Adds workflow for automatic handling of stale PRs and issues, tidies other workflows and adds better logging (#24839)

* Tidy the code, better commenting when things go wrong

* text!

* stale labeller

* get the labels right

* avoid complications

* Update .github/workflows/merge_upstream_master.yml

* Update .github/workflows/merge_upstream_master.yml

* Apply suggestions from code review

Co-authored-by: Luc <89928798+lewcc@users.noreply.github.com>

* makes the merge upstream thingy comment, and approve its generated workflows

* wow

* remove this, paradise bot reigns supreme

---------

Co-authored-by: Luc <89928798+lewcc@users.noreply.github.com>
This commit is contained in:
S34N
2024-03-28 23:39:31 +00:00
committed by GitHub
parent 56b49fa86e
commit 89d6873c7e
3 changed files with 74 additions and 30 deletions
+24
View File
@@ -0,0 +1,24 @@
name: Label and close stale PRs and Issues
on:
schedule:
- cron: '0 0 * * *' # Runs at midnight UTC every day
jobs:
stale-prs:
runs-on: ubuntu-latest
steps:
- name: Seek and destroy stale PRs and Issues
uses: actions/stale@v4
with:
stale-pr-message: 'This pull request seems to be stale as there have been no changes in 14 days, please make changes within 7 days or the PR will be closed. If you believe this is a mistake, please inform a development team member on Discord.'
close-pr-message: 'This pull request has not received any updates since being marked stale, and as such is now being automatically closed. Please feel free to re-open this pull request or open a new one once you have new updates.'
stale-issue-message: 'This issue either requires verification or is unreproducible, but has had no updates for 60 days. Please provide an update within 14 days or this issue will be closed. If you believe this is a mistake, please contact an issue manager on Discord.'
close-issue-message: 'This issue was marked as stale, yet no changes have been observed in the specified time. The issue has been closed.'
days-before-stale: 14
days-before-issue-stale: 60
days-before-close: 7
days-before-issue-close: 14
exempt-issue-labels: '"Stale Exempt"'
exempt-pr-labels: '"Stale Exempt", "-Status: Awaiting approval", "-Status: Awaiting Merge", "-Status: Awaiting type assignment"'
only-issue-labels: '"Need Verification", "Cannot Reproduce", "Not A Bug", "(99% Sure) Not A Bug"'
+45 -19
View File
@@ -16,43 +16,46 @@ jobs:
runs-on: ubuntu-latest
steps:
- id: create_token
uses: tibdex/github-app-token@v2
uses: actions/create-github-app-token@v1
with:
app_id: ${{ secrets.APP_ID }}
private_key: ${{ secrets.PRIVATE_KEY }}
app-id: ${{ secrets.APP_ID }}
private-key: ${{ secrets.PRIVATE_KEY }}
- run: echo "GH_TOKEN=${{ steps.create_token.outputs.token }}" >> "$GITHUB_ENV"
- name: Like the comment
run: |
gh api \
--method POST \
-H "Accept: application/vnd.github+json" \
-H "X-GitHub-Api-Version: 2022-11-28" \
/repos/ParadiseSS13/Paradise/issues/comments/${{ github.event.comment.id }}/reactions \
-f content='+1'
- name: PR Data
env:
GH_TOKEN: ${{ steps.create_token.outputs.token }}
run: |
pr_json=$(curl -L -s --fail-with-body -H "Authorization: token ${{ github.token }}" ${{ github.event.issue.pull_request.url }})
if [ `jq -r '.maintainer_can_modify' <<<$pr_json` == "false" ] ; then
gh pr comment ${{ github.event.issue.html_url }} --body 'GitHub Actions can not push to the repository without "Allow edits and access to secrets by maintainers" checked.'
exit 1
exit 0
fi
echo "PR_REPO=`jq -r '.head.repo.full_name' <<<$pr_json`" >> $GITHUB_ENV
echo "PR_BRANCH=`jq -r '.head.ref' <<<$pr_json`" >> $GITHUB_ENV
echo "PR_HEAD_LABEL=`jq -r '.head.label' <<<$pr_json`" >> $GITHUB_ENV
- uses: actions/checkout@v4
env:
GH_TOKEN: ${{ steps.create_token.outputs.token }}
with:
repository: ${{ env.PR_REPO }}
ref: ${{ env.PR_BRANCH }}
token: ${{ steps.create_token.outputs.token }}
token: ${{ env.GH_TOKEN }}
- uses: actions/setup-node@v4
env:
GH_TOKEN: ${{ steps.create_token.outputs.token }}
with:
node-version: 20
cache: 'yarn'
cache-dependency-path: ./tgui/yarn.lock
- uses: actions/setup-python@v5
env:
GH_TOKEN: ${{ steps.create_token.outputs.token }}
with:
python-version: '3.11'
cache: 'pip'
@@ -61,7 +64,6 @@ jobs:
env:
BASE_BRANCH: ${{ github.event.repository.default_branch }}
BASE_REPOSITORY: ${{ github.repository }}
GH_TOKEN: ${{ steps.create_token.outputs.token }}
run: |
# Compare head branch and base branch
compare_result=$(curl -L -s --fail-with-body \
@@ -87,17 +89,41 @@ jobs:
chmod +x tools/hooks/*.merge tgui/bin/tgui
# Actual Merge
git config user.name github-actions
git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
git remote add upstream "https://github.com/$BASE_REPOSITORY.git"
git fetch origin "$PR_BRANCH" --depth=$((ahead_by + 1))
git fetch upstream "$BASE_BRANCH" --depth=$((behind_by + 1))
# Check if a workflow file would be modified by the merge (permissions prevent pushes if so)
latest_workflow_commit=$(git log -n 1 --pretty=format:"%H" upstream/$BASE_BRANCH -- .github/workflows)
if ! git branch --contains $latest_workflow_commit | grep -q "$(git rev-parse --abbrev-ref HEAD)"; then
gh pr comment ${{ github.event.issue.html_url }} --body "GitHub Actions can not push to this branch as workflow files have been changed since your branch was last updated. Please update your branch past https://github.com/ParadiseSS13/Paradise/commit/$latest_workflow_commit before using this command again."
exit 0
fi
git merge FETCH_HEAD
git push origin
- name: Approve Workflows
run: |
# Get the list of pending workflow runs for paradisess13bot
runs=$(gh api \
--method POST \
-H "Accept: application/vnd.github+json" \
-H "X-GitHub-Api-Version: 2022-11-28" \
/repos/ParadiseSS13/Paradise/actions/runs?actor=paradisess13bot&status=action_required)
run_ids=$(echo $runs | jq -r '.workflow_runs[].id')
# Iterate over the run IDs, approving each one
for run_id in $run_ids; do
gh api \
--method POST \
-H "Accept: application/vnd.github+json" \
-H "X-GitHub-Api-Version: 2022-11-28" \
/repos/ParadiseSS13/Paradise/actions/runs/$run_id/approve
done
- name: Notify Failure
if: failure()
env:
GH_TOKEN: ${{ steps.create_token.outputs.token }}
run: gh pr comment ${{ github.event.issue.html_url }} -b "Merging upstream failed:\nhttps://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}"
run: |
gh pr comment ${{ github.event.issue.html_url }} -b 'Merging upstream failed, see the action run log for details: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}'
+5 -11
View File
@@ -15,34 +15,28 @@ jobs:
runs-on: ubuntu-22.04
steps:
- id: create_token
uses: tibdex/github-app-token@v2
uses: actions/create-github-app-token@v1
with:
app_id: ${{ secrets.APP_ID }}
private_key: ${{ secrets.PRIVATE_KEY }}
app-id: ${{ secrets.APP_ID }}
private-key: ${{ secrets.PRIVATE_KEY }}
- run: echo "GH_TOKEN=${{ steps.create_token.outputs.token }}" >> "$GITHUB_ENV"
- name: 'Update Branch'
uses: actions/checkout@v4
env:
GH_TOKEN: ${{ steps.create_token.outputs.token }}
with:
token: ${{ steps.create_token.outputs.token }}
- name: Branch
env:
GH_TOKEN: ${{ steps.create_token.outputs.token }}
run: |
git branch -f nanomap-render
git checkout nanomap-render
git reset --hard origin/master
- name: 'Generate Maps'
env:
GH_TOKEN: ${{ steps.create_token.outputs.token }}
run: './tools/github-actions/nanomap-renderer-invoker.sh'
- name: 'Commit Maps and open PR'
env:
GH_TOKEN: ${{ steps.create_token.outputs.token }}
run: |
git config --local user.email "action@github.com"
git config --local user.name "NanoMap Generation"