ci: scripts and format (#68)

* ci(digest): approve with DIGEST_PAT after disabling require_last_push_approval require_last_push_approval blocked barrettruth from approving their own push. Disabled that restriction in the ruleset — 1 approval is still required for all PRs, but the approver can now be the pusher. DIGEST_PAT (barrettruth) approves, CI runs via PAT push, auto-merge fires when checks pass. * ci: format + scripts
2026-03-04 13:49:06 -05:00 · 2026-03-04 13:49:06 -05:00 · aee5ea10c6
commit aee5ea10c6
parent 9b656387fb
5 changed files with 13 additions and 3 deletions
--- a/.github/workflows/upstream-digest.yaml
+++ b/.github/workflows/upstream-digest.yaml
@ -0,0 +1,50 @@
+name: upstream digest
+
+on:
+  schedule:
+    - cron: '0 9 * * 1'
+  workflow_dispatch:
+
+permissions:
+  contents: write
+  pull-requests: write
+
+jobs:
+  digest:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Update upstream tracker
+        id: digest
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: python3 .github/scripts/upstream_digest.py
+
+      - name: Format doc/upstream.md
+        if: steps.digest.outputs.changed == 'true'
+        run: npx --yes prettier --write doc/upstream.md
+
+      - name: Push and open PR if needed
+        if: steps.digest.outputs.changed == 'true'
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          BRANCH="ci/upstream-digest"
+          git config user.name "github-actions[bot]"
+          git config user.email "github-actions[bot]@users.noreply.github.com"
+          git checkout -b "${BRANCH}"
+          git add doc/upstream.md
+          git commit -m "docs(upstream): upstream digest $(date +%Y-%m-%d)"
+          git config --unset http.https://github.com/.extraheader
+          git remote set-url origin "https://x-access-token:${{ secrets.DIGEST_PAT }}@github.com/barrettruth/canola.nvim.git"
+          git push --force origin "${BRANCH}"
+          if ! GH_TOKEN="${{ secrets.GITHUB_TOKEN }}" gh pr list --head "${BRANCH}" --state open --json number --jq '.[0].number' | grep -q .; then
+            PR_URL=$(GH_TOKEN="${{ secrets.GITHUB_TOKEN }}" gh pr create \
+              --title "docs(upstream): upstream digest" \
+              --body "Automated weekly digest of new upstream activity. Triage by updating statuses and notes." \
+              --base main \
+              --head "${BRANCH}")
+            GH_TOKEN="${{ secrets.DIGEST_PAT }}" gh pr review "${PR_URL}" --approve
+            gh pr merge "${PR_URL}" --auto --squash
+          fi