polkadot-sdk/.github/workflows/command-backport.yml at master · wirednkod/polkadot-sdk · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
name: Backport into stable

on:
  # This trigger can be problematic, see: https://securitylab.github.com/resources/github-actions-preventing-pwn-requests/
  # In our case it is fine since we only run it on merged Pull Requests and do not execute any of the repo code itself.
  pull_request_target:
    types: [closed, labeled]

permissions:
  contents: write # so it can comment
  pull-requests: write # so it can create pull requests
  issues: write
  actions: write # It may have to backport changes to the CI as well.

jobs:
  check-labels:
    runs-on: ubuntu-latest
    env:
      GH_TOKEN: ${{ github.token }}
    outputs:
      LABELS: ${{ steps.check_labels.outputs.LABELS }}
      found: ${{ steps.check_labels.outputs.found }}

    # The 'github.event.pull_request.merged' ensures that it got into master:
    if: >
      ( !startsWith(github.event.pull_request.base.ref, 'stable') ) &&
      (
        github.event_name == 'pull_request_target' &&
        github.event.pull_request.merged &&
        github.event.pull_request.base.ref == 'master'
      )
    steps:
      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0

      - name: Check for backport labels
        id: check_labels
        run: |
          LABELS=$(gh pr view ${{ github.event.pull_request.number }} --json labels --jq '.labels[].name')

          if echo "$LABELS" | grep -qE '^A4-backport-(stable|unstable)'; then
            echo "found=true" >> $GITHUB_OUTPUT
            readarray -t labels_array <<< "$LABELS"
            echo "LABELS=${labels_array[@]}" >> $GITHUB_OUTPUT
          else
            echo "found=false" >> $GITHUB_OUTPUT
          fi

  backport:
    name: Backport pull request
    runs-on: ubuntu-latest
    needs: [check-labels]
    if: ${{ needs.check-labels.outputs.found == 'true' }}
    steps:

      - name: Generate token
        id: generate_token
        uses: actions/create-github-app-token@67018539274d69449ef7c02e8e71183d1719ab42 # v2.1.4
        with:
          app-id: ${{ secrets.RELEASE_BACKPORT_AUTOMATION_APP_ID }}
          private-key: ${{ secrets.RELEASE_BACKPORT_AUTOMATION_APP_PRIVATE_KEY }}

      - name: Checkout sources
        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
        with:
          token: ${{ steps.generate_token.outputs.token }}

      - name: Get branches to backport to
        id: branches
        run: |
          . ./.github/scripts/common/lib.sh

          LABELS="${{ needs.check-labels.outputs.LABELS }}"
          BACKPORT_BRANCHES=$(parse_branch_names_from_backport_labels "$LABELS")
          echo "BACKPORT_BRANCHES=${BACKPORT_BRANCHES}" >> $GITHUB_OUTPUT


      - name: Create backport pull requests
        uses: korthout/backport-action@d07416681cab29bf2661702f925f020aaa962997 # v3.4.1
        id: backport
        with:
          target_branches: ${{ steps.branches.outputs.BACKPORT_BRANCHES }}
          merge_commits: skip
          github_token: ${{ steps.generate_token.outputs.token }}
          pull_description: |
            Backport #${pull_number} into `${target_branch}` from ${pull_author}.

            See the [documentation](https://github.com/paritytech/polkadot-sdk/blob/master/docs/BACKPORT.md) on how to use this bot.

            <!--
              # To be used by other automation, do not modify:
              original-pr-number: #${pull_number}
            -->
          pull_title: |
            [${target_branch}] Backport #${pull_number}
          experimental: >
            {
              "conflict_resolution": "draft_commit_conflicts"
            }
          copy_assignees: true
          label_pattern: ''

      - name: Label Backports
        if: ${{ steps.backport.outputs.created_pull_numbers != '' }}
        uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
        with:
          script: |
            const pullNumbers = '${{ steps.backport.outputs.created_pull_numbers }}'.split(' ');

            for (const pullNumber of pullNumbers) {
              await github.rest.issues.addLabels({
                issue_number: parseInt(pullNumber),
                owner: context.repo.owner,
                repo: context.repo.repo,
                labels: ['A3-backport']
              });
              console.log(`Added A3-backport label to PR #${pullNumber}`);
            }

      - name: Request Review
        if: ${{ steps.backport.outputs.created_pull_numbers != '' }}
        uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
        with:
          script: |
            const pullNumbers = '${{ steps.backport.outputs.created_pull_numbers }}'.split(' ');
            const reviewer = '${{ github.event.pull_request.user.login }}';

            for (const pullNumber of pullNumbers) {
              await github.rest.pulls.requestReviewers({
                owner: context.repo.owner,
                repo: context.repo.repo,
                pull_number: parseInt(pullNumber),
                reviewers: [reviewer]
              });
              console.log(`Requested review from ${reviewer} for PR #${pullNumber}`);
            }