question: update GitHub actions without pull request

[vveliev]

Hello, I'm trying to figure out if I can use this actions to only update files locally and then use different action for creating PR

I have similar workflow for updating pre-commit version update, with less permissions and it works just fine

Desired workflow:

permissions:
  pull-requests: write
  contents: read

jobs:
  auto-update:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
            
      - name: Run GitHub Actions Version Updater
        uses: saadmk11/github-actions-version-updater@v0.8.1
        with:
          skip_pull_request: true

      - uses: peter-evans/create-pull-request@v5
        with:
          token: ${{ secrets.GITHUB_TOKEN }}
          branch: update/github-actions
          title: "chore: update github actions to latest version"
          commit-message: "chore: update github action"
          body: Update versions of github actions to latest version.

[Qu4tro]

I had the same problem. Here's my solution:

pre-commit-dependencies-2:
  runs-on: ubuntu-latest
  steps:
    - uses: actions/checkout@v4.1.1

    - run:  pre-commit autoupdate

    - run: git diff > changes.patch
    - uses: actions/upload-artifact@v3.1.3
      with:
        name: patch2
        path: changes.patch

github-actions-dependencies-3:
  runs-on: ubuntu-latest
  steps:
    - uses: actions/checkout@v4.1.1

    - name: Run GitHub Actions Version Updater
      continue-on-error: true
      uses: saadmk11/github-actions-version-updater@v0.8.1
      with:
        token: ${{ secrets.GITHUB_TOKEN }}
        skip_pull_request: true

    - run: git diff > changes.patch
    - uses: actions/upload-artifact@v3.1.3
      with:
        name: patch3
        path: changes.patch

commit-push:
  needs:
    - pre-commit-dependencies-2
    - github-actions-dependencies-3
  runs-on: ubuntu-latest
  steps:
    - uses: actions/checkout@v4.1.1
    - uses: actions/download-artifact@v3.0.2

    - run: |
        for i in 2 3; do
          git apply --allow-empty "patch${i}/changes.patch"
          rm -rf "patch${i}"
        done

    - name: Create Pull Request
      uses: peter-evans/create-pull-request@v5.0.2
      with:
          token: ${{ secrets.GITHUB_TOKEN }} 
          branch: update/github-actions
          title: "chore: update github actions to latest version"
          commit-message: "chore: update github action"
          body: Update versions of github actions to latest version.

cleanup-artifacts:
  needs: commit-push
  runs-on: ubuntu-latest
  steps:
    - name: Delete all artifacts
      uses: geekyeggo/delete-artifact@v2
      with:
        name: |
          patch*

I had to remove some stuff from my actual workflow, but hopefully I didn't fuck it up.

In essence, each job takes care of one type of update. In this case a job for github-actions-version-updater and I've also added the job for pre-commit, because I also have it. Each creates a patch that is stored as an artifact.
commit-push gets all of those artifacts, applies them and creates a PR with them.
Finally, cleanup-artifacts removes the artifacts, because it's effectively trash at that point.

Happy to accept improvements.