#debug: testing new gh action #33
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Test Signed Commit | |
| on: | |
| push: | |
| branches: | |
| - ROU-12531-fix-3 | |
| jobs: | |
| test-signed-commit: | |
| name: 🔏 Test Signed Commit | |
| runs-on: ubuntu-latest | |
| permissions: | |
| id-token: write | |
| contents: write | |
| pull-requests: write | |
| steps: | |
| - name: 📂 Checkout repository | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| - name: 🔐 Azure login | |
| #uses: OutSystems/rd.github-reusable-workflows/.github/actions/az-login@9d497d1c5bc6e355aa8f4663539e6b75c212f6b4 #v2.0.7 | |
| uses: ./.github/actions/az-login | |
| with: | |
| client-id: ${{ secrets.OSUI_AZURE_CLIENT_ID }} | |
| tenant-id: ${{ secrets.OSUI_AZURE_TENANT_ID }} | |
| subscription-id: ${{ secrets.OSUI_AZURE_SUBSCRIPTION_ID }} | |
| - name: 🔑 Get GitHub Token | |
| id: get-github-token | |
| #uses: OutSystems/rd.github-reusable-workflows/.github/actions/az-keyvault-get@9d497d1c5bc6e355aa8f4663539e6b75c212f6b4 #v2.0.7 | |
| uses: ./.github/actions/az-keyvault-get | |
| with: | |
| key-name: o11odc-github-gitpersonal-token-prd | |
| # Create a unique test branch name using the workflow run ID | |
| - name: 🔍 Determine branch name | |
| id: determine-branch | |
| run: | | |
| BRANCH_NAME="test-signed-commit-${{ github.run_id }}" | |
| echo "branch-name=$BRANCH_NAME" >> $GITHUB_OUTPUT | |
| echo "Using branch: $BRANCH_NAME" | |
| # Checkout dev branch as the base for creating the test branch | |
| - name: 📂 Checkout dev | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| with: | |
| ref: dev | |
| token: ${{ steps.get-github-token.outputs.az-keyvault-value }} | |
| # Create a new test branch from dev for testing signed commits. | |
| # Each workflow run creates a unique branch using the workflow run ID. | |
| - name: 🔄 Create test branch ${{ steps.determine-branch.outputs.branch-name }} | |
| run: | | |
| BRANCH_NAME="${{ steps.determine-branch.outputs.branch-name }}" | |
| echo "Creating new branch $BRANCH_NAME" | |
| git checkout -b $BRANCH_NAME | |
| git push -u origin $BRANCH_NAME | |
| env: | |
| GITHUB_TOKEN: ${{ steps.get-github-token.outputs.az-keyvault-value }} | |
| # Create a test file to commit | |
| - name: 📝 Create test file | |
| run: | | |
| echo "Test signed commit - $(date)" > test-signed-commit.txt | |
| echo "This file was created to test GPG signed commits in GitHub Actions." | |
| # 14 May 2025 - rug | |
| # Currently Azure Key Vault does not support multi-line secrets, so we are using a secret instead. | |
| # - name: Get GPG key from Azure Key Vault | |
| # id: GetGPGKey | |
| # uses: OutSystems/rd.github-reusable-workflows/.github/actions/az-keyvault-get@9d497d1c5bc6e355aa8f4663539e6b75c212f6b4 #v2.0.7 | |
| # with: | |
| # key-name: o11odc-github-gpg-key-prd | |
| - name: 🔑 Get GPG Passphrase from Azure Key Vault | |
| id: GetGPGPassphrase | |
| #uses: OutSystems/rd.github-reusable-workflows/.github/actions/az-keyvault-get@9d497d1c5bc6e355aa8f4663539e6b75c212f6b4 #v2.0.7 | |
| uses: ./.github/actions/az-keyvault-get | |
| with: | |
| key-name: o11odc-github-gpg-passphrase-prd | |
| # Test the signed commit action by committing the test file with GPG signing. | |
| # This verifies that the GPG key configuration and signing process works correctly. | |
| - name: 🔏 Test signed commit | |
| #uses: OutSystems/rd.github-reusable-workflows/.github/actions/signed-commit@9d497d1c5bc6e355aa8f4663539e6b75c212f6b4 #v2.0.7 | |
| uses: ./.github/actions/signed-commit | |
| with: | |
| commit-branch: ${{ steps.determine-branch.outputs.branch-name }} | |
| commit-message: 'Test: GPG signed commit [skip ci]' | |
| commit-new-files: true | |
| gpg-priv-key: ${{ secrets.GPG_SIGN_KEY }} | |
| # gpg-priv-key: ${{ steps.GetGPGKey.outputs.az-keyvault-value }} | |
| gpg-pass-phrase: ${{ steps.GetGPGPassphrase.outputs.az-keyvault-value }} | |
| # Checkout the branch again after the commit to ensure we're on the correct branch | |
| # with the committed changes when creating the PR. Pull the latest changes to ensure | |
| # the commit is present in the working directory. | |
| - name: 📂 Checkout branch with changes | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| with: | |
| ref: ${{ steps.determine-branch.outputs.branch-name }} | |
| token: ${{ steps.get-github-token.outputs.az-keyvault-value }} | |
| fetch-depth: 0 | |
| # Create a pull request from the test branch into dev. | |
| # Since the commit is already pushed to the remote branch, we use the create-pull-request | |
| # action which uses GitHub CLI to create a PR from an existing branch. | |
| - name: 🔀 Create pull request | |
| uses: ./.github/actions/create-pull-request | |
| with: | |
| token: ${{ steps.get-github-token.outputs.az-keyvault-value }} | |
| base: dev | |
| head: ${{ steps.determine-branch.outputs.branch-name }} | |
| title: 'Test: GPG Signed Commit [skip ci]' | |
| body: | | |
| This PR tests the GPG signed commit functionality. | |
| **Changes:** | |
| - Created test file to verify GPG signing works correctly | |
| - Commit is signed with GPG key | |
| This PR was automatically created by the Test Signed Commit workflow. |