name: Changelog on: push: branches: [ main ] tags: - "v*" workflow_dispatch: jobs: changelog: runs-on: ubuntu-latest steps: - name: Checkout (full history + tags) uses: actions/checkout@v4 with: fetch-depth: 0 # Generates Keep a Changelog style CHANGELOG.md using git-cliff. # IMPORTANT: The action downloads git-cliff from GitHub Releases, so we pass a GitHub PAT # (stored as a Gitea secret) to avoid GitHub API 401/rate-limit issues. - name: Generate CHANGELOG.md (Keep a Changelog) uses: orhun/git-cliff-action@v4 with: config: cliff.toml args: --verbose github_token: ${{ secrets.DC_GITHUB_PAT }} env: OUTPUT: CHANGELOG.md # Commits and pushes CHANGELOG.md back to main using a Gitea PAT stored as CHANGELOG_PAT - name: Commit and push if changed (Gitea PAT) shell: bash env: CHANGELOG_PAT: ${{ secrets.CHANGELOG_PAT }} run: | set -e if git diff --quiet -- CHANGELOG.md; then echo "No changelog changes." exit 0 fi git config user.name "changelog-bot" git config user.email "changelog-bot@users.noreply.local" git add CHANGELOG.md git commit -m "docs(changelog): update changelog [skip ci]" origin_url="$(git remote get-url origin)" # Convert SSH origin to HTTPS if needed (git@host:owner/repo.git -> https://host/owner/repo.git) if echo "$origin_url" | grep -q "^git@"; then host="$(echo "$origin_url" | sed -E 's#git@([^:]+):.*#\1#')" path="$(echo "$origin_url" | sed -E 's#git@[^:]+:(.*)#\1#')" origin_url="https://$host/$path" fi # Inject token into https:// URL (https://host/owner/repo.git -> https://oauth2:TOKEN@host/owner/repo.git) authed_url="$(echo "$origin_url" | sed -E "s#^https://#https://oauth2:${CHANGELOG_PAT}@#")" git push "$authed_url" HEAD:main