fix: remove the lock-file-maintenance.yml

anolilab · Jul 3, 2024 · ca7ee66 · ca7ee66
1 parent 8a08601
commit ca7ee66
Show file tree

Hide file tree

Showing 2 changed files with 43 additions and 97 deletions.
diff --git a/.github/workflows/lock-file-maintenance.md b/.github/workflows/lock-file-maintenance.md
@@ -2,27 +2,6 @@
 
 This action is used to maintain lock files in a repository. It will ensure that lock files are up-to-date with their corresponding manifest files.
 
-# Inputs
-
-The action has the following inputs:
-
-### Required inputs
-
-#### target-repo
-
-Specify the target repository this action should run on. This is used to prevent actions from running on repositories other than the target repository. For example, specifying a `target-repo` of `anolilab/workflows` will prevent the action from running on forks of `anolilab/workflows`.
-
--   This `input` is required. (`type:string`)
-
-### Optional inputs
-
-#### node-version
-
-This is used to ensure that the correct version of node.js is used when running the action.
-
--   This `input` is optional. (`type:string`, `default:18.x`)
-
-
 > For protected branches, the action will need to be able to commit and push to the repository.
 >
 > By creating a new [Personal Access Token (PAT)](https://github.com/settings/tokens/new), storing the token as a secret in your repository and then passing the new token to the Action step.
@@ -40,18 +19,53 @@ on: # yamllint disable-line rule:truthy
     pull_request:
         branches:
             - "dependabot/**"
+    workflow_dispatch: # yamllint disable-line rule:empty-values
 
 permissions:
     contents: "read" # for checkout
 
 jobs:
-    stale-issues:
-        uses: "anolilab/workflows/.github/workflows/lock-file-maintenance.yml@main"
+    lock-file:
+        name: "Lock File Maintenance"
+        if: "github.repository == visulima/visulima"
+        runs-on: "ubuntu-latest"
         permissions:
-            contents: "write" # commit and push
-            id-token: "write" # for checkout
-        with:
-            target-repo: "visulima/visulima"
-            secrets:
-                LOCK_MAINTENANCE_GITHUB_TOKEN: ${{ secrets.LOCK_MAINTENANCE_GITHUB_TOKEN }}
+            contents: "write"
+
+        steps:
+            - name: "Harden Runner"
+              uses: "step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6" # v2.8.1
+              with:
+                  egress-policy: "audit"
+
+            - name: "Git checkout"
+              uses: "actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332" # v4.1.7
+              with:
+                  token: "${{ secrets.LOCK_MAINTENANCE_GITHUB_TOKEN }}"
+              env:
+                  GIT_COMMITTER_NAME: "GitHub Actions Shell"
+                  GIT_AUTHOR_NAME: "GitHub Actions Shell"
+                  EMAIL: "github-actions[bot]@users.noreply.github.com"
+
+            - name: "Setup resources and environment"
+              id: "setup"
+              uses: "anolilab/workflows/step/setup@main"
+              with:
+                  node-version: "18.x"
+                  cache-prefix: "lock-file"
+                  install-packages: "false"
+
+            - name: "Update lock file"
+              if: "success()"
+              run: "pnpm install --lockfile-only"
+
+            - name: "Commit lock file"
+              if: "success()"
+              uses: "stefanzweifel/git-auto-commit-action@8621497c8c39c72f3e2a999a26b4ca1b5058a842" # v5.0.1
+              with:
+                  file_pattern: "pnpm-lock.yaml"
+                  commit_message: "chore: updated lock file [ci skip]"
+                  commit_user_name: "github-actions-shell"
+                  commit_user_email: "github-actions[bot]@users.noreply.github.com"
+                  commit_author: "github-actions-shell <github-actions[bot]@users.noreply.github.com>"
 ```
diff --git a/.github/workflows/lock-file-maintenance.yml b/.github/workflows/lock-file-maintenance.yml