workflows/validate-pr-title.yml/dispatches" \ + -f ref="${BUMP_BRANCH}" \ + -F inputs[pr_title]="${BUMP_TITLE}" diff --git a/.github/workflows/validate-pr-title.yml b/.github/workflows/validate-pr-title.yml index df3e0a2..f3e31f3 100644 --- a/.github/workflows/validate-pr-title.yml +++ b/.github/workflows/validate-pr-title.yml @@ -3,6 +3,12 @@ name: ValidatePrTitle on: pull_request: types: [opened, edited, synchronize, reopened] + workflow_dispatch: + inputs: + pr_title: + description: "Pull request title to validate" + required: true + type: string permissions: pull-requests: read @@ -14,7 +20,7 @@ jobs: steps: - name: Validate pull request title env: - PR_TITLE: ${{ github.event.pull_request.title }} + PR_TITLE: ${{ github.event_name == 'pull_request' && github.event.pull_request.title || inputs.pr_title }} run: | title="${PR_TITLE}" if [ -z "${title// /}" ]; then diff --git a/RELEASE.md b/RELEASE.md index cba74a6..e864186 100644 --- a/RELEASE.md +++ b/RELEASE.md @@ -28,9 +28,10 @@ Workflow: `.github/workflows/publish-package.yml` ## Required Repository Configuration - GitHub Actions: - - `GITHUB_TOKEN` must keep `contents:write`, `pull-requests:write`, `packages:write` permissions in `publish-package.yml`. + - `GITHUB_TOKEN` must keep `actions:write`, `contents:write`, `pull-requests:write`, `packages:write` permissions in `publish-package.yml`. - Optional token: - `GH_PAT` can be set to let `create-pull-request` use a PAT instead of `GITHUB_TOKEN`. + - If `GH_PAT` is not available, publish automation dispatches `Check` and `ValidatePrTitle` workflows directly on the bump branch so required checks still attach to the bump PR head commit. - Branch governance: - Keep required checks enforced for PRs into `main`: - `Check`