-
Notifications
You must be signed in to change notification settings - Fork 697
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Adds a bot that automatically opens MRs into the `stable2407` branch when the `A4-needs-backport` label is applied to a merged MR. TODO: - [x] ~~Settle on label vs error message trade-off~~ (resolved) docs: # Backporting This document explains how to backport a merged PR from `master` to one of the `stable*` branches. Backports should only be used to fix bugs or security issues - never to introduce new features. ## Steps 1. Fix a bug through a PR that targets `master`. 2. Add label `A4-needs-backport` to the PR. 4. Merge the PR into `master`. 5. Wait for the bot to open the backport PR. 6. Ensure the change is audited or does not need audit. 7. Merge the backport PR. The label can also be added after the PR is merged. ## Example For example here where the dev triggered the process by adding the label after merging: ![backport-ex2](https://github.com/user-attachments/assets/c7b686db-a0fe-41f1-9d6f-959a5a7097b1) --------- Signed-off-by: Oliver Tale-Yazdi <[email protected]>
- Loading branch information
Showing
5 changed files
with
91 additions
and
6 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,62 @@ | ||
name: Backport into stable | ||
|
||
on: | ||
# This trigger can be problematic, see: https://securitylab.github.com/resources/github-actions-preventing-pwn-requests/ | ||
# In our case it is fine since we only run it on merged Pull Requests and do not execute any of the repo code itself. | ||
pull_request_target: | ||
types: [ closed, labeled ] | ||
|
||
permissions: | ||
contents: write # so it can comment | ||
pull-requests: write # so it can create pull requests | ||
|
||
jobs: | ||
backport: | ||
name: Backport pull request | ||
runs-on: ubuntu-latest | ||
|
||
# The 'github.event.pull_request.merged' ensures that it got into master: | ||
if: > | ||
( !startsWith(github.event.pull_request.base.ref, 'stable') ) && | ||
( | ||
github.event_name == 'pull_request_target' && | ||
github.event.pull_request.merged && | ||
github.event.pull_request.base.ref == 'master' && | ||
contains(github.event.pull_request.labels.*.name, 'A4-needs-backport') | ||
) | ||
steps: | ||
- uses: actions/checkout@v4 | ||
|
||
- name: Create backport pull requests | ||
uses: korthout/backport-action@v3 | ||
id: backport | ||
with: | ||
target_branches: stable2407 | ||
merge_commits: skip | ||
github_token: ${{ secrets.GITHUB_TOKEN }} | ||
pull_description: | | ||
Backport #${pull_number} into `${target_branch}` (cc @${pull_author}). | ||
<!-- | ||
# To be used by other automation, do not modify: | ||
original-pr-number: #${pull_number} | ||
--> | ||
pull_title: | | ||
[${target_branch}] Backport #${pull_number} | ||
- name: Label Backports | ||
if: ${{ steps.backport.outputs.created_pull_numbers != '' }} | ||
uses: actions/github-script@v7 | ||
with: | ||
script: | | ||
const pullNumbers = '${{ steps.backport.outputs.created_pull_numbers }}'.split(' '); | ||
for (const pullNumber of pullNumbers) { | ||
await github.rest.issues.addLabels({ | ||
issue_number: parseInt(pullNumber), | ||
owner: context.repo.owner, | ||
repo: context.repo.repo, | ||
labels: ['A3-backport'] | ||
}); | ||
console.log(`Added A3-backport label to PR #${pullNumber}`); | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
# Backporting | ||
|
||
This document explains how to backport a merged PR from `master` to one of the `stable*` branches. | ||
Backports should only be used to fix bugs or security issues - never to introduce new features. | ||
|
||
## Steps | ||
|
||
1. Fix a bug through a PR that targets `master`. | ||
2. Add label `A4-needs-backport` to the PR. | ||
3. Merge the PR into `master`. | ||
4. Wait for the bot to open the backport PR. | ||
5. Ensure the change is audited or does not need audit. | ||
6. Merge the backport PR. | ||
|
||
The label can also be added after the PR is merged. | ||
|
||
## Example | ||
|
||
For example here where the dev triggered the process by adding the label after merging: | ||
|
||
![backport](./images/backport-ex2.png) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.