From 856f12fa224688a876df1f8bf57d581c68e3a4bd Mon Sep 17 00:00:00 2001 From: Kevin Backhouse Date: Tue, 2 Sep 2025 16:00:59 +0100 Subject: [PATCH 1/4] Use branch-deploy action to determine who is allowed to trigger this workflow. --- .github/workflows/changelog.yml | 21 ++++++++----------- .../workflows/update-textual-snapshots.yml | 17 ++++++++------- 2 files changed, 19 insertions(+), 19 deletions(-) diff --git a/.github/workflows/changelog.yml b/.github/workflows/changelog.yml index 981476d917..141a5a8679 100644 --- a/.github/workflows/changelog.yml +++ b/.github/workflows/changelog.yml @@ -1,24 +1,21 @@ name: Update CHANGELOG.md on: issue_comment: - types: [created] - pull_request_target: - types: [opened] - branches: - - dev + types: [created] # Add "@nf-core-bot changelog" as a PR comment to trigger this workflow. jobs: update_changelog: runs-on: ubuntu-latest - # Run if comment is on a PR with the main repo, and if it contains the magic keywords. - # Or run on PR creation, unless asked otherwise in the title. - if: | - github.repository_owner == 'nf-core' && ( - github.event_name == 'pull_request_target' || - github.event.issue.pull_request && startsWith(github.event.comment.body, '@nf-core-bot changelog') - ) steps: + - name: branch-deploy + id: branch-deploy + uses: github/branch-deploy@c9fcc362bdcea69eecac6578dde245cd5e3a55bf # v10.4.3 + with: + trigger: "@nf-core-bot changelog" + reaction: "eyes" + stable_branch: "dev" + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 with: token: ${{ secrets.NF_CORE_BOT_AUTH_TOKEN }} diff --git a/.github/workflows/update-textual-snapshots.yml b/.github/workflows/update-textual-snapshots.yml index 5f25ce955d..939079abd2 100644 --- a/.github/workflows/update-textual-snapshots.yml +++ b/.github/workflows/update-textual-snapshots.yml @@ -1,18 +1,21 @@ name: Update Textual snapshots from a comment on: issue_comment: - types: [created] + types: [created] # Add "@nf-core-bot update textual snapshots" as a PR comment to trigger this workflow. jobs: update-snapshots: - # Only run if comment is on a PR with the main repo, and if it contains the magic keywords - if: > - contains(github.event.comment.html_url, '/pull/') && - contains(github.event.comment.body, '@nf-core-bot') && - contains(github.event.comment.body, 'update textual snapshots') && - github.repository == 'nf-core/tools' runs-on: ubuntu-latest + steps: + - name: branch-deploy + id: branch-deploy + uses: github/branch-deploy@c9fcc362bdcea69eecac6578dde245cd5e3a55bf # v10.4.3 + with: + trigger: "@nf-core-bot update textual snapshots" + reaction: "eyes" + stable_branch: "dev" + # Use the @nf-core-bot token to check out so we can push later - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 with: From e97ed07614088c919316cc19b2b91ae298af5666 Mon Sep 17 00:00:00 2001 From: nf-core-bot Date: Tue, 30 Sep 2025 15:09:42 +0000 Subject: [PATCH 2/4] [automated] Fix code linting --- .github/workflows/changelog.yml | 2 +- .github/workflows/update-textual-snapshots.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/changelog.yml b/.github/workflows/changelog.yml index 141a5a8679..946f1e58d7 100644 --- a/.github/workflows/changelog.yml +++ b/.github/workflows/changelog.yml @@ -1,7 +1,7 @@ name: Update CHANGELOG.md on: issue_comment: - types: [created] # Add "@nf-core-bot changelog" as a PR comment to trigger this workflow. + types: [created] # Add "@nf-core-bot changelog" as a PR comment to trigger this workflow. jobs: update_changelog: diff --git a/.github/workflows/update-textual-snapshots.yml b/.github/workflows/update-textual-snapshots.yml index 939079abd2..17eba479cd 100644 --- a/.github/workflows/update-textual-snapshots.yml +++ b/.github/workflows/update-textual-snapshots.yml @@ -1,7 +1,7 @@ name: Update Textual snapshots from a comment on: issue_comment: - types: [created] # Add "@nf-core-bot update textual snapshots" as a PR comment to trigger this workflow. + types: [created] # Add "@nf-core-bot update textual snapshots" as a PR comment to trigger this workflow. jobs: update-snapshots: From 1c9aa6b374c792862858bdfab0d4e4f0bdfa4b4e Mon Sep 17 00:00:00 2001 From: mashehu Date: Wed, 5 Nov 2025 13:46:30 +0100 Subject: [PATCH 3/4] add pull_request_target back to get automatic changelog entries --- .github/workflows/changelog.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/workflows/changelog.yml b/.github/workflows/changelog.yml index ae697729fb..917a8127df 100644 --- a/.github/workflows/changelog.yml +++ b/.github/workflows/changelog.yml @@ -2,6 +2,10 @@ name: Update CHANGELOG.md on: issue_comment: types: [created] # Add "@nf-core-bot changelog" as a PR comment to trigger this workflow. + pull_request_target: + types: [opened] + branches: + - dev jobs: update_changelog: @@ -10,6 +14,7 @@ jobs: steps: - name: branch-deploy id: branch-deploy + if: github.event_name == 'issue_comment' uses: github/branch-deploy@c9fcc362bdcea69eecac6578dde245cd5e3a55bf # v10.4.3 with: trigger: "@nf-core-bot changelog" From 8da4654dc4335106addabb1ecea48dec15b8583b Mon Sep 17 00:00:00 2001 From: mashehu Date: Wed, 5 Nov 2025 13:47:02 +0100 Subject: [PATCH 4/4] switch to branch-deploy for fix linting and update template snapshots --- .github/workflows/fix-linting.yml | 25 +++++++------- .../workflows/update-template-snapshots.yml | 34 ++++++++----------- 2 files changed, 26 insertions(+), 33 deletions(-) diff --git a/.github/workflows/fix-linting.yml b/.github/workflows/fix-linting.yml index b68dcdd189..30fa7ba33f 100644 --- a/.github/workflows/fix-linting.yml +++ b/.github/workflows/fix-linting.yml @@ -1,29 +1,28 @@ name: Fix linting from a comment on: issue_comment: - types: [created] + types: [created] # Add "@nf-core-bot fix linting" as a PR comment to trigger this workflow. jobs: fix-linting: - # Only run if comment is on a PR with the main repo, and if it contains the magic keywords - if: > - contains(github.event.comment.html_url, '/pull/') && - contains(github.event.comment.body, '@nf-core-bot fix linting') && - github.repository == 'nf-core/tools' runs-on: ubuntu-latest + permissions: + pull-requests: write + steps: + - name: branch-deploy + id: branch-deploy + uses: github/branch-deploy@c9fcc362bdcea69eecac6578dde245cd5e3a55bf # v10.4.3 + with: + trigger: "@nf-core-bot fix linting" + reaction: "eyes" + stable_branch: "dev" + # Use the @nf-core-bot token to check out so we can push later - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 with: token: ${{ secrets.nf_core_bot_auth_token }} - # indication that the linting is being fixed - - name: React on comment - uses: peter-evans/create-or-update-comment@e8674b075228eee787fea43ef493e45ece1004c9 # v5 - with: - comment-id: ${{ github.event.comment.id }} - reactions: eyes - # Action runs on the issue comment, so we don't get the PR by default # Use the gh cli to check out the PR - name: Checkout Pull Request diff --git a/.github/workflows/update-template-snapshots.yml b/.github/workflows/update-template-snapshots.yml index c98cd310ed..0f39456a94 100644 --- a/.github/workflows/update-template-snapshots.yml +++ b/.github/workflows/update-template-snapshots.yml @@ -1,21 +1,26 @@ name: Update Template snapshots from a comment on: issue_comment: - types: [created] + types: [created] # Add "@nf-core-bot update template snapshots" as a PR comment to trigger this workflow. jobs: prepare-matrix: name: Retrieve all template features - # Only run if comment is on a PR with the main repo, and if it contains the magic keywords - if: > - contains(github.event.comment.html_url, '/pull/') && - contains(github.event.comment.body, '@nf-core-bot') && - contains(github.event.comment.body, 'update template snapshots') && - github.repository == 'nf-core/tools' runs-on: ubuntu-latest + permissions: + pull-requests: write outputs: all_features: ${{ steps.create_matrix.outputs.matrix }} + steps: + - name: branch-deploy + id: branch-deploy + uses: github/branch-deploy@c9fcc362bdcea69eecac6578dde245cd5e3a55bf # v10.4.3 + with: + trigger: "@nf-core-bot update template snapshots" + reaction: "eyes" + stable_branch: "dev" + - name: checkout uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 - name: Create Matrix @@ -26,13 +31,9 @@ jobs: update-snapshots: needs: [prepare-matrix] - # Only run if comment is on a PR with the main repo, and if it contains the magic keywords - if: > - contains(github.event.comment.html_url, '/pull/') && - contains(github.event.comment.body, '@nf-core-bot') && - contains(github.event.comment.body, 'update template snapshots') && - github.repository == 'nf-core/tools' runs-on: ubuntu-latest + permissions: + pull-requests: write strategy: matrix: TEMPLATE: ${{ fromJson(needs.prepare-matrix.outputs.all_features) }} @@ -45,13 +46,6 @@ jobs: with: token: ${{ secrets.nf_core_bot_auth_token }} - # indication that the command is running - - name: React on comment - uses: peter-evans/create-or-update-comment@e8674b075228eee787fea43ef493e45ece1004c9 # v5 - with: - comment-id: ${{ github.event.comment.id }} - reactions: eyes - # Action runs on the issue comment, so we don't get the PR by default # Use the gh cli to check out the PR - name: Checkout Pull Request