Turns out I was able to make something work for this to do it (without having the limitations of merged pull requests to submodule updates that do not invoke the workflows in the default branch I had to create a github bot account to use with a personal access token since I did not know how to make a private bot application that then would give me just a personal access token to):
name: Submodule Update
on:
push:
branches: [ main ]
tags:
- '*'
schedule:
- cron: '20 * * * *'
jobs:
submodule-update:
runs-on: windows-latest
steps:
- uses: actions/checkout@v2
with:
# we need the submodules.
submodules: recursive
- name: Update submodule.
run: git submodule update --remote
- name: Create Pull Request
id: cpr
uses: peter-evans/create-pull-request@v3
with:
token: ${{ secrets.GITSYNC_TOKEN }}
commit-message: Updated submodule.
committer: GitHub <[email protected]>
author: [bot name] <[bot url part to noreply]@users.noreply.github.com>
signoff: true
branch: app/updated-submodules
base: main
delete-branch: true
title: '[insert submodule name here] Update submodule.'
body: |
Update report
- Auto-generated by [create-pull-request][1]
[1]: https://github.com/peter-evans/create-pull-request
draft: false
And then for the pull request workflow I then do something like this:
name: .NET Core (build pull request)
on: [pull_request]
jobs:
build:
runs-on: windows-latest
steps:
- uses: actions/checkout@v2
with:
# we need the submodules.
submodules: recursive
# build, test, and package the projects here.
- uses: hmarr/[email protected]
if: github.actor == 'dependabot[bot]' || github.actor == 'dependabot-preview[bot]' || [check the repository admins too here] || github.actor == 'the bot's username I made as well here'
with:
# I think this must stay the same since github's token does not affect any of the flow.
github-token: "${{ secrets.GITHUB_TOKEN }}"
- uses: actions-ecosystem/action-add-labels@v1
if: github.actor == 'dependabot[bot]' || github.actor == 'dependabot-preview[bot]' || [check the repository admins too here] || github.actor == 'the bot's username I made as well here'
with:
github_token: ${{ secrets.GITSYNC_TOKEN }}
labels: |
enhancement
automerge
And then finally I also then automerge using this as well (limited it to only labels to only deploy it when build is done to reduce extra unneeded status checks.
name: automerge
on:
pull_request:
types:
- labeled
status: {}
jobs:
automerge:
runs-on: ubuntu-latest
steps:
- name: automerge
uses: "pascalgn/[email protected]"
env:
# to get workflow invokes after merge.
GITHUB_TOKEN: "${{ secrets.GITSYNC_TOKEN }}"
MERGE_REMOVE_LABELS: "automerge"
MERGE_METHOD: "squash"
MERGE_RETRIES: "6"
MERGE_RETRY_SLEEP: "10000"
UPDATE_METHOD: "rebase"
This then results in fully automated pull requests that updates submodules just like how the old dependabot did on dependency updates before it was merged into github.
Note: the action versions may have been updated since then, I would strongly recommend setting up dependabot to keep the actions up to date as well as your normal dependency updates to ensure they always work properly.
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
