name: 'Usage of github-push-action GitHub Action'
permissions: # Job-level permissions configuration starts here
contents: write # 'write' access to repository contents
pull-requests: write # 'write' access to pull requests
on:
push:
branches:
- main
jobs:
deploy:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Create local changes
run: |
# Create or modify files
- name: Commit files
run: |
git config --local user.email "41898282+github-actions[bot]@users.noreply.github.com"
git config --local user.name "github-actions[bot]"
git commit -a -m "Add changes"
- name: Push changes
uses: ad-m/github-push-action@master
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
branch: ${{ github.ref }}
Github Push Action
GitHub actions to push back to repository eg. updated code
What is github-push-action?
This action is designed to push changes made within a GitHub Actions workflow back to the repository, utilizing a GitHub token for seamless authentication. This enables it to be effectively integrated into automated tasks such as:
- Updating code in the repository, for example, after linting processes.
- Tracking changes in script results, using Git for archival purposes.
- Publishing pages via GitHub Pages.
- Mirroring changes to a separate repository for redundancy or backup purposes.
This setup ensures that all modifications made during the CI/CD processes are accurately reflected in the repository or other designated locations, enhancing automation and efficiency in project management.
How to Push Changes to a Specified Branch (e.g., Pull Request Branch)
This workflow triggers on pull requests and pushes any committed changes directly to the pull request branch.
name: Push to PR Branch
on: [pull_request, pull_request_target]
jobs:
push_to_pr:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
ref: ${{ github.head_ref }}
fetch-depth: 0
- name: Commit files
run: |
git config --local user.email "github-actions[bot]@users.noreply.github.com"
git config --local user.name "github-actions[bot]"
git commit -a -m "Add changes"
- name: Push changes
uses: ad-m/github-push-action@master
with:
branch: ${{ github.head_ref }}
How to Force Push to a Repository
This example demonstrates how to safely force push changes to a repository using the force_with_lease option to avoid overwriting work.
jobs:
force_push:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
ref: ${{ github.head_ref }}
fetch-depth: 0
- name: Commit files
run: |
git config --local user.email "github-actions[bot]@users.noreply.github.com"
git config --local user.name "github-actions[bot]"
git commit -a -m "Add changes"
- name: Push changes
uses: ad-m/github-push-action@master
with:
force_with_lease: true
How to Use a GitHub App Token for Pushing Changes
For enhanced security, especially when interacting with protected branches or multiple repositories, using a GitHub App Token can be advantageous.
jobs:
use_app_token:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
ref: ${{ github.head_ref }}
fetch-depth: 0
persist-credentials: false
- name: Generate GitHub App Token
id: generate_token
uses: tibdex/github-app-token@v1
with:
app_id: ${{ secrets.APP_ID }}
installation_id: ${{ secrets.INSTALLATION_ID }}
private_key: ${{ secrets.APP_PRIVATE_KEY }}
- name: Commit files
run: |
git config --local user.email "[email protected]"
git config --local user.name "Test"
git commit -a -m "Add changes"
- name: Push changes
uses: ad-m/github-push-action@master
with:
github_token: ${{ steps.generate_token.outputs.token }}
How to Push Changes to Another Repository Using a Personal Access Token (PAT)
The following workflow demonstrates how to push changes from the default repository to another repository using a Personal Access Token (PAT
). This approach is crucial for enabling cross-repository interactions that are not supported by the default GITHUB_TOKEN
.
jobs:
push_to_other_repo:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
ref: ${{ github.head_ref }}
fetch-depth: 0
token: ${{ secrets.PAT_TOKEN }} # Uses PAT for checkout
- name: Commit files
run: |
git config --local user.email "[email protected]"
git config --local user.name "Test"
git commit -a -m "Add changes" # Commits any changes
- name: Push changes
uses: ad-m/github-push-action@master
with:
github_token: ${{ secrets.PAT_TOKEN }} # Uses PAT for pushing
repository: Test/test # Target repository
force: true # Forces the push
How to Update or Overwrite an Existing Tag
Proper tag management is instrumental for version control and releasing. This workflow will update or overwrite an existing tag, which can be quite useful in cases such as rolling back or updating a release.
jobs:
update_tag:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
ref: ${{ github.head_ref }}
fetch-depth: 0
- name: Update Tag
run: |
git config --local user.email "github-actions[bot]@users.noreply.github.com"
git config --local user.name "GitHub Action"
git tag -d $GITHUB_REF_NAME # Deletes the local tag
git tag $GITHUB_REF_NAME # Recreates the tag
git commit -a -m "Update tag"
- name: Push changes
uses: ad-m/github-push-action@master
with:
force: true # Necessary to update the tag in remote
tags: true # Specifies that tags should also be pushed
How to Authenticate with GitHub Using Deploy Keys (SSH)
Using deploy keys (SSH keys) for authentication in GitHub Actions allows for secure interactions with the repository without exposing user-level credentials. This method is particularly suitable for repositories where deploy keys are set up to provide simplified read or write access without administrative privileges. This ensures a safer, more controlled environment for managing repository operations.
jobs:
authenticate_ssh:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
ssh-key: ${{ secrets.SSH_PRIVATE_KEY }}
persist-credentials: true
- name: Create local changes
run: |
echo "Modify files or execute scripts that change your repository"
# Example commands here
- name: Commit files
run: |
git config --local user.email "41898282+github-actions[bot]@users.noreply.github.com"
git config --local user.name "github-actions[bot]"
git commit -a -m "Add changes"
- name: Push changes
uses: ad-m/github-push-action@master
with:
ssh: true
branch: ${{ github.ref }}
How to Push to a Protected Branch Using a Personal Access Token
Protected branches require higher privileges for operations like pushing changes, which are not provided by the default GITHUB_TOKEN. Using a Personal Access Token (PAT) can bypass these restrictions, allowing for necessary modifications even on protected branches.
jobs:
push_protected_branch:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
ref: ${{ github.head_ref }}
fetch-depth: 0
token: ${{ secrets.PAT_TOKEN }}
- name: Commit files
run: |
git config --local user.email "[email protected]"
git config --local user.name "Test"
git commit -a -m "Add changes"
- name: Push changes
uses: ad-m/github-push-action@master
with:
github_token: ${{ secrets.PAT_TOKEN }}
repository: Test/test
force_with_lease: true