From 6ff2ab3a356ccc8b3bbf680f66b2c156722905e3 Mon Sep 17 00:00:00 2001 From: "Vincent A. Cicirello" Date: Wed, 14 Jul 2021 10:24:06 -0400 Subject: [PATCH] Changed the author of commits to the github-actions bot (#20) * Update UserStatistician.py * Update UserStatistician.py * Update README.md * Update CHANGELOG.md --- CHANGELOG.md | 10 +++++++++- README.md | 16 +++++++++------- src/UserStatistician.py | 4 ++-- 3 files changed, 20 insertions(+), 10 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 9f32185b..fe891a10 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,7 +4,7 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). -## [Unreleased] - 2021-07-13 +## [Unreleased] - 2021-07-14 ### Added @@ -17,6 +17,14 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ### Fixed +## [1.0.1] - 2021-07-14 + +### Fixed +* Changed the author of commits to the github-actions bot + to avoid artificially inflating the user of the action's + commit count. + + ## [1.0.0] - 2021-07-13 ### Added diff --git a/README.md b/README.md index 29c9648a..939dfa6a 100644 --- a/README.md +++ b/README.md @@ -279,14 +279,18 @@ configured with required reviews nor with required checks. If your GitHub profile repository does have a branch protection rule with required reviews or required checks, there are a couple solutions. -__Not Recommended:__ First, you could create a personal access token (PAT) with necessary -permissions, save it as a repository secret, and pass that to the action -instead of the `GITHUB_TOKEN`. However, we do not recommend doing so. +__Not Recommended:__ First, you could create a personal access token (PAT) +with necessary permissions, save it as a repository secret, and use the PAT +with during the `actions/checkout` step +(see [actions/checkout](https://github.com/actions/checkout)'s documentation). +However, we do not recommend doing so. If anyone else has write access to the repository, then they can potentially create additional workflows using that PAT. This is probably reasonably safe since it is probably rare to have collaborators on ones profile repository. However, we still do not recommend this approach, as you must have had a reason -to put the required checks in place. +to put the required checks in place. If you decide to go this route anyway, note +that the `user-statistician` action will still only need the `GITHUB_TOKEN` and not +the PAT. __Recommended:__ The second (and recommended) approach to dealing with a protected branch with @@ -575,9 +579,7 @@ can do if you wish to use the action in a repository with that has configured required reviews or required checks: [Protected branches with required checks](#protected-branches-with-required-checks). -The committer is the owner of the repository where the action is run, with name -configured as the public name of the user, and the committer email address -configured as `USERID@users.noreply.github.com`. +The author of the commit is set to the github-actions bot. ## Outputs diff --git a/src/UserStatistician.py b/src/UserStatistician.py index fae07d84..bbb2d148 100755 --- a/src/UserStatistician.py +++ b/src/UserStatistician.py @@ -94,7 +94,7 @@ def commitAndPush(filename, name, login, failOnError) : "user.email", login + '@users.noreply.github.com']) executeCommand(["git", "add", filename]) executeCommand(["git", "commit", "-m", - "Automated change by [cicirello/user-statistician](https://github.com/cicirello/user-statistician)", + "Automated change by https://github.com/cicirello/user-statistician", filename]) r = executeCommand(["git", "push"]) if r[1] != 0 : @@ -157,7 +157,7 @@ def commitAndPush(filename, name, login, failOnError) : writeImageToFile(imageFilenameWithPath, image, failOnError) if commit : - commitAndPush(imageFilenameWithPath, stats._name, stats._login, failOnError) + commitAndPush(imageFilenameWithPath, "github-actions", "41898282+github-actions[bot]", failOnError) print("::set-output name=exit-code::0")