Aaron has documented a helpful GitHub action we use for merging from a long-running development branch into production, all within the GitHub UI.
This saves us time from having to either open and immediately merge a PR or run commands locally.
But one limitation I bumped into is that when this action runs, and the merge and push happen in main
, our other workflows that normally trigger when code is pushed to main
do not run.
Why is this?
GitHub is trying to be helpful here. They want to prevent an infinite loop where one action calls another action, which calls the first action, and so on. Since actions are billable, I appreciate this guardrail.
But what if you want to trigger another action from within an action, and you trust you won't cause an infinite loop?
Three small changes are needed from Aaron's action to make this work:
- Add
actions: write
to the workflow's permissions. -
Generate a personal access token with
repo
permissions, and save it to your repository's secrets with a descriptive name. - Add two parameters to the checkout step in your workflow:
-
persist-credentials: true
-
token: ${{ secrets.YOUR_SECRET_NAME }}
-
The persist-credentials
parameter is helpful so that future steps, like merging and pushing to main
, will automatically use this personal access token.
With these three small changes in place, now when I kick off the merge workflow, our normal CI and deploy workflows will kick off when merged to main
automatically.
Here to help,
Joel
P.S. Aaron has also written a great book on securing your Laravel app, and it's free to download!