fix: only encrypt secret files if not encrypted (#2086) #9
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: PR Auto Updater | |
| on: | |
| push: | |
| branches: | |
| - 'main' | |
| - 'release/*' | |
| tags-ignore: | |
| - '*' | |
| jobs: | |
| pr-autoupdate: | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Install GitHub CLI | |
| run: | | |
| sudo apt update | |
| sudo apt install gh -y | |
| - name: Configure Git | |
| run: | | |
| git config --global user.email ${{ vars.BOT_EMAIL }} | |
| git config --global user.name ${{ vars.BOT_USERNAME }} | |
| - name: Authenticate GitHub CLI | |
| run: echo "${{ secrets.GITHUB_TOKEN }}" | gh auth login --with-token | |
| - name: Update PR branches | |
| run: | | |
| prs=$(gh pr list --state open --base main --json number,headRefName -q '.[] | [.number, .headRefName] | @tsv') | |
| while IFS=$'\t' read -r number branch; do | |
| echo "Updating PR #$number (branch: $branch)" | |
| git fetch origin "$branch" | |
| git checkout "$branch" | |
| if git merge origin/main --no-edit; then | |
| git push origin HEAD:$branch | |
| echo "✅ Updated $branch" | |
| else | |
| echo "❌ Merge conflict on $branch — skipped." | |
| git merge --abort | |
| fi | |
| done <<< "$prs" |