Skip to content

ci: use github-api commit mode for signed changeset commits#1015

Merged
ByronDWall merged 2 commits intomainfrom
FEC-826-signed-changeset-commits
Apr 17, 2026
Merged

ci: use github-api commit mode for signed changeset commits#1015
ByronDWall merged 2 commits intomainfrom
FEC-826-signed-changeset-commits

Conversation

@ByronDWall
Copy link
Copy Markdown
Contributor

@ByronDWall ByronDWall commented Apr 16, 2026

Summary

  • Add commitMode: 'github-api' to changesets/action step in .github/workflows/release.yml
  • Routes the changeset bot commit through the GitHub API so it is auto-signed on behalf of the ct-changesets GitHub App, satisfying the org-wide "Require signed commits" ruleset (enforced 2026-04-10)
  • Unblocks the changeset-release/main PR from merging

Proof of approach: commercetools/nimbus#1380

Closes FEC-826
Parent: FEC-822

Test plan

  • Next changeset release run produces a changeset-release/main branch whose bot commit shows a green Verified badge
  • Version PR merges without "signed commits required" blocks

🤖 Generated with Claude Code

@ByronDWall @claude
ci: add commitMode github-api to changesets/action for signed commits
497f88d 
The GitHub org enforces "Require signed commits" as of 2026-04-10.
changesets/action defaults to commitMode: git-cli, which produces unsigned
commits that are blocked by the ruleset. Setting commitMode: github-api
routes the commit through the GitHub API, which auto-signs on behalf of
the authoring GitHub App.

Closes FEC-826

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@changeset-bot
Copy link
Copy Markdown

changeset-bot bot commented Apr 16, 2026
edited
Loading

⚠️ No Changeset found

Latest commit: 28a3f73

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

@ByronDWall ByronDWall self-assigned this Apr 16, 2026
@ByronDWall @claude
ci(release): reset tree before canary publish
28a3f73 
changesets/action in commitMode: github-api runs the `version:`
command locally (bumping package.jsons, deleting .changeset/*.md)
but commits via the GitHub API without resetting the working tree.
The next step's `git checkout main` fails silently on the dirty
state, causing canary to publish production version numbers under
the canary dist-tag.

Fix: hard-reset to origin/main before running canary, and add
`set -euo pipefail` so future silent failures become hard stops.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@ByronDWall ByronDWall merged commit 65a3635 into main Apr 17, 2026
5 checks passed
@ByronDWall ByronDWall deleted the FEC-826-signed-changeset-commits branch April 17, 2026 13:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tylermorrisford tylermorrisford tylermorrisford approved these changes

@rajrdk rajrdk rajrdk approved these changes

@valoriecarli valoriecarli Awaiting requested review from valoriecarli

Assignees

@ByronDWall ByronDWall

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@ByronDWall @tylermorrisford @rajrdk