Skip to content

Instantly share code, notes, and snippets.

Show Gist options
  • Save kartikv11/b565a9c1b9499f6096c380b9c577d762 to your computer and use it in GitHub Desktop.
Save kartikv11/b565a9c1b9499f6096c380b9c577d762 to your computer and use it in GitHub Desktop.
Github Push Commit in Github Actions to a Protected Branch
...
..
# Use-case here is update version of a Java Application in pom.xml
# You can change the below code as per your need.
# Branch: develop (protected branch)
# User to Push with: has owner/maintain permissions
#
# Variables:
# BUILD_TOKEN : user to commit & push with is set in Github environment Secrets as BUILD_TOKEN
# REPO_NEW_VERSION: is new version value from a previous step (example: 1.0.1)
#
# Replace:
# <github-repo-name> : Replace this with your repo name (Example: if repo is: https://github.com/test-org/test-repo/ , value to put in variable will be test-org/test-repo)
- name: Update Commit Push Version
run: |
echo "${{ steps.calculate_version.outputs.REPO_NEW_VERSION }}"
# Define the path to your POM file
POM_FILE="pom.xml"
# Define the new version provided as an argument
O_NEW_VERSION="${{ steps.calculate_version.outputs.REPO_NEW_VERSION }}"
# Update the POM file with the new version
mvn versions:set -DnewVersion=${O_NEW_VERSION} -DgenerateBackupPoms=false
UPDATED_POM_CONTENT=$(cat ${POM_FILE})
# Base64 encode the updated POM content
BASE64_ENCODED_CONTENT=$(echo -n "$UPDATED_POM_CONTENT" | base64)
# Step 1: Get the SHA of the latest commit on the 'develop' branch
SHA=$(curl -H "Authorization: token ${{ secrets.BUILD_TOKEN }}" \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/repos/<github-repo-name>/git/refs/heads/develop | jq -r '.object.sha')
# Step 2: Create a new blob
echo "{ \"content\": \"$BASE64_ENCODED_CONTENT\", \"encoding\": \"base64\" }" > temp_blob_data.json
BLOB_SHA=$(curl -X POST \
-H "Authorization: token ${{ secrets.BUILD_TOKEN }}" \
-H "Accept: application/vnd.github.v3+json" \
--data @temp_blob_data.json \
https://api.github.com/repos/<github-repo-name>/git/blobs | jq -r '.sha')
# Step 3: Create a new tree
TREE_DATA="{\"base_tree\":\"$SHA\",\"tree\":[{\"path\":\"pom.xml\",\"mode\":\"100644\",\"type\":\"blob\",\"sha\":\"$BLOB_SHA\"}]}"
NEW_TREE_SHA=$(curl -X POST \
-H "Authorization: token ${{ secrets.BUILD_TOKEN }}" \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/repos/<github-repo-name>/git/trees -d "$TREE_DATA" | jq -r '.sha')
# Step 4: Create a new commit
NEW_COMMIT_SHA=$(curl -X POST \
-H "Authorization: token ${{ secrets.BUILD_TOKEN }}" \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/repos/<github-repo-name>/git/commits \
-d '{
"message": "[skip-ci] Update project version to '${O_NEW_VERSION}'",
"parents": ["'$SHA'"],
"tree": "'$NEW_TREE_SHA'"
}' | jq -r '.sha')
# Step 5: Update the 'develop' branch to point to the new commit
curl -X PATCH \
-H "Authorization: token ${{ secrets.BUILD_TOKEN }}" \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/repos/<github-repo-name>/git/refs/heads/develop \
-d '{
"sha": "'$NEW_COMMIT_SHA'",
"force": false
}'
echo "SNAPSHOT version updated to ${O_NEW_VERSION} and committed."
working-directory: .
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment