Merge pull request #804 from peter-evans/gpg-sign-fix

fix: remove unnecessary gpg-sign input

.eslintrc.json

@@ -9,8 +9,7 @@
     "plugin:import/errors",
     "plugin:import/warnings",
     "plugin:import/typescript",
-    "plugin:prettier/recommended",
-    "prettier/@typescript-eslint"
+    "plugin:prettier/recommended"
   ],
   "plugins": ["@typescript-eslint"],
   "rules": {

.github/workflows/ci.yml

@@ -120,7 +120,7 @@ jobs:
       - name: Create Pull Request
         uses: peter-evans/create-pull-request@v3
         with:
-          commit-message: Update distribution
+          commit-message: 'build: update distribution'
           title: Update distribution
           body: |
             - Updates the distribution for changes on `master`

.github/workflows/cpr-example-command.yml

@@ -34,10 +34,12 @@ jobs:
           milestone: 1
           draft: false
           branch: example-patches
+          delete-branch: true
 
       - name: Check output
         run: |
           echo "Pull Request Number - ${{ steps.cpr.outputs.pull-request-number }}"
+          echo "Pull Request URL - ${{ steps.cpr.outputs.pull-request-url }}"
 
       - name: Add reaction
         uses: peter-evans/create-or-update-comment@v1

.github/workflows/update-dep.yml

@@ -18,7 +18,7 @@ jobs:
         uses: peter-evans/create-pull-request@v3
         with:
             token: ${{ secrets.ACTIONS_BOT_TOKEN }}
-            commit-message: Update dependencies
+            commit-message: 'chore: update dependencies'
             committer: GitHub <noreply@github.com>
             author: actions-bot <actions-bot@users.noreply.github.com>
             title: Update dependencies

README.md

@@ -26,6 +26,10 @@ Create Pull Request action will:
 ## Usage
 
 ```yml
+      - uses: actions/checkout@v2
+
+      # Make changes to pull request here
+
       - name: Create Pull Request
         uses: peter-evans/create-pull-request@v3
 ```
@@ -47,6 +51,7 @@ All inputs are **optional**. If not set, sensible defaults will be used.
 | `author` | The author name and email address in the format `Display Name <email@address.com>`. Defaults to the user who triggered the workflow run. | `${{ github.actor }} <${{ github.actor }}@users.noreply.github.com>` |
 | `signoff` | Add [`Signed-off-by`](https://git-scm.com/docs/git-commit#Documentation/git-commit.txt---signoff) line by the committer at the end of the commit log message. | `false` |
 | `branch` | The pull request branch name. | `create-pull-request/patch` |
+| `delete-branch` | Delete the `branch` when closing pull requests, and when undeleted after merging. Recommend `true`. | `false` |
 | `branch-suffix` | The branch suffix type when using the alternative branching strategy. Valid values are `random`, `timestamp` and `short-commit-hash`. See [Alternative strategy](#alternative-strategy---always-create-a-new-pull-request-branch) for details. | |
 | `base` | Sets the pull request base branch. | Defaults to the branch checked out in the workflow. |
 | `push-to-fork` | A fork of the checked-out parent repository to which the pull request branch will be pushed. e.g. `owner/repo-fork`. The pull request will be created to merge the fork's branch into the parent's base. See [push pull request branches to a fork](docs/concepts-guidelines.md#push-pull-request-branches-to-a-fork) for details. | |
@@ -61,8 +66,14 @@ All inputs are **optional**. If not set, sensible defaults will be used.
 
 ### Action outputs
 
-The pull request number is output as a step output.
-Note that in order to read the step output the action step must have an id.
+The following outputs can be used by subsequent workflow steps.
+
+- `pull-request-number` - The pull request number.
+- `pull-request-url` - The URL of the pull request.
+- `pull-request-operation` - The pull request operation performed by the action, `created`, `updated` or `closed`.
+
+Step outputs can be accessed as in the following example.
+Note that in order to read the step outputs the action step must have an id.
 
 ```yml
       - name: Create Pull Request
@@ -71,6 +82,7 @@ Note that in order to read the step output the action step must have an id.
       - name: Check outputs
         run: |
           echo "Pull Request Number - ${{ steps.cpr.outputs.pull-request-number }}"
+          echo "Pull Request URL - ${{ steps.cpr.outputs.pull-request-url }}"
 ```
 
 ### Action behaviour
@@ -84,7 +96,7 @@ How the action behaves:
 - If there are changes (i.e. a diff exists with the checked-out base branch), the changes will be pushed to a new `branch` and a pull request created.
 - If there are no changes (i.e. no diff exists with the checked-out base branch), no pull request will be created and the action exits silently.
 - If a pull request already exists and there are no further changes (i.e. no diff with the current pull request branch) then the action exits silently.
-- If a pull request exists and new changes on the base branch make the pull request unnecessary (i.e. there is no longer a diff between the base and pull request branch), the pull request is automatically closed and the branch deleted.
+- If a pull request exists and new changes on the base branch make the pull request unnecessary (i.e. there is no longer a diff between the pull request branch and the base), the pull request is automatically closed. Additionally, if `delete-branch` is set to `true` the `branch` will be deleted.
 
 For further details about how the action works and usage guidelines, see [Concepts, guidelines and advanced usage](docs/concepts-guidelines.md).
 
@@ -145,15 +157,19 @@ To create a project card for the pull request, pass the `pull-request-number` st
           issue-number: ${{ steps.cpr.outputs.pull-request-number }}
 ```
 
+### Auto-merge
+
+Auto-merge can be enabled on a pull request allowing it to be automatically merged once requirements have been satisfied.
+See [enable-pull-request-automerge](https://github.com/peter-evans/enable-pull-request-automerge) action for usage details.
+
 ## Reference Example
 
-The following workflow is a reference example that sets many of the main inputs.
+The following workflow sets many of the action's inputs for reference purposes.
+Check the [defaults](#action-inputs) to avoid setting inputs unnecessarily.
 
 See [examples](docs/examples.md) for more realistic use cases.
 
 ```yml
-name: Create Pull Request
-on: push
 jobs:
   createPullRequest:
     runs-on: ubuntu-latest
@@ -173,6 +189,7 @@ jobs:
           author: ${{ github.actor }} <${{ github.actor }}@users.noreply.github.com>
           signoff: false
           branch: example-patches
+          delete-branch: true
           title: '[Example] Update report'
           body: |
             Update report
@@ -191,9 +208,10 @@ jobs:
           milestone: 1
           draft: false
 
-      - name: Check output
+      - name: Check outputs
         run: |
           echo "Pull Request Number - ${{ steps.cpr.outputs.pull-request-number }}"
+          echo "Pull Request URL - ${{ steps.cpr.outputs.pull-request-url }}"
 ```
 
 An example based on the above reference configuration creates pull requests that look like this:

__test__/create-or-update-branch.int.test.ts

@@ -543,6 +543,74 @@ describe('create-or-update-branch tests', () => {
     ).toBeTruthy()
   })
 
+  it('tests create, squash merge, and update with identical changes', async () => {
+    // Branches that have been squash merged appear to have a diff with the base due to
+    // different commits for the same changes. To prevent creating pull requests
+    // unnecessarily we reset (rebase) the pull request branch when a reset would result
+    // in no diff with the base. This will reset any undeleted branches after merging.
+
+    // Create tracked and untracked file changes
+    const changes = await createChanges()
+    const commitMessage = uuidv4()
+    const result = await createOrUpdateBranch(
+      git,
+      commitMessage,
+      '',
+      BRANCH,
+      REMOTE_NAME,
+      false
+    )
+    expect(result.action).toEqual('created')
+    expect(await getFileContent(TRACKED_FILE)).toEqual(changes.tracked)
+    expect(await getFileContent(UNTRACKED_FILE)).toEqual(changes.untracked)
+    expect(
+      await gitLogMatches([commitMessage, INIT_COMMIT_MESSAGE])
+    ).toBeTruthy()
+
+    // Push pull request branch to remote
+    await git.push([
+      '--force-with-lease',
+      REMOTE_NAME,
+      `HEAD:refs/heads/${BRANCH}`
+    ])
+
+    await afterTest(false)
+    await beforeTest()
+
+    // Create a commit on the base with the same changes as the branch
+    // This simulates squash merge of the pull request
+    const commits = await createCommits(
+      git,
+      1,
+      changes.tracked,
+      changes.untracked
+    )
+    await git.push([
+      '--force',
+      REMOTE_NAME,
+      `HEAD:refs/heads/${DEFAULT_BRANCH}`
+    ])
+
+    // Create the same tracked and untracked file changes (no change on update)
+    const _changes = await createChanges(changes.tracked, changes.untracked)
+    const _commitMessage = uuidv4()
+    const _result = await createOrUpdateBranch(
+      git,
+      _commitMessage,
+      '',
+      BRANCH,
+      REMOTE_NAME,
+      false
+    )
+    expect(_result.action).toEqual('updated')
+    expect(_result.hasDiffWithBase).toBeFalsy()
+    expect(await getFileContent(TRACKED_FILE)).toEqual(_changes.tracked)
+    expect(await getFileContent(UNTRACKED_FILE)).toEqual(_changes.untracked)
+    expect(
+      await gitLogMatches([...commits.commitMsgs, INIT_COMMIT_MESSAGE])
+    ).toBeTruthy()
+  })
+
   it('tests create and update with commits on the working base (during the workflow)', async () => {
     // Create commits on the working base
     const commits = await createCommits(git)
@@ -1213,6 +1281,80 @@ describe('create-or-update-branch tests', () => {
     ).toBeTruthy()
   })
 
+  it('tests create, squash merge, and update with identical changes (WBNB)', async () => {
+    // Branches that have been squash merged appear to have a diff with the base due to
+    // different commits for the same changes. To prevent creating pull requests
+    // unnecessarily we reset (rebase) the pull request branch when a reset would result
+    // in no diff with the base. This will reset any undeleted branches after merging.
+
+    // Set the working base to a branch that is not the pull request base
+    await git.checkout(NOT_BASE_BRANCH)
+
+    // Create tracked and untracked file changes
+    const changes = await createChanges()
+    const commitMessage = uuidv4()
+    const result = await createOrUpdateBranch(
+      git,
+      commitMessage,
+      BASE,
+      BRANCH,
+      REMOTE_NAME,
+      false
+    )
+    expect(result.action).toEqual('created')
+    expect(await getFileContent(TRACKED_FILE)).toEqual(changes.tracked)
+    expect(await getFileContent(UNTRACKED_FILE)).toEqual(changes.untracked)
+    expect(
+      await gitLogMatches([commitMessage, INIT_COMMIT_MESSAGE])
+    ).toBeTruthy()
+
+    // Push pull request branch to remote
+    await git.push([
+      '--force-with-lease',
+      REMOTE_NAME,
+      `HEAD:refs/heads/${BRANCH}`
+    ])
+
+    await afterTest(false)
+    await beforeTest()
+
+    // Create a commit on the base with the same changes as the branch
+    // This simulates squash merge of the pull request
+    const commits = await createCommits(
+      git,
+      1,
+      changes.tracked,
+      changes.untracked
+    )
+    await git.push([
+      '--force',
+      REMOTE_NAME,
+      `HEAD:refs/heads/${DEFAULT_BRANCH}`
+    ])
+
+    // Set the working base to a branch that is not the pull request base
+    await git.checkout(NOT_BASE_BRANCH)
+
+    // Create the same tracked and untracked file changes (no change on update)
+    const _changes = await createChanges(changes.tracked, changes.untracked)
+    const _commitMessage = uuidv4()
+    const _result = await createOrUpdateBranch(
+      git,
+      _commitMessage,
+      BASE,
+      BRANCH,
+      REMOTE_NAME,
+      false
+    )
+    expect(_result.action).toEqual('updated')
+    expect(_result.hasDiffWithBase).toBeFalsy()
+    expect(await getFileContent(TRACKED_FILE)).toEqual(_changes.tracked)
+    expect(await getFileContent(UNTRACKED_FILE)).toEqual(_changes.untracked)
+    expect(
+      await gitLogMatches([...commits.commitMsgs, INIT_COMMIT_MESSAGE])
+    ).toBeTruthy()
+  })
+
   it('tests create and update with commits on the working base (during the workflow) (WBNB)', async () => {
     // Set the working base to a branch that is not the pull request base
     await git.checkout(NOT_BASE_BRANCH)

action.yml

@@ -27,6 +27,11 @@ inputs:
   branch:
     description: 'The pull request branch name.'
     default: 'create-pull-request/patch'
+  delete-branch:
+    description: >
+      Delete the `branch` when closing pull requests, and when undeleted after merging.
+      Recommend `true`.
+    default: false
   branch-suffix:
     description: 'The branch suffix type when using the alternative branching strategy.'
   base:

docs/concepts-guidelines.md

@@ -16,6 +16,7 @@ This document covers terminology, how the action works, general usage guidelines
   - [Push using SSH (deploy keys)](#push-using-ssh-deploy-keys)
   - [Push pull request branches to a fork](#push-pull-request-branches-to-a-fork)
   - [Authenticating with GitHub App generated tokens](#authenticating-with-github-app-generated-tokens)
+  - [GPG commit signature verification](#gpg-commit-signature-verification)
   - [Running in a container or on self-hosted runners](#running-in-a-container-or-on-self-hosted-runners)
 
 ## Terminology
@@ -29,7 +30,8 @@ A pull request references two branches:
 
 ## Events and checkout
 
-For each [event type](https://docs.github.com/en/actions/reference/events-that-trigger-workflows) there is a default `GITHUB_SHA` that will be checked out by the GitHub Actions [checkout](https://github.com/actions/checkout) action.
+This action expects repositories to be checked out with the official GitHub Actions [checkout](https://github.com/actions/checkout) action.
+For each [event type](https://docs.github.com/en/actions/reference/events-that-trigger-workflows) there is a default `GITHUB_SHA` that will be checked out.
 
 The default can be overridden by specifying a `ref` on checkout.
 
@@ -128,6 +130,8 @@ jobs:
     if: github.event.pull_request.head.repo.full_name == github.repository
 ```
 
+For further reading regarding the security of pull requests, see this GitHub blog post titled [Keeping your GitHub Actions and workflows secure: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)
+
 ### Triggering further workflow runs
 
 Pull requests created by the action using the default `GITHUB_TOKEN` cannot trigger other workflows. If you have `on: pull_request` or `on: push` workflows acting as checks on pull requests, they will not run.
@@ -141,9 +145,13 @@ Pull requests created by the action using the default `GITHUB_TOKEN` cannot trig
 There are a number of workarounds with different pros and cons.
 
 - Use the default `GITHUB_TOKEN` and allow the action to create pull requests that have no checks enabled. Manually close pull requests and immediately reopen them. This will enable `on: pull_request` workflows to run and be added as checks.
+
 - Use a `repo` scoped [Personal Access Token (PAT)](https://docs.github.com/en/github/authenticating-to-github/creating-a-personal-access-token) created on an account that has write access to the repository that pull requests are being created in. This is the standard workaround and [recommended by GitHub](https://docs.github.com/en/actions/reference/events-that-trigger-workflows#triggering-new-workflows-using-a-personal-access-token). However, the PAT cannot be scoped to a specific repository so the token becomes a very sensitive secret. If this is a concern, the PAT can instead be created for a dedicated [machine account](https://docs.github.com/en/github/site-policy/github-terms-of-service#3-account-requirements) that has collaborator access to the repository. Also note that because the account that owns the PAT will be the creator of pull requests, that user account will be unable to perform actions such as request changes or approve the pull request.
+
 - Use [SSH (deploy keys)](#push-using-ssh-deploy-keys) to push the pull request branch. This is arguably more secure than using a PAT because deploy keys can be set per repository. However, this method will only trigger `on: push` workflows.
+
 - Use a [machine account that creates pull requests from its own fork](#push-pull-request-branches-to-a-fork). This is the most secure because the PAT created only grants access to the machine account's fork, not the main repository. This method will trigger `on: pull_request` workflows to run. Workflows triggered `on: push` will not run because the push event is in the fork.
+
 - Use a [GitHub App to generate a token](#authenticating-with-github-app-generated-tokens) that can be used with this action. GitHub App generated tokens are more secure than using a PAT because GitHub App access permissions can be set with finer granularity and are scoped to only repositories where the App is installed. This method will trigger both `on: push` and `on: pull_request` workflows.
 
 ### Security
@@ -267,6 +275,48 @@ GitHub App generated tokens are more secure than using a PAT because GitHub App
           token: ${{ steps.generate-token.outputs.token }}
 ```
 
+### GPG commit signature verification
+
+The action can use GPG to sign commits with a GPG key that you generate yourself.
+
+1. Follow GitHub's guide to [generate a new GPG key](https://docs.github.com/en/github/authenticating-to-github/generating-a-new-gpg-key).
+
+2. [Add the public key](https://docs.github.com/en/github/authenticating-to-github/adding-a-new-gpg-key-to-your-github-account) to the user account associated with the [Personal Access Token (PAT)](https://docs.github.com/en/github/authenticating-to-github/creating-a-personal-access-token) that you will use with the action.
+
+3. Copy the private key to your clipboard, replacing `email@example.com` with the email address of your GPG key.
+   ```
+   # macOS
+   gpg --armor --export-secret-key email@example.com | pbcopy
+   ```
+
+4. Paste the private key into a repository secret where the workflow will run. e.g. `GPG_PRIVATE_KEY`
+
+5. Create another repository secret for the key's passphrase, if applicable. e.g. `GPG_PASSPHRASE`
+
+6. The following example workflow shows how to use [crazy-max/ghaction-import-gpg](https://github.com/crazy-max/ghaction-import-gpg) to import your GPG key and allow the action to sign commits.
+
+   Note that the `committer` email address *MUST* match the email address used to create your GPG key.
+
+```yaml
+    steps:
+      - uses: actions/checkout@v2
+
+      - uses: crazy-max/ghaction-import-gpg@v3
+        with:
+          gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }}
+          passphrase: ${{ secrets.GPG_PASSPHRASE }}
+          git-user-signingkey: true
+          git-commit-gpgsign: true
+
+      # Make changes to pull request here
+
+      - name: Create Pull Request
+        uses: peter-evans/create-pull-request@v3
+        with:
+          token: ${{ secrets.PAT }}
+          committer: example <email@example.com>
+```
+
 ### Running in a container or on self-hosted runners
 
 This action can be run inside a container, or on [self-hosted runners](https://docs.github.com/en/actions/hosting-your-own-runners), by installing the necessary dependencies.

docs/examples.md

@@ -3,6 +3,8 @@
 - [Use case: Create a pull request to update X on push](#use-case-create-a-pull-request-to-update-x-on-push)
   - [Update project authors](#update-project-authors)
   - [Keep a branch up-to-date with another](#keep-a-branch-up-to-date-with-another)
+- [Use case: Create a pull request to update X on release](#use-case-create-a-pull-request-to-update-x-on-release)
+  - [Update changelog](#update-changelog)
 - [Use case: Create a pull request to update X periodically](#use-case-create-a-pull-request-to-update-x-periodically)
   - [Update NPM dependencies](#update-npm-dependencies)
   - [Update Gradle dependencies](#update-gradle-dependencies)
@@ -18,6 +20,8 @@
 - [Misc workflow tips](#misc-workflow-tips)
   - [Filtering push events](#filtering-push-events)
   - [Dynamic configuration using variables](#dynamic-configuration-using-variables)
+  - [Setting the pull request body from a file](#setting-the-pull-request-body-from-a-file)
+  - [Using a markdown template](#using-a-markdown-template)
   - [Debugging GitHub Actions](#debugging-github-actions)
 
 
@@ -83,6 +87,45 @@ jobs:
           branch: production-promotion
 ```
 
+## Use case: Create a pull request to update X on release
+
+This pattern will work well for updating any kind of static content based on the tagged commit of a release. Note that because `release` is one of the [events which checkout a commit](concepts-guidelines.md#events-which-checkout-a-commit) it is necessary to supply the `base` input to the action.
+
+### Update changelog
+
+Raises a pull request to update the `CHANGELOG.md` file based on the tagged commit of the release.
+Note that [git-chglog](https://github.com/git-chglog/git-chglog/) requires some configuration files to exist in the repository before this workflow will work.
+
+This workflow assumes the tagged release was made on a default branch called `master`.
+
+```yml
+name: Update Changelog
+on:
+  release:
+    types: [published]
+jobs:
+  updateChangelog:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+      - name: Update Changelog
+        run: |
+          curl -o git-chglog -L https://github.com/git-chglog/git-chglog/releases/download/0.9.1/git-chglog_linux_amd64
+          chmod u+x git-chglog
+          ./git-chglog -o CHANGELOG.md
+          rm git-chglog
+      - name: Create Pull Request
+        uses: peter-evans/create-pull-request@v3
+        with:
+          commit-message: update changelog
+          title: Update Changelog
+          body: Update changelog to reflect release changes
+          branch: update-changelog
+          base: master
+```
+
 ## Use case: Create a pull request to update X periodically
 
 This pattern will work well for updating any kind of static content from an external source. The workflow executes on a schedule and raises a pull request when there are changes.
@@ -498,21 +541,6 @@ The recommended method is to use [`set-output`](https://docs.github.com/en/actio
           body: ${{ steps.vars.outputs.pr_body }}
 ```
 
-Alternatively, [`set-env`](https://docs.github.com/en/actions/reference/workflow-commands-for-github-actions#setting-an-environment-variable) can be used to create environment variables.
-
-```yml
-      - name: Set environment variables
-        run: |
-          echo ::set-env name=PULL_REQUEST_TITLE::"[Test] Add report file $(date +%d-%m-%Y)"
-          echo ::set-env name=PULL_REQUEST_BODY::"This PR was auto-generated on $(date +%d-%m-%Y) \
-            by [create-pull-request](https://github.com/peter-evans/create-pull-request)."
-      - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v3
-        with:
-          title: ${{ env.PULL_REQUEST_TITLE }}
-          body: ${{ env.PULL_REQUEST_BODY }}
-```
-
 ### Setting the pull request body from a file
 
 This example shows how file content can be read into a variable and passed to the action.
@@ -533,6 +561,31 @@ The content must be [escaped to preserve newlines](https://github.community/t/se
           body: ${{ steps.get-pr-body.outputs.body }}
 ```
 
+### Using a markdown template
+
+In this example, a markdown template file is added to the repository at `.github/pull-request-template.md` with the following content.
+```
+This is a test pull request template
+Render template variables such as {{ .foo }} and {{ .bar }}.
+```
+
+The template is rendered using the [render-template](https://github.com/chuhlomin/render-template) action and the result is used to create the pull request.
+```yml
+      - name: Render template
+        id: template
+        uses: chuhlomin/render-template@v1.2
+        with:
+          template: .github/pull-request-template.md
+          vars: |
+            foo: this
+            bar: that
+
+      - name: Create Pull Request
+        uses: peter-evans/create-pull-request@v3
+        with:
+          body: ${{ steps.template.outputs.result }}
+```
+
 ### Debugging GitHub Actions
 
 #### Runner Diagnostic Logging

package.json

@@ -29,26 +29,26 @@
   },
   "homepage": "https://github.com/peter-evans/create-pull-request",
   "dependencies": {
-    "@actions/core": "1.2.4",
+    "@actions/core": "1.2.6",
     "@actions/exec": "1.0.4",
-    "@octokit/core": "3.1.2",
-    "@octokit/plugin-paginate-rest": "2.3.0",
-    "@octokit/plugin-rest-endpoint-methods": "4.1.2",
-    "uuid": "8.3.0"
+    "@octokit/core": "3.3.2",
+    "@octokit/plugin-paginate-rest": "2.13.3",
+    "@octokit/plugin-rest-endpoint-methods": "5.0.0",
+    "uuid": "8.3.2"
   },
   "devDependencies": {
-    "@types/jest": "26.0.9",
-    "@types/node": "14.0.27",
-    "@typescript-eslint/parser": "3.9.0",
-    "@vercel/ncc": "0.23.0",
-    "eslint": "7.6.0",
-    "eslint-plugin-github": "4.1.1",
-    "eslint-plugin-jest": "23.20.0",
-    "jest": "26.4.0",
-    "jest-circus": "26.4.0",
-    "js-yaml": "3.14.0",
-    "prettier": "2.0.5",
-    "ts-jest": "26.2.0",
-    "typescript": "3.9.7"
+    "@types/jest": "26.0.22",
+    "@types/node": "14.14.37",
+    "@typescript-eslint/parser": "4.20.0",
+    "@vercel/ncc": "0.27.0",
+    "eslint": "7.23.0",
+    "eslint-plugin-github": "4.1.2",
+    "eslint-plugin-jest": "24.3.2",
+    "jest": "26.6.3",
+    "jest-circus": "26.6.3",
+    "js-yaml": "4.0.0",
+    "prettier": "2.2.1",
+    "ts-jest": "26.5.4",
+    "typescript": "4.2.3"
   }
 }

src/create-or-update-branch.ts

@@ -78,15 +78,6 @@ async function isEven(
   )
 }
 
-async function hasDiff(
-  git: GitCommandManager,
-  branch1: string,
-  branch2: string
-): Promise<boolean> {
-  const result = await git.diff([`${branch1}..${branch2}`])
-  return result.length > 0
-}
-
 function splitLines(multilineString: string): string[] {
   return multilineString
     .split('\n')
@@ -139,8 +130,18 @@ export async function createOrUpdateBranch(
   // Perform fetch and reset the working base
   // Commits made during the workflow will be removed
   if (workingBaseType == WorkingBaseType.Branch) {
-    core.info(`Resetting working base branch '${workingBase}' to its remote`)
-    await git.fetch([`${workingBase}:${workingBase}`], baseRemote, ['--force'])
+    core.info(`Resetting working base branch '${workingBase}'`)
+    if (branchRemoteName == 'fork') {
+      // If pushing to a fork we must fetch with 'unshallow' to avoid the following error on git push
+      // ! [remote rejected] HEAD -> tests/push-branch-to-fork (shallow update not allowed)
+      await git.fetch([`${workingBase}:${workingBase}`], baseRemote, [
+        '--force'
+      ])
+    } else {
+      // If the remote is 'origin' we can git reset
+      await git.checkout(workingBase)
+      await git.exec(['reset', '--hard', `${baseRemote}/${workingBase}`])
+    }
   }
 
   // If the working base is not the base, rebase the temp branch commits
@@ -177,7 +178,7 @@ export async function createOrUpdateBranch(
     // The pull request branch does not exist
     core.info(`Pull request branch '${branch}' does not exist yet.`)
     // Create the pull request branch
-    await git.checkout(branch, 'HEAD')
+    await git.checkout(branch, tempBranch)
     // Check if the pull request branch is ahead of the base
     result.hasDiffWithBase = await isAhead(git, base, branch)
     if (result.hasDiffWithBase) {
@@ -196,9 +197,18 @@ export async function createOrUpdateBranch(
     // Checkout the pull request branch
     await git.checkout(branch)
 
-    if (await hasDiff(git, branch, tempBranch)) {
-      // If the branch differs from the recreated temp version then the branch is reset
-      // For changes on base this action is similar to a rebase of the pull request branch
+    // Reset the branch if one of the following conditions is true.
+    // - If the branch differs from the recreated temp branch.
+    // - If the recreated temp branch is not ahead of the base. This means there will be
+    //   no pull request diff after the branch is reset. This will reset any undeleted
+    //   branches after merging. In particular, it catches a case where the branch was
+    //   squash merged but not deleted. We need to reset to make sure it doesn't appear
+    //   to have a diff with the base due to different commits for the same changes.
+    // For changes on base this reset is equivalent to a rebase of the pull request branch.
+    if (
+      (await git.hasDiff([`${branch}..${tempBranch}`])) ||
+      !(await isAhead(git, base, tempBranch))
+    ) {
       core.info(`Resetting '${branch}'`)
       // Alternatively, git switch -C branch tempBranch
       await git.checkout(branch, tempBranch)

src/create-pull-request.ts

@@ -17,6 +17,7 @@ export interface Inputs {
   author: string
   signoff: boolean
   branch: string
+  deleteBranch: boolean
   branchSuffix: string
   base: string
   pushToFork: string
@@ -105,6 +106,12 @@ export async function createPullRequest(inputs: Inputs): Promise<void> {
         `The 'base' and 'branch' for a pull request must be different branches. Unable to continue.`
       )
     }
+    // For self-hosted runners the repository state persists between runs.
+    // This command prunes the stale remote ref when the pull request branch was
+    // deleted after being merged or closed. Without this the push using
+    // '--force-with-lease' fails due to "stale info."
+    // https://github.com/peter-evans/create-pull-request/issues/633
+    await git.exec(['remote', 'prune', branchRemoteName])
     core.endGroup()
 
     // Apply the branch suffix if set
@@ -188,24 +195,44 @@ export async function createPullRequest(inputs: Inputs): Promise<void> {
 
     if (result.hasDiffWithBase) {
       // Create or update the pull request
-      await githubHelper.createOrUpdatePullRequest(
+      const pull = await githubHelper.createOrUpdatePullRequest(
         inputs,
         baseRemote.repository,
         branchRepository
       )
+
+      // Set outputs
+      core.startGroup('Setting outputs')
+      core.setOutput('pull-request-number', pull.number)
+      core.setOutput('pull-request-url', pull.html_url)
+      if (pull.created) {
+        core.setOutput('pull-request-operation', 'created')
+      } else if (result.action == 'updated') {
+        core.setOutput('pull-request-operation', 'updated')
+      }
+      // Deprecated
+      core.exportVariable('PULL_REQUEST_NUMBER', pull.number)
+      core.endGroup()
     } else {
-      // If there is no longer a diff with the base delete the branch
+      // There is no longer a diff with the base
+      // Check we are in a state where a branch exists
       if (['updated', 'not-updated'].includes(result.action)) {
         core.info(
           `Branch '${inputs.branch}' no longer differs from base branch '${inputs.base}'`
         )
-        core.info(`Closing pull request and deleting branch '${inputs.branch}'`)
-        await git.push([
-          '--delete',
-          '--force',
-          branchRemoteName,
-          `refs/heads/${inputs.branch}`
-        ])
+        if (inputs.deleteBranch) {
+          core.info(`Deleting branch '${inputs.branch}'`)
+          await git.push([
+            '--delete',
+            '--force',
+            branchRemoteName,
+            `refs/heads/${inputs.branch}`
+          ])
+          // Set outputs
+          core.startGroup('Setting outputs')
+          core.setOutput('pull-request-operation', 'closed')
+          core.endGroup()
+        }
       }
     }
   } catch (error) {

src/git-command-manager.ts

@@ -96,15 +96,6 @@ export class GitCommandManager {
     return output.exitCode === 0
   }
 
-  async diff(options?: string[]): Promise<string> {
-    const args = ['-c', 'core.pager=cat', 'diff']
-    if (options) {
-      args.push(...options)
-    }
-    const output = await this.exec(args)
-    return output.stdout.trim()
-  }
-
   async fetch(
     refSpec: string[],
     remoteName?: string,
@@ -153,18 +144,26 @@ export class GitCommandManager {
     return this.workingDirectory
   }
 
+  async hasDiff(options?: string[]): Promise<boolean> {
+    const args = ['diff', '--quiet']
+    if (options) {
+      args.push(...options)
+    }
+    const output = await this.exec(args, true)
+    return output.exitCode === 1
+  }
+
   async isDirty(untracked: boolean): Promise<boolean> {
-    const diffArgs = ['--abbrev=40', '--full-index', '--raw']
-    // Check staged changes
-    if (await this.diff([...diffArgs, '--staged'])) {
+    // Check untracked changes
+    if (untracked && (await this.status(['--porcelain', '-unormal']))) {
       return true
     }
     // Check working index changes
-    if (await this.diff(diffArgs)) {
+    if (await this.hasDiff()) {
       return true
     }
-    // Check untracked changes
-    if (untracked && (await this.status(['--porcelain', '-unormal']))) {
+    // Check staged changes
+    if (await this.hasDiff(['--staged'])) {
       return true
     }
     return false

src/github-helper.ts

@@ -10,6 +10,12 @@ interface Repository {
   repo: string
 }
 
+interface Pull {
+  number: number
+  html_url: string
+  created: boolean
+}
+
 export class GitHubHelper {
   private octokit: InstanceType<typeof Octokit>
 
@@ -18,6 +24,7 @@ export class GitHubHelper {
     if (token) {
       options.auth = `${token}`
     }
+    options.baseUrl = process.env['GITHUB_API_URL'] || 'https://api.github.com'
     this.octokit = new Octokit(options)
   }
 
@@ -33,10 +40,10 @@ export class GitHubHelper {
     inputs: Inputs,
     baseRepository: string,
     headBranch: string
-  ): Promise<number> {
+  ): Promise<Pull> {
     // Try to create the pull request
     try {
-      const {data: pull} = await this.octokit.pulls.create({
+      const {data: pull} = await this.octokit.rest.pulls.create({
         ...this.parseRepository(baseRepository),
         title: inputs.title,
         head: headBranch,
@@ -47,24 +54,30 @@ export class GitHubHelper {
       core.info(
         `Created pull request #${pull.number} (${headBranch} => ${inputs.base})`
       )
-      return pull.number
+      return {
+        number: pull.number,
+        html_url: pull.html_url,
+        created: true
+      }
     } catch (e) {
       if (
-        !e.message ||
-        !e.message.includes(`A pull request already exists for ${headBranch}`)
+        e.message &&
+        e.message.includes(`A pull request already exists for ${headBranch}`)
       ) {
+        core.info(`A pull request already exists for ${headBranch}`)
+      } else {
         throw e
       }
     }
 
     // Update the pull request that exists for this branch and base
-    const {data: pulls} = await this.octokit.pulls.list({
+    const {data: pulls} = await this.octokit.rest.pulls.list({
       ...this.parseRepository(baseRepository),
       state: 'open',
       head: headBranch,
       base: inputs.base
     })
-    const {data: pull} = await this.octokit.pulls.update({
+    const {data: pull} = await this.octokit.rest.pulls.update({
       ...this.parseRepository(baseRepository),
       pull_number: pulls[0].number,
       title: inputs.title,
@@ -74,11 +87,15 @@ export class GitHubHelper {
     core.info(
       `Updated pull request #${pull.number} (${headBranch} => ${inputs.base})`
     )
-    return pull.number
+    return {
+      number: pull.number,
+      html_url: pull.html_url,
+      created: false
+    }
   }
 
   async getRepositoryParent(headRepository: string): Promise<string> {
-    const {data: headRepo} = await this.octokit.repos.get({
+    const {data: headRepo} = await this.octokit.rest.repos.get({
       ...this.parseRepository(headRepository)
     })
     if (!headRepo.parent) {
@@ -93,42 +110,38 @@ export class GitHubHelper {
     inputs: Inputs,
     baseRepository: string,
     headRepository: string
-  ): Promise<void> {
+  ): Promise<Pull> {
     const [headOwner] = headRepository.split('/')
     const headBranch = `${headOwner}:${inputs.branch}`
 
     // Create or update the pull request
-    const pullNumber = await this.createOrUpdate(
-      inputs,
-      baseRepository,
-      headBranch
-    )
+    const pull = await this.createOrUpdate(inputs, baseRepository, headBranch)
 
-    // Set outputs
-    core.startGroup('Setting outputs')
-    core.setOutput('pull-request-number', pullNumber)
-    core.exportVariable('PULL_REQUEST_NUMBER', pullNumber)
-    core.endGroup()
-
-    // Set milestone, labels and assignees
-    const updateIssueParams = {}
+    // Apply milestone
     if (inputs.milestone) {
-      updateIssueParams['milestone'] = inputs.milestone
       core.info(`Applying milestone '${inputs.milestone}'`)
-    }
-    if (inputs.labels.length > 0) {
-      updateIssueParams['labels'] = inputs.labels
-      core.info(`Applying labels '${inputs.labels}'`)
-    }
-    if (inputs.assignees.length > 0) {
-      updateIssueParams['assignees'] = inputs.assignees
-      core.info(`Applying assignees '${inputs.assignees}'`)
-    }
-    if (Object.keys(updateIssueParams).length > 0) {
-      await this.octokit.issues.update({
+      await this.octokit.rest.issues.update({
         ...this.parseRepository(baseRepository),
-        issue_number: pullNumber,
-        ...updateIssueParams
+        issue_number: pull.number,
+        milestone: inputs.milestone
+      })
+    }
+    // Apply labels
+    if (inputs.labels.length > 0) {
+      core.info(`Applying labels '${inputs.labels}'`)
+      await this.octokit.rest.issues.addLabels({
+        ...this.parseRepository(baseRepository),
+        issue_number: pull.number,
+        labels: inputs.labels
+      })
+    }
+    // Apply assignees
+    if (inputs.assignees.length > 0) {
+      core.info(`Applying assignees '${inputs.assignees}'`)
+      await this.octokit.rest.issues.addAssignees({
+        ...this.parseRepository(baseRepository),
+        issue_number: pull.number,
+        assignees: inputs.assignees
       })
     }
 
@@ -144,9 +157,9 @@ export class GitHubHelper {
     }
     if (Object.keys(requestReviewersParams).length > 0) {
       try {
-        await this.octokit.pulls.requestReviewers({
+        await this.octokit.rest.pulls.requestReviewers({
           ...this.parseRepository(baseRepository),
-          pull_number: pullNumber,
+          pull_number: pull.number,
           ...requestReviewersParams
         })
       } catch (e) {
@@ -157,5 +170,7 @@ export class GitHubHelper {
         }
       }
     }
+
+    return pull
   }
 }

src/main.ts

@@ -13,6 +13,7 @@ async function run(): Promise<void> {
       author: core.getInput('author'),
       signoff: core.getInput('signoff') === 'true',
       branch: core.getInput('branch'),
+      deleteBranch: core.getInput('delete-branch') === 'true',
       branchSuffix: core.getInput('branch-suffix'),
       base: core.getInput('base'),
       pushToFork: core.getInput('push-to-fork'),

src/utils.ts

@@ -39,8 +39,21 @@ interface RemoteDetail {
 export function getRemoteDetail(remoteUrl: string): RemoteDetail {
   // Parse the protocol and github repository from a URL
   // e.g. HTTPS, peter-evans/create-pull-request
-  const httpsUrlPattern = /^https:\/\/.*@?github.com\/(.+\/.+)$/i
-  const sshUrlPattern = /^git@github.com:(.+\/.+).git$/i
+  const githubUrl = process.env['GITHUB_SERVER_URL'] || 'https://github.com'
+
+  const githubServerMatch = githubUrl.match(/^https?:\/\/(.+)$/i)
+  if (!githubServerMatch) {
+    throw new Error('Could not parse GitHub Server name')
+  }
+
+  const httpsUrlPattern = new RegExp(
+    '^https?://.*@?' + githubServerMatch[1] + '/(.+/.+)$',
+    'i'
+  )
+  const sshUrlPattern = new RegExp(
+    '^git@' + githubServerMatch[1] + ':(.+/.+).git$',
+    'i'
+  )
 
   const httpsMatch = remoteUrl.match(httpsUrlPattern)
   if (httpsMatch) {