Change communicate-on-pull-requets-merged GitHub Action to be executed on push event

[mollyIV]

Description

The communicate-on-pull-request-merged GitHub Action fails in most cases due to:

##[error]Input required and not supplied: repo-token
##[error]Docker run failed with exit code 1 

It turns out that when a user opens a pull request on the base project from a fork, no secrets are provided to the workflow. According to the GitHub Actions documentation:

With the exception of GITHUB_TOKEN, secrets are not passed to the runner when a workflow is triggered from a forked repository.

Workaround

As a workaround, to being able to use the secrets in a workflow, we can use a push event to trigger the workflow. In the action itself, we can parse the detailed information about the push 💡

Testing

A workflow file used for a manual testing:

name: Processing pull requests
on: 
  push:
    branches: master

jobs:   
  communicate-on-pull-request-merged:
    name: communicate on pull request merged
    runs-on: ubuntu-latest    
    steps:
      - name: Git checkout
        uses: actions/checkout@master
        with:
          ref: refs/heads/master
      
      - name: Communicate on PR merged
        uses: mollyIV/github-actions/communicate-on-pull-request-merged@change-the-coprm-action-to-be-executed-on-push-event
        with:
          repo-token: ${{ secrets.BOT_GITHUB_TOKEN }}
          pr-label-to-add: 'status: included-in-next-release'
          pr-label-to-remove: 'status: needs-attention'

The bot is set to my private account, that's why you see the comments from the author.

The unit tests have been updated too.

🎊 🎊

[joshdholtz]

Would it be easier if we just rename the secret to GITHUB_TOKEN in our secrets? 🤔

[mollyIV]

Hey @joshdholtz 👋

Would it be easier if we just rename the secret to GITHUB_TOKEN in our secrets? 🤔

According to the documentation:

GitHub automatically creates a GITHUB_TOKEN secret to use in your workflow. You can use the GITHUB_TOKEN to authenticate in a workflow run.

Taking that into account, I tried to add GITHUB_TOKEN to the secrets on my private repo, where the GitHub Actions are enabled:

💣 💥

If we were able to override GITHUB_TOKEN via our env variable in secrets, the benefit would be not adding repo-token: ${{ secrets.BOT_GITHUB_TOKEN }} to the action in a workflow file. However I do not think it bothers us 👍

[mollyIV]

Hey @joshdholtz 👋

Did you get a chance to have a look at these changes? 😊

[iBotPeaches]

This makes sense to me since target of the PR may not live in the fastlane org, so no secrets.

I updated it locally, scanned around and ran tests - all seems good.

Test Suites: 1 passed, 1 total
Tests:       5 passed, 5 total
Snapshots:   0 total
Time:        0.607s
Ran all test suites.

Since I adapted CI to block changes to lib - I'm guessing if this is brought up to date it'll fail CI. The CI system will update distribution files now, so if you want to go forward with merging this we can just merge in master and revert changes to lib.