diff --git a/.github/workflows/generate_algorithm_families.yml b/.github/workflows/generate_algorithm_families.yml index 351f09cb..d349edcf 100644 --- a/.github/workflows/generate_algorithm_families.yml +++ b/.github/workflows/generate_algorithm_families.yml @@ -20,6 +20,7 @@ jobs: uses: actions/checkout@v6 with: token: ${{ secrets.GITHUB_TOKEN }} + persist-credentials: false - name: Set up Python uses: actions/setup-python@v5 @@ -31,12 +32,32 @@ jobs: run: python3 algorithmFamilyGeneration.py - name: Create Pull Request - uses: peter-evans/create-pull-request@v6 - with: - token: ${{ secrets.GITHUB_TOKEN }} - commit-message: "chore: update algorithm families [skip ci]" - branch: "update-algorithm-families" - title: "chore: update algorithm families" - body: "This PR updates `schema/cryptography-defs.schema.json` with the latest algorithm families generated from `schema/cryptography-defs.json`." - base: "master" - delete-branch: true + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + BRANCH_NAME="update-algorithm-families" + + # Configure Git + git config --local user.email "github-actions[bot]@users.noreply.github.com" + git config --local user.name "github-actions[bot]" + + # Check for changes + if git diff --quiet schema/cryptography-defs.schema.json; then + echo "No changes to algorithm families" + exit 0 + fi + + # Create branch and commit + git checkout -b "$BRANCH_NAME" + git add schema/cryptography-defs.schema.json + git commit -m "chore: update algorithm families [skip ci]" + + # Push to the branch (use GH_TOKEN for authentication) + git push -u "https://x-access-token:${GH_TOKEN}@github.com/${{ github.repository }}.git" "$BRANCH_NAME" --force + + # Create Pull Request using GitHub CLI (gh) + gh pr create \ + --title "chore: update algorithm families" \ + --body "This PR updates \`schema/cryptography-defs.schema.json\` with the latest algorithm families generated from \`schema/cryptography-defs.json\`." \ + --base "master" \ + --head "$BRANCH_NAME" || echo "Pull request already exists"