From f6960e4deb38f47030048bb16f56a137abdc1d9d Mon Sep 17 00:00:00 2001 From: Ana Maria Martinez Gomez Date: Mon, 10 May 2021 18:58:09 +0200 Subject: [PATCH 1/5] github: Improve pull request template After using the PR template for a while, I think simplifying it will be helpful: - GitHub includes the commit message description automatically with the aim of saving you time as it is sometimes also a good PR description. With the current template, I need to cut this test and paste it into the description section (which is really annoying!). - Make a single simpler checklist. Add information as comment and have a straightforward list which helps us remembering the changelog, tests and documentation without needing to invest much time. The changelog bulletpoint will also be used in GitHub Actions. --- .github/pull_request_template.md | 31 +++++++++++-------------------- 1 file changed, 11 insertions(+), 20 deletions(-) diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md index f22f4fe91..9be23f7fb 100644 --- a/.github/pull_request_template.md +++ b/.github/pull_request_template.md @@ -1,31 +1,22 @@ + - -### Description +Please describe the changes in this pull request (PR). Include your motivation and context to help us review. - - -closes # (issue) - -### Documentation +Please mention the issue your PR addresses (if any): +closes #issue_number +--> -- [ ] I have updated the [CHANGELOG.md](/CHANGELOG.md), this is required for: - - Bug fixes (non-breaking change which fixes an issue) - - New features (non-breaking change which adds functionality) - - Breaking changes (fix or feature that would cause existing functionality to not work as expected) -- [ ] This change requires a documentation update - - [ ] I have made the corresponding changes to the documentation -### Tests +### Checklist -- [ ] I have added tests that prove my fix is effective or that my feature works + +- [ ] No CHANGELOG update needed + - [ ] No new tests needed + +- [ ] No documentation update needed From 7a0a6f9cf12b43f3a130a0a2ab328ee88ccb6178 Mon Sep 17 00:00:00 2001 From: Ana Maria Martinez Gomez Date: Mon, 10 May 2021 20:06:55 +0200 Subject: [PATCH 2/5] ci: check changelog Request changes in a PR without CHANGELOG update. --- .github/workflows/changelog.yml | 39 +++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) create mode 100644 .github/workflows/changelog.yml diff --git a/.github/workflows/changelog.yml b/.github/workflows/changelog.yml new file mode 100644 index 000000000..74f8684fe --- /dev/null +++ b/.github/workflows/changelog.yml @@ -0,0 +1,39 @@ +name: changelog + +on: + # We need pull_request_target instead of pull_request because a write + # repository token is needed to add a review to a PR. DO NOT BUILD + # OR RUN UNTRUSTED CODE FROM PRs IN THIS ACTION + pull_request_target: + types: [opened, edited, synchronize] + +jobs: + check_changelog: + runs-on: ubuntu-20.04 + env: + NO_CHANGELOG: '[x] No CHANGELOG update needed' + steps: + - name: Get changed files + id: files + uses: jitterbit/get-changed-files@v1 + - name: check changelog updated + id: changelog_updated + env: + PR_BODY: ${{ github.event.pull_request.body }} + FILES: ${{ steps.files.outputs.modified }} + run: | + echo $FILES | grep -qF 'CHANGELOG.md' || echo $PR_BODY | grep -qiF "$NO_CHANGELOG" + - name: Reject pull request if no CHANGELOG update + if: ${{ always() && steps.changelog_updated.outcome == 'failure' }} + uses: andrewmusgrave/automatic-pull-request-review@0.0.5 + with: + repo-token: ${{ secrets.GITHUB_TOKEN }} + event: REQUEST_CHANGES + body: "Please add bug fixes, new features, breaking changes and anything else you think is worthwhile mentioning to the `master (unreleased)` section of CHANGELOG.md. If no CHANGELOG update is needed add the following to the PR description: `${{ env.NO_CHANGELOG }}`" + - name: Dismiss previous review if CHANGELOG update + uses: andrewmusgrave/automatic-pull-request-review@0.0.5 + with: + repo-token: ${{ secrets.GITHUB_TOKEN }} + event: DISMISS + body: "CHANGELOG updated or no update needed, thanks! :smile:" + From 23ff9e719f6a84c8e7e3dba3b121f57ea16ee524 Mon Sep 17 00:00:00 2001 From: Ana Maria Martinez Gomez Date: Tue, 18 May 2021 17:33:05 +0200 Subject: [PATCH 3/5] ci: only reject once and fix dismiss `Ana06/automatic-pull-request-review@v0.1.0` is a fork of https://github.com/AndrewMusgrave/automatic-pull-request-review which fixes `DISMISS` and provides an `allow_duplicate` option which allows to only approve once. --- .github/workflows/changelog.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/changelog.yml b/.github/workflows/changelog.yml index 74f8684fe..8c4aeffda 100644 --- a/.github/workflows/changelog.yml +++ b/.github/workflows/changelog.yml @@ -25,13 +25,14 @@ jobs: echo $FILES | grep -qF 'CHANGELOG.md' || echo $PR_BODY | grep -qiF "$NO_CHANGELOG" - name: Reject pull request if no CHANGELOG update if: ${{ always() && steps.changelog_updated.outcome == 'failure' }} - uses: andrewmusgrave/automatic-pull-request-review@0.0.5 + uses: Ana06/automatic-pull-request-review@v0.1.0 with: repo-token: ${{ secrets.GITHUB_TOKEN }} event: REQUEST_CHANGES body: "Please add bug fixes, new features, breaking changes and anything else you think is worthwhile mentioning to the `master (unreleased)` section of CHANGELOG.md. If no CHANGELOG update is needed add the following to the PR description: `${{ env.NO_CHANGELOG }}`" + allow_duplicate: false - name: Dismiss previous review if CHANGELOG update - uses: andrewmusgrave/automatic-pull-request-review@0.0.5 + uses: Ana06/automatic-pull-request-review@v0.1.0 with: repo-token: ${{ secrets.GITHUB_TOKEN }} event: DISMISS From 38d41e2f59de1d2bac00508ff4f6f09f63da88c4 Mon Sep 17 00:00:00 2001 From: Ana Maria Martinez Gomez Date: Wed, 19 May 2021 22:29:03 +0200 Subject: [PATCH 4/5] ci: fix get-changed-files Ana06/get-changed-files@v1.1 is a fork of https://github.com/jitterbit/get-changed-files, which supports `pull_request_target` and allow to filter files using regular expressions. As we need to use `pull_request_target`, Ana06/get-changed-files@v1.1 works, but jitterbit/get-changed-files@v1 doesn't. --- .github/workflows/changelog.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/changelog.yml b/.github/workflows/changelog.yml index 8c4aeffda..7d42f3e5b 100644 --- a/.github/workflows/changelog.yml +++ b/.github/workflows/changelog.yml @@ -15,7 +15,7 @@ jobs: steps: - name: Get changed files id: files - uses: jitterbit/get-changed-files@v1 + uses: Ana06/get-changed-files@v1.1 - name: check changelog updated id: changelog_updated env: From 84b0bc6439674ae1d63864da0a22b77e53b030a3 Mon Sep 17 00:00:00 2001 From: Ana Maria Martinez Gomez Date: Thu, 27 May 2021 15:58:51 +0200 Subject: [PATCH 5/5] changelog: Add #584 to CHANGELOG --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index b93d63079..6703f2981 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -116,6 +116,7 @@ It includes many new rules, including all new techniques introduced in MITRE ATT - ci, changelog: update `New Rules` section in CHANGELOG automatically https://github.com/fireeye/capa-rules/pull/374 #549 @Ana06 - ci, changelog: support multiple author in sync GH https://github.com/fireeye/capa-rules/pull/378 @Ana06 - ci, lint: check statements for single child statements #563 @mr-tz +- ci: reject PRs without CHANGELOG update to ensure CHANGELOG is kept up-to-date. #584 @Ana06 ### Raw diffs