mirror of
https://github.com/coder/coder.git
synced 2026-06-02 20:48:20 +00:00
dependabot[bot]
edd5d83280
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Lukasz <CommanderK5@users.noreply.github.com> Co-authored-by: blink-so[bot] <211532188+blink-so[bot]@users.noreply.github.com>
94 lines
3.4 KiB
YAML
94 lines
3.4 KiB
YAML
# Ensures that only bug fixes are cherry-picked to release branches.
|
|
# PRs targeting release/* must have a title starting with "fix:" or "fix(scope):".
|
|
name: PR Cherry-Pick Check
|
|
|
|
on:
|
|
# zizmor: ignore[dangerous-triggers] Only reads PR metadata and comments; does not checkout PR code.
|
|
pull_request_target:
|
|
types: [opened, reopened, edited]
|
|
branches:
|
|
- "release/*"
|
|
|
|
permissions:
|
|
pull-requests: write
|
|
|
|
jobs:
|
|
check-cherry-pick:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Harden Runner
|
|
uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0
|
|
with:
|
|
egress-policy: audit
|
|
|
|
- name: Check PR title for bug fix
|
|
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
|
|
with:
|
|
script: |
|
|
const title = context.payload.pull_request.title;
|
|
const prNumber = context.payload.pull_request.number;
|
|
const baseBranch = context.payload.pull_request.base.ref;
|
|
const author = context.payload.pull_request.user.login;
|
|
|
|
console.log(`PR #${prNumber}: "${title}" -> ${baseBranch}`);
|
|
|
|
// Match conventional commit "fix:" or "fix(scope):" prefix.
|
|
const isBugFix = /^fix(\(.+\))?:/.test(title);
|
|
|
|
if (isBugFix) {
|
|
console.log("PR title indicates a bug fix. No action needed.");
|
|
return;
|
|
}
|
|
|
|
console.log("PR title does not indicate a bug fix. Commenting.");
|
|
|
|
// Check for an existing comment from this bot to avoid duplicates
|
|
// on title edits.
|
|
const { data: comments } = await github.rest.issues.listComments({
|
|
owner: context.repo.owner,
|
|
repo: context.repo.repo,
|
|
issue_number: prNumber,
|
|
});
|
|
|
|
const marker = "<!-- cherry-pick-check -->";
|
|
const existingComment = comments.find(
|
|
(c) => c.body && c.body.includes(marker),
|
|
);
|
|
|
|
const body = [
|
|
marker,
|
|
`👋 Hey @${author}!`,
|
|
"",
|
|
`This PR is targeting the \`${baseBranch}\` release branch, but its title does not start with \`fix:\` or \`fix(scope):\`.`,
|
|
"",
|
|
"Only **bug fixes** should be cherry-picked to release branches. If this is a bug fix, please update the PR title to match the conventional commit format:",
|
|
"",
|
|
"```",
|
|
"fix: description of the bug fix",
|
|
"fix(scope): description of the bug fix",
|
|
"```",
|
|
"",
|
|
"If this is **not** a bug fix, it likely should not target a release branch.",
|
|
].join("\n");
|
|
|
|
if (existingComment) {
|
|
console.log(`Updating existing comment ${existingComment.id}.`);
|
|
await github.rest.issues.updateComment({
|
|
owner: context.repo.owner,
|
|
repo: context.repo.repo,
|
|
comment_id: existingComment.id,
|
|
body,
|
|
});
|
|
} else {
|
|
await github.rest.issues.createComment({
|
|
owner: context.repo.owner,
|
|
repo: context.repo.repo,
|
|
issue_number: prNumber,
|
|
body,
|
|
});
|
|
}
|
|
|
|
core.warning(
|
|
`PR #${prNumber} targets ${baseBranch} but is not a bug fix. Title must start with "fix:" or "fix(scope):".`,
|
|
);
|