From bb2cffccded9bb8d727191e92d631b0668eabb2c Mon Sep 17 00:00:00 2001 From: derberg Date: Thu, 21 Oct 2021 15:23:04 +0200 Subject: [PATCH 1/9] ci: add workflows to automate merging of human-actor created PRs --- .../workflows/add-ready-to-merge-label.yml | 26 ++++++++++++++ .github/workflows/automerge-for-humans.yml | 34 +++++++++++++++++++ 2 files changed, 60 insertions(+) create mode 100644 .github/workflows/add-ready-to-merge-label.yml create mode 100644 .github/workflows/automerge-for-humans.yml diff --git a/.github/workflows/add-ready-to-merge-label.yml b/.github/workflows/add-ready-to-merge-label.yml new file mode 100644 index 00000000..4cbfa52e --- /dev/null +++ b/.github/workflows/add-ready-to-merge-label.yml @@ -0,0 +1,26 @@ +#This workflow is centrally managed in https://github.com/asyncapi/.github/ +#Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in above mentioned repo + +#Purpose of this workflow is to enable anyone to label PR with `ready-to-merge` label to get it merged +name: Add ready-to-merge label # if proper comment added + +on: issue_comment + +jobs: + + parse-comment-and-add-label: + if: github.event.issue.pull_request && github.event.issue.state != 'closed' + runs-on: ubuntu-latest + steps: + - name: Add label + if: contains(github.event.comment.body, '/ready-to-merge') || contains(github.event.comment.body, '/rtm' ) + uses: actions/github-script@v5 + with: + github-token: ${{ secrets.GH_TOKEN }} + script: | + github.rest.issues.addLabels({ + issue_number: context.issue.number, + owner: context.repo.owner, + repo: context.repo.repo, + labels: ['ready-to-merge'] + }) \ No newline at end of file diff --git a/.github/workflows/automerge-for-humans.yml b/.github/workflows/automerge-for-humans.yml new file mode 100644 index 00000000..a90a9059 --- /dev/null +++ b/.github/workflows/automerge-for-humans.yml @@ -0,0 +1,34 @@ +#This workflow is centrally managed in https://github.com/asyncapi/.github/ +#Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in above mentioned repo + +#Purpose of this workflow is to allow people to merge PR without a need of maintainer doing it. If all checks are in place (including maintainers approval) - JUST MERGE IT! +name: Automerge For Humans + +on: + pull_request_target: + types: + - labeled + - unlabeled + - synchronize + - opened + - edited + - ready_for_review + - reopened + - unlocked + +jobs: + + automerge-for-humans: + if: github.event.pull_request.draft == false + runs-on: ubuntu-latest + steps: + - name: Automerge PR + uses: pascalgn/automerge-action@v0.14.3 + if: github.actor != 'asyncapi-bot' || github.actor != 'dependabot[bot]' || github.actor != 'dependabot-preview[bot]' #it runs only if PR actor is not a bot, at least not a bot that we know + env: + GITHUB_TOKEN: "${{ secrets.GH_TOKEN }}" + MERGE_LABELS: "ready-to-merge" + MERGE_METHOD: "squash" + MERGE_COMMIT_MESSAGE: "pull-request-title" + MERGE_RETRIES: "20" + MERGE_RETRY_SLEEP: "30000" \ No newline at end of file From 73c7fadc1695a9c9a2967871483ce5f4f3bb35f1 Mon Sep 17 00:00:00 2001 From: derberg Date: Thu, 28 Oct 2021 18:09:57 +0200 Subject: [PATCH 2/9] updated labeling to work only on drafts --- .github/workflows/add-ready-to-merge-label.yml | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/.github/workflows/add-ready-to-merge-label.yml b/.github/workflows/add-ready-to-merge-label.yml index 4cbfa52e..048dd78a 100644 --- a/.github/workflows/add-ready-to-merge-label.yml +++ b/.github/workflows/add-ready-to-merge-label.yml @@ -12,8 +12,17 @@ jobs: if: github.event.issue.pull_request && github.event.issue.state != 'closed' runs-on: ubuntu-latest steps: + - name: Check if PR is draft # such info is not available in the context of issue_comment event + uses: actions/github-script@v5 + id: checkDraft + with: + result-encoding: string + script: | + const prDetailsUrl = context.payload.issue.pull_request.url; + const response = await github.request(prDetailsUrl); + return response.data.draft; - name: Add label - if: contains(github.event.comment.body, '/ready-to-merge') || contains(github.event.comment.body, '/rtm' ) + if: steps.checkDraft.outputs.result == 'false' && (contains(github.event.comment.body, '/ready-to-merge') || contains(github.event.comment.body, '/rtm' )) uses: actions/github-script@v5 with: github-token: ${{ secrets.GH_TOKEN }} From f89c36b502799a231006deb0c57ecb7aecc3b766 Mon Sep 17 00:00:00 2001 From: derberg Date: Thu, 28 Oct 2021 18:18:42 +0200 Subject: [PATCH 3/9] add support for do-not-merge too --- ...-ready-to-merge-or-do-not-merge-label.yml} | 23 ++++++++++++++++--- .github/workflows/automerge-for-humans.yml | 2 +- 2 files changed, 21 insertions(+), 4 deletions(-) rename .github/workflows/{add-ready-to-merge-label.yml => add-ready-to-merge-or-do-not-merge-label.yml} (59%) diff --git a/.github/workflows/add-ready-to-merge-label.yml b/.github/workflows/add-ready-to-merge-or-do-not-merge-label.yml similarity index 59% rename from .github/workflows/add-ready-to-merge-label.yml rename to .github/workflows/add-ready-to-merge-or-do-not-merge-label.yml index 048dd78a..e3cc974a 100644 --- a/.github/workflows/add-ready-to-merge-label.yml +++ b/.github/workflows/add-ready-to-merge-or-do-not-merge-label.yml @@ -1,14 +1,14 @@ #This workflow is centrally managed in https://github.com/asyncapi/.github/ #Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in above mentioned repo -#Purpose of this workflow is to enable anyone to label PR with `ready-to-merge` label to get it merged -name: Add ready-to-merge label # if proper comment added +#Purpose of this workflow is to enable anyone to label PR with `ready-to-merge` and `do-not-merge` labels to get stuff merged or blocked from merging +name: Add ready-to-merge or do-not-merge label # if proper comment added on: issue_comment jobs: - parse-comment-and-add-label: + parse-comment-and-add-ready: # for handling cases when you want to mark as ready to merge if: github.event.issue.pull_request && github.event.issue.state != 'closed' runs-on: ubuntu-latest steps: @@ -32,4 +32,21 @@ jobs: owner: context.repo.owner, repo: context.repo.repo, labels: ['ready-to-merge'] + }) + + parse-comment-and-add-block: # for handling cases when you want to mark as do-not-merge + if: github.event.issue.pull_request && github.event.issue.state != 'closed' + runs-on: ubuntu-latest + steps: + - name: Add label + if: contains(github.event.comment.body, '/do-not-merge') || contains(github.event.comment.body, '/dnm' ) + uses: actions/github-script@v5 + with: + github-token: ${{ secrets.GH_TOKEN }} + script: | + github.rest.issues.addLabels({ + issue_number: context.issue.number, + owner: context.repo.owner, + repo: context.repo.repo, + labels: ['do-not-merge'] }) \ No newline at end of file diff --git a/.github/workflows/automerge-for-humans.yml b/.github/workflows/automerge-for-humans.yml index a90a9059..8f519aad 100644 --- a/.github/workflows/automerge-for-humans.yml +++ b/.github/workflows/automerge-for-humans.yml @@ -27,7 +27,7 @@ jobs: if: github.actor != 'asyncapi-bot' || github.actor != 'dependabot[bot]' || github.actor != 'dependabot-preview[bot]' #it runs only if PR actor is not a bot, at least not a bot that we know env: GITHUB_TOKEN: "${{ secrets.GH_TOKEN }}" - MERGE_LABELS: "ready-to-merge" + MERGE_LABELS: "do-not-merge,ready-to-merge" MERGE_METHOD: "squash" MERGE_COMMIT_MESSAGE: "pull-request-title" MERGE_RETRIES: "20" From 0a8d2b9a6a783ba5b49bc4612c377e8f684d6254 Mon Sep 17 00:00:00 2001 From: derberg Date: Thu, 28 Oct 2021 18:29:15 +0200 Subject: [PATCH 4/9] add protection from evil contributor --- .../remove-ready-to-merge-label-on-edit.yml | 29 +++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 .github/workflows/remove-ready-to-merge-label-on-edit.yml diff --git a/.github/workflows/remove-ready-to-merge-label-on-edit.yml b/.github/workflows/remove-ready-to-merge-label-on-edit.yml new file mode 100644 index 00000000..759a03e4 --- /dev/null +++ b/.github/workflows/remove-ready-to-merge-label-on-edit.yml @@ -0,0 +1,29 @@ +#This workflow is centrally managed in https://github.com/asyncapi/.github/ +#Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in above mentioned repo + +# Defence from evil contributor that after adding `ready-to-merge` all suddenly makes evil commit or evil change in PR title +# Label is removed once above action is detected +name: Remove ready-to-merge label + +on: + pull_request_target: + types: + - synchronize + - edited + +jobs: + + remove-ready-label: + runs-on: ubuntu-latest + steps: + - name: Remove label + uses: actions/github-script@v5 + with: + github-token: ${{ secrets.GH_TOKEN }} + script: | + github.rest.issues.removeLabel({ + issue_number: context.issue.number, + owner: context.repo.owner, + repo: context.repo.repo, + name: 'ready-to-merge' + }) \ No newline at end of file From 7f89f40da6a786563801f3c05aff1394b6b6a270 Mon Sep 17 00:00:00 2001 From: derberg Date: Thu, 28 Oct 2021 18:31:28 +0200 Subject: [PATCH 5/9] renaming all files related to the same stuff so it is easier to identify --- ...merge-for-humans-add-ready-to-merge-or-do-not-merge-label.yml} | 0 ...{automerge-for-humans.yml => automerge-for-humans-merging.yml} | 0 ... automerge-for-humans-remove-ready-to-merge-label-on-edit.yml} | 0 3 files changed, 0 insertions(+), 0 deletions(-) rename .github/workflows/{add-ready-to-merge-or-do-not-merge-label.yml => automerge-for-humans-add-ready-to-merge-or-do-not-merge-label.yml} (100%) rename .github/workflows/{automerge-for-humans.yml => automerge-for-humans-merging.yml} (100%) rename .github/workflows/{remove-ready-to-merge-label-on-edit.yml => automerge-for-humans-remove-ready-to-merge-label-on-edit.yml} (100%) diff --git a/.github/workflows/add-ready-to-merge-or-do-not-merge-label.yml b/.github/workflows/automerge-for-humans-add-ready-to-merge-or-do-not-merge-label.yml similarity index 100% rename from .github/workflows/add-ready-to-merge-or-do-not-merge-label.yml rename to .github/workflows/automerge-for-humans-add-ready-to-merge-or-do-not-merge-label.yml diff --git a/.github/workflows/automerge-for-humans.yml b/.github/workflows/automerge-for-humans-merging.yml similarity index 100% rename from .github/workflows/automerge-for-humans.yml rename to .github/workflows/automerge-for-humans-merging.yml diff --git a/.github/workflows/remove-ready-to-merge-label-on-edit.yml b/.github/workflows/automerge-for-humans-remove-ready-to-merge-label-on-edit.yml similarity index 100% rename from .github/workflows/remove-ready-to-merge-label-on-edit.yml rename to .github/workflows/automerge-for-humans-remove-ready-to-merge-label-on-edit.yml From 7e1777c5f8f5e670eaf08c23cb72387b03f4a1d6 Mon Sep 17 00:00:00 2001 From: derberg Date: Thu, 28 Oct 2021 18:45:50 +0200 Subject: [PATCH 6/9] add support for help command in PRs --- .github/workflows/help-command.yml | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) create mode 100644 .github/workflows/help-command.yml diff --git a/.github/workflows/help-command.yml b/.github/workflows/help-command.yml new file mode 100644 index 00000000..4f1d64b2 --- /dev/null +++ b/.github/workflows/help-command.yml @@ -0,0 +1,25 @@ +#This workflow is centrally managed in https://github.com/asyncapi/.github/ +#Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in above mentioned repo + +name: Create help comment + +on: [issue_comment] + +jobs: + create_help_comment: + if: github.event.issue.pull_request + runs-on: ubuntu-latest + steps: + - uses: actions-ecosystem/action-create-comment@v1 + if: contains(github.event.comment.body, '/help') + with: + github_token: ${{ secrets.GH_TOKEN }} + body: | + Hello, @${{ github.actor }}! 👋🏼 + + I'm Genie from the magic lamp. Looks like somebody needs a hand! 🆘 + + At the moment the following comments are supported in pull requests: + + - `/ready-to-merge` or `/rtm` - This comment will trigger automerge of PR in case all required checks are green, approvals in place and do-not-merge label is not added + - `/do-not-merge` or `/dnm` - This comment will block automerging event if all conditions are met and ready-to-merge label is added \ No newline at end of file From a47057f9a95be57594a8f890b8edc7b1cfa9e095 Mon Sep 17 00:00:00 2001 From: Lukasz Gornicki Date: Tue, 2 Nov 2021 10:46:25 +0100 Subject: [PATCH 7/9] Apply suggestions from Jonas on spacing Co-authored-by: Jonas Lagoni --- ...merge-for-humans-add-ready-to-merge-or-do-not-merge-label.yml | 1 - .github/workflows/automerge-for-humans-merging.yml | 1 - .../automerge-for-humans-remove-ready-to-merge-label-on-edit.yml | 1 - 3 files changed, 3 deletions(-) diff --git a/.github/workflows/automerge-for-humans-add-ready-to-merge-or-do-not-merge-label.yml b/.github/workflows/automerge-for-humans-add-ready-to-merge-or-do-not-merge-label.yml index e3cc974a..c19c17fc 100644 --- a/.github/workflows/automerge-for-humans-add-ready-to-merge-or-do-not-merge-label.yml +++ b/.github/workflows/automerge-for-humans-add-ready-to-merge-or-do-not-merge-label.yml @@ -7,7 +7,6 @@ name: Add ready-to-merge or do-not-merge label # if proper comment added on: issue_comment jobs: - parse-comment-and-add-ready: # for handling cases when you want to mark as ready to merge if: github.event.issue.pull_request && github.event.issue.state != 'closed' runs-on: ubuntu-latest diff --git a/.github/workflows/automerge-for-humans-merging.yml b/.github/workflows/automerge-for-humans-merging.yml index 8f519aad..5804fc03 100644 --- a/.github/workflows/automerge-for-humans-merging.yml +++ b/.github/workflows/automerge-for-humans-merging.yml @@ -17,7 +17,6 @@ on: - unlocked jobs: - automerge-for-humans: if: github.event.pull_request.draft == false runs-on: ubuntu-latest diff --git a/.github/workflows/automerge-for-humans-remove-ready-to-merge-label-on-edit.yml b/.github/workflows/automerge-for-humans-remove-ready-to-merge-label-on-edit.yml index 759a03e4..d47cf2fb 100644 --- a/.github/workflows/automerge-for-humans-remove-ready-to-merge-label-on-edit.yml +++ b/.github/workflows/automerge-for-humans-remove-ready-to-merge-label-on-edit.yml @@ -12,7 +12,6 @@ on: - edited jobs: - remove-ready-label: runs-on: ubuntu-latest steps: From 686932197670278284f56086a130cdd5f27910d8 Mon Sep 17 00:00:00 2001 From: Lukasz Gornicki Date: Tue, 2 Nov 2021 10:47:17 +0100 Subject: [PATCH 8/9] update thanks to Sergio Co-authored-by: Sergio Moya <1083296+smoya@users.noreply.github.com> --- .github/workflows/automerge-for-humans-merging.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/automerge-for-humans-merging.yml b/.github/workflows/automerge-for-humans-merging.yml index 5804fc03..b8a862c8 100644 --- a/.github/workflows/automerge-for-humans-merging.yml +++ b/.github/workflows/automerge-for-humans-merging.yml @@ -26,7 +26,7 @@ jobs: if: github.actor != 'asyncapi-bot' || github.actor != 'dependabot[bot]' || github.actor != 'dependabot-preview[bot]' #it runs only if PR actor is not a bot, at least not a bot that we know env: GITHUB_TOKEN: "${{ secrets.GH_TOKEN }}" - MERGE_LABELS: "do-not-merge,ready-to-merge" + MERGE_LABELS: "!do-not-merge,ready-to-merge" MERGE_METHOD: "squash" MERGE_COMMIT_MESSAGE: "pull-request-title" MERGE_RETRIES: "20" From 5389ec7eea51d8518abd8de8db4428482573ac42 Mon Sep 17 00:00:00 2001 From: derberg Date: Mon, 6 Dec 2021 15:19:51 +0100 Subject: [PATCH 9/9] better handling of bots --- .github/workflows/automerge-for-humans-merging.yml | 3 +-- .github/workflows/automerge.yml | 4 ++-- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/.github/workflows/automerge-for-humans-merging.yml b/.github/workflows/automerge-for-humans-merging.yml index b8a862c8..b91ef754 100644 --- a/.github/workflows/automerge-for-humans-merging.yml +++ b/.github/workflows/automerge-for-humans-merging.yml @@ -18,12 +18,11 @@ on: jobs: automerge-for-humans: - if: github.event.pull_request.draft == false + if: github.event.pull_request.draft == false && (github.event.pull_request.user.login != 'asyncapi-bot' || github.event.pull_request.user.login != 'dependabot[bot]' || github.event.pull_request.user.login != 'dependabot-preview[bot]') #it runs only if PR actor is not a bot, at least not a bot that we know runs-on: ubuntu-latest steps: - name: Automerge PR uses: pascalgn/automerge-action@v0.14.3 - if: github.actor != 'asyncapi-bot' || github.actor != 'dependabot[bot]' || github.actor != 'dependabot-preview[bot]' #it runs only if PR actor is not a bot, at least not a bot that we know env: GITHUB_TOKEN: "${{ secrets.GH_TOKEN }}" MERGE_LABELS: "!do-not-merge,ready-to-merge" diff --git a/.github/workflows/automerge.yml b/.github/workflows/automerge.yml index 293acd7e..4b41128c 100644 --- a/.github/workflows/automerge.yml +++ b/.github/workflows/automerge.yml @@ -21,7 +21,7 @@ on: jobs: autoapprove: - if: (github.event.pull_request.draft == false) && (github.actor == 'asyncapi-bot' || github.actor == 'dependabot[bot]' || github.actor == 'dependabot-preview[bot]') && !contains(github.event.pull_request.labels.*.name, 'released') + if: github.event.pull_request.draft == false && (github.event.pull_request.user.login == 'asyncapi-bot' || github.event.pull_request.user.login == 'dependabot[bot]' || github.event.pull_request.user.login == 'dependabot-preview[bot]') && !contains(github.event.pull_request.labels.*.name, 'released') runs-on: ubuntu-latest steps: - name: Autoapproving @@ -44,11 +44,11 @@ jobs: automerge: needs: [autoapprove] + if: github.event.pull_request.user.login == 'asyncapi-bot' || github.event.pull_request.user.login == 'dependabot[bot]' || github.event.pull_request.user.login == 'dependabot-preview[bot]' runs-on: ubuntu-latest steps: - name: Automerging uses: pascalgn/automerge-action@v0.13.0 - if: github.actor == 'asyncapi-bot' || github.actor == 'dependabot[bot]' || github.actor == 'dependabot-preview[bot]' env: GITHUB_TOKEN: "${{ secrets.GH_TOKEN }}" GITHUB_LOGIN: asyncapi-bot