ci: replace peter-evans/create-pull-request with gh CLI (#550)

* ci: replace peter-evans/create-pull-request with gh CLI * chore: use ID+USERNAME pattern for GH actions bot * chore: add specific files to git index * chore: merge check outputs into create PR step
2026-05-14 03:02:40 +00:00 · 2026-04-13 13:49:15 +06:00
parent f685ba7215
commit aeb13962e8
1 changed files with 21 additions and 18 deletions
@@ -14,7 +14,7 @@ jobs:
  bump:
    runs-on: ubuntu-2404-2core
    permissions:
-      contents: read
+      contents: read # for actions/checkout
    steps:
      - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4
        with:
@@ -43,22 +43,25 @@ jobs:
        run: make test

      - name: Create PR
-        id: create-pr
-        uses: peter-evans/create-pull-request@4e1beaa7521e8b457b572c090b25bd3db56bf1c5 # v5
-        with:
-          token: ${{ secrets.TRIVY_ACTION_DEPLOY_TOKEN }}
-          title: "chore(deps): Update trivy to v${{ inputs.trivy_version }}"
-          commit-message: "chore(deps): Update trivy to v${{ inputs.trivy_version }}"
-          committer: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
-          author: ${{ github.actor }} <${{ github.actor }}@users.noreply.github.com>
-          branch-suffix: timestamp
-          branch: bump-trivy
-          delete-branch: true
-
-      - name: Check outputs
        env:
-          PR_NUMBER: ${{ steps.create-pr.outputs.pull-request-number }}
-          PR_URL: ${{ steps.create-pr.outputs.pull-request-url }}
+          GH_TOKEN: ${{ secrets.TRIVY_ACTION_DEPLOY_TOKEN }}
+          TRIVY_VERSION: ${{ inputs.trivy_version }}
+          REPO: ${{ github.repository }}
+          BASE_BRANCH: ${{ github.event.repository.default_branch }}
        run: |
-          echo "Pull Request Number - ${PR_NUMBER}"
-          echo "Pull Request URL - ${PR_URL}"
+          gh auth setup-git
+          git config user.name "github-actions[bot]"
+          git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
+          BRANCH="bump-trivy-${TRIVY_VERSION}"
+          git checkout -b "${BRANCH}"
+          git add action.yaml README.md test/
+          git commit -m "chore(deps): Update trivy to v${TRIVY_VERSION}"
+          git push origin "${BRANCH}"
+          PR_RESPONSE=$(gh api repos/${REPO}/pulls \
+            --method POST \
+            --field title="chore(deps): Update trivy to v${TRIVY_VERSION}" \
+            --field body="This PR was automatically generated by the bump-trivy workflow." \
+            --field base="${BASE_BRANCH}" \
+            --field head="${BRANCH}")
+          echo "Pull Request Number - $(echo "${PR_RESPONSE}" | jq -r '.number')"
+          echo "Pull Request URL - $(echo "${PR_RESPONSE}" | jq -r '.html_url')"