PublicArchive/supabase
2
0
Fork 0
mirror of https://github.com/supabase/supabase.git synced 2026-06-28 11:33:52 -04:00
Code Issues Packages Projects Releases Wiki Activity
Files
docs/postgres-lint
supabase/.github/workflows/studio-lint-ratchet-decrease.yml
T
Charis 6e3ffb2b0d fix(ci): authenticate git push in decrease-baselines workflow (#46596) 
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.

YES

## What kind of change does this PR introduce?

Bug fix (CI workflow).

## What is the current behavior?

The weekly `Decrease studio lint ratchet baselines` workflow fails on
`git push` with:

```
fatal: could not read Username for 'https://github.com': No such device or address
Error: Process completed with exit code 128.
```

`actions/checkout` runs with `persist-credentials: false`, so no auth is
stored for git. The job generates a GitHub App token but never wires it
into git, so the push has no credentials.

## What is the new behavior?

Push to an explicit token URL using the already-available `GH_TOKEN`,
matching the pattern in `.github/workflows/autofix_linters.yml`. The
force-push to `bot/decrease-eslint-ratchet-baselines` now authenticates
correctly.

## Additional context

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **Chores**
* Updated GitHub Actions workflow configuration to improve automated
process reliability.

**Note:** This release contains no user-facing changes. The updates are
internal infrastructure improvements.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-06-02 17:06:56 -04:00

92 lines
3.1 KiB
YAML
Raw Permalink Blame History

name: Decrease studio lint ratchet baselines
on:
schedule:
- cron: '0 0 * * SUN'
workflow_dispatch:
permissions:
contents: write
pull-requests: write
jobs:
decrease-baselines:
runs-on: blacksmith-4vcpu-ubuntu-2404
steps:
- uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0
with:
persist-credentials: false
sparse-checkout: |
.github
apps/studio
packages
patches
- uses: pnpm/action-setup@41ff72655975bd51cab0327fa583b6e92b6d3061 # v4.2.0
name: Install pnpm
with:
run_install: false
- name: Use Node.js
uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
with:
node-version-file: '.nvmrc'
cache: 'pnpm'
- name: Install deps
run: pnpm install --frozen-lockfile
- name: Generate token
id: app-token
uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v3.2.0
with:
client-id: ${{ vars.GH_AUTOFIX_APP_CLIENT_ID }}
private-key: ${{ secrets.GH_AUTOFIX_PRIVATE_KEY }}
permission-contents: write
permission-pull-requests: write
- name: Decrease ESLint ratchet baselines and open PR
env:
GH_TOKEN: ${{ steps.app-token.outputs.token }}
DEFAULT_BRANCH: ${{ github.event.repository.default_branch }}
run: |
set -eo pipefail
DEFAULT_BRANCH=${DEFAULT_BRANCH:-master}
BRANCH="bot/decrease-eslint-ratchet-baselines"
git fetch origin "$DEFAULT_BRANCH" --depth=1
if git ls-remote --exit-code --heads origin "$BRANCH" > /dev/null 2>&1; then
git fetch origin "$BRANCH":"$BRANCH" --depth=1
git switch "$BRANCH"
git reset --hard "origin/$DEFAULT_BRANCH"
else
git switch --create "$BRANCH" "origin/$DEFAULT_BRANCH"
fi
pnpm --filter studio run lint:ratchet --decrease-baselines
if git diff --quiet; then
echo "No baseline updates detected."
exit 0
fi
git config user.name 'github-actions[bot]'
git config user.email 'github-actions[bot]@users.noreply.github.com'
git add apps/studio/.github/eslint-rule-baselines.json
git commit --message "chore: decrease ESLint ratchet baselines"
git -c credential.helper= push --force "https://x-access-token:${GH_TOKEN}@github.com/${GITHUB_REPOSITORY}.git" "HEAD:${BRANCH}"
pr_url=$(gh pr list --state open --head "$BRANCH" --json url --jq '.[0].url // ""' 2>/dev/null || echo "")
if [ -z "$pr_url" ]; then
gh pr create \
--title "[bot] Decrease ESLint ratchet baselines" \
--body "Automated weekly decrease of ESLint ratchet baselines." \
--base "$DEFAULT_BRANCH" \
--head "$BRANCH"
else
gh pr comment "$pr_url" --body "Updated ESLint ratchet baselines with the latest weekly decreases."
fi
Reference in New Issue View Git Blame Copy Permalink