From 97072f0da69ccb07ec90a14bfc95644fcf861f99 Mon Sep 17 00:00:00 2001 From: "tao.yang" Date: Wed, 3 Jan 2024 18:43:58 +0800 Subject: [PATCH] cherry-pick PRs submitted by robots can be verified. Signed-off-by: tao.yang --- .github/workflows/auto-cherrypick.yaml | 108 +++++++++++------- .github/workflows/call-release-chart.yaml | 8 ++ .github/workflows/call-release-doc.yaml | 8 ++ .../workflows/call-update-githubpages.yaml | 8 ++ 4 files changed, 90 insertions(+), 42 deletions(-) diff --git a/.github/workflows/auto-cherrypick.yaml b/.github/workflows/auto-cherrypick.yaml index bf6a42d330..9417e135aa 100644 --- a/.github/workflows/auto-cherrypick.yaml +++ b/.github/workflows/auto-cherrypick.yaml @@ -31,6 +31,7 @@ jobs: fetch-depth: 0 - name: cherry pick + id: cherry-pick env: GITHUB_TOKEN: ${{ secrets.WELAN_PAT }} JSON: ${{ toJSON(github) }} @@ -78,15 +79,13 @@ jobs: if [ -z "${PR_COMMITS}" ]; then echo "error, failed to get pr commits" fi - echo "number: ${PR_NUMBER}" - echo "action url: ${ACTION_URL}" - echo "PR_COMMITS: ${PR_COMMITS}" - echo "author: ${PR_AUTHOR}" - echo "url: ${PR_URL}" - echo "PR_LABEL: ${PR_LABEL}" - echo "PR_TITLE: ${PR_TITLE}" - # - # + echo "PR_TITLE=${PR_TITLE}" >> $GITHUB_ENV + echo "PR_LABEL=${PR_LABEL}" >> $GITHUB_ENV + echo "PR_URL=${PR_URL}" >> $GITHUB_ENV + echo "PR_COMMITS=${PR_COMMITS}" >> $GITHUB_ENV + echo "PR_AUTHOR=${PR_AUTHOR}" >> $GITHUB_ENV + echo "ACTION_URL=${ACTION_URL}" >> $GITHUB_ENV + echo "PR_NUMBER=${PR_NUMBER}" >> $GITHUB_ENV echo "=============================== get dest branch from labels ======== " WANT_MERGE_BRANCH_LIST="" if ${{ github.event_name == 'workflow_dispatch' && github.event.inputs.destBranch != '' }}; then @@ -107,8 +106,9 @@ jobs: echo "============ begin to cherry pick ============ " FINAL_FAILURE=false git branch - git config user.email "robot@example.com" - git config user.name "robot" + git config user.email "robot@example.com" + git config user.name "robot" + git config --list gh label create ${{ env.CHERRYPICK_LABEL }} || true for BRANCH in $WANT_MERGE_BRANCH_LIST ; do echo "************** cherry for branch ${BRANCH}" @@ -127,6 +127,7 @@ jobs: continue fi git fetch origin ${BRANCH}:${BRANCH} || true + git pull origin ${BRANCH}:${BRANCH} || true if ! git checkout ${BRANCH} ; then echo "error, failed to checkout to branch $BRANCH" gh issue create \ @@ -141,11 +142,13 @@ jobs: continue fi PR_BRANCH=robot/cherrypick/pr${PR_NUMBER}/${BRANCH} - git checkout -b ${PR_BRANCH} + echo "PR_BRANCH=${PR_BRANCH}" >> $GITHUB_ENV + echo "BRANCH=${BRANCH}" >> $GITHUB_ENV git branch --show-current FAIL=false UPDATE=false ERROR_MESSAGE="" + echo "PR_COMMITS=PR_COMMITS" for COMMIT in $PR_COMMITS; do if ! ERROR_MESSAGE=`git cherry-pick -m 1 $COMMIT 2>&1` ; then echo ">>>>>>>>>>>> fail when cherry pick $COMMIT to branch $BRANCH " @@ -171,34 +174,55 @@ jobs: echo "succeed to cherry pick $COMMIT to branch $BRANCH " fi done - if [ "$FAIL" == "true" ] ; then - echo "failed to cherry pick to branch $BRANCH " - FINAL_FAILURE=true - echo -e "commits $PR_COMMITS of ${PR_AUTHOR} conflict when merging to branch $BRANCH, please manually cherry pick it by yourself. \n PR <${PR_URL}> , action <${ACTION_URL}> \n\n \`\`\`\n${ERROR_MESSAGE}\n\`\`\` " | \ - gh issue create \ - --title "failed to cherry pick PR ${PR_NUMBER} from ${PR_AUTHOR}, to branch ${BRANCH}" \ - --label "${{ env.CHERRYPICK_LABEL }}" \ - --assignee "${PR_AUTHOR},${{ env.DEFAULT_REVIEWER }}" \ - --body-file - - fi - if [ "$UPDATE" == "true" ] ; then - echo "succeeded to cherry pick to branch $BRANCH " - # create a pr - git commit -s --amend --no-edit - git push origin ${PR_BRANCH}:${PR_BRANCH} -f - gh pr create --title "${PR_TITLE}" \ - --assignee "${PR_AUTHOR},${{ env.DEFAULT_REVIEWER }}" \ - --label ${{ env.CHERRYPICK_LABEL }} \ - --body "robot cherry pick PR <${PR_URL}> from ${PR_AUTHOR},to branch ${BRANCH}, action <${ACTION_URL}> , commits $PR_COMMITS " \ - --base ${BRANCH} - else - echo "no changes happened for commits $PR_COMMITS, ignore create pr" - fi + echo "FAIL=${FAIL}" >> $GITHUB_ENV + echo "UPDATE=${UPDATE}" >> $GITHUB_ENV + echo "ERROR_MESSAGE<> $GITHUB_ENV + echo "$ERROR_MESSAGE" >> $GITHUB_ENV + echo "EOF" >> $GITHUB_ENV done - echo "=========== check result ============" - if [ "$FINAL_FAILURE" == "true" ] ; then - # if failed to create issue or pr, fails - echo "error, failuire happened" - else - echo "all done" - fi + + - uses: crazy-max/ghaction-import-gpg@v5 + with: + gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }} + passphrase: ${{ secrets.GPG_PASSPHRASE }} + git_user_signingkey: true + git_commit_gpgsign: true + + - name: commit signed for cherry-pick + run: | + git commit -s -S --amend --no-edit + + - name: Create Pull Request + id: create_pr + if: ${{ env.FAIL != 'true' && env.UPDATE == 'true' }} + uses: peter-evans/create-pull-request@v5.0.2 + with: + title: ${{ env.PR_TITLE }} + commit-message: ${{ env.PR_COMMITS }} + committer: ty-dc + branch: ${{ env.PR_BRANCH }} + delete-branch: false + base: ${{ env.BRANCH }} + signoff: true + token: ${{ secrets.WELAN_PAT }} # ${{ secrets.GITHUB_TOKEN }} Unable to trigger bot to run CI ? + labels: ${{ env.CHERRYPICK_LABEL }} + body: "robot cherry pick PR <${{ env.PR_URL }}> from <${{ env.PR_AUTHOR }}>,to branch <${{ env.BRANCH }}>, action <${{ env.ACTION_URL }}> , commits ${{ env.PR_COMMITS }}" + reviewers: ${{ env.PR_AUTHOR }},${{ env.DEFAULT_REVIEWER }} + + - name: Creat Issue + id: create_issue + if: ${{ env.FAIL == 'true' && env.UPDATE != 'true' }} + uses: dacbd/create-issue-action@v1.2.1 + with: + token: ${{ secrets.GITHUB_TOKEN }} + title: "failed to cherry pick PR ${{ env.PR_NUMBER }} from ${{ env.PR_AUTHOR }}, to branch ${{ env.BRANCH }}" + body: | + commits ${{ env.PR_COMMITS }} of ${{ env.PR_AUTHOR }} conflict when merging to branch ${{ env.BRANCH }}. + please manually cherry pick it by yourself. + PR <${{ env.PR_URL }}> , action <${{ env.ACTION_URL }}> . + error log: + <${{ env.ERROR_MESSAGE }}> + labels: ${{ env.CHERRYPICK_LABEL }} + assignees: ${{ env.PR_AUTHOR }},${{ env.DEFAULT_REVIEWER }} + + diff --git a/.github/workflows/call-release-chart.yaml b/.github/workflows/call-release-chart.yaml index 674647fbc7..9baa04de47 100644 --- a/.github/workflows/call-release-chart.yaml +++ b/.github/workflows/call-release-chart.yaml @@ -125,6 +125,13 @@ jobs: helm repo index ./charts --url ${{ env.URL }}/charts mv ./charts/index.yaml ./index.yaml + - uses: crazy-max/ghaction-import-gpg@v5 + with: + gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }} + passphrase: ${{ secrets.GPG_PASSPHRASE }} + git_user_signingkey: true + git_commit_gpgsign: true + - name: Create Pull Request uses: peter-evans/create-pull-request@v5.0.2 with: @@ -132,6 +139,7 @@ jobs: commit-message: "robot Update chart from ${{ needs.get_ref.outputs.ref }} to branch ${{ env.MERGE_BRANCH }} " branch-suffix: timestamp branch: robot/update_chart + committer: ty-dc delete-branch: true base: ${{ env.MERGE_BRANCH }} signoff: true diff --git a/.github/workflows/call-release-doc.yaml b/.github/workflows/call-release-doc.yaml index 343a5c3752..bcf8824169 100644 --- a/.github/workflows/call-release-doc.yaml +++ b/.github/workflows/call-release-doc.yaml @@ -161,6 +161,13 @@ jobs: tar -xzvf site.tar.gz rm -f site.tar.gz + - uses: crazy-max/ghaction-import-gpg@v5 + with: + gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }} + passphrase: ${{ secrets.GPG_PASSPHRASE }} + git_user_signingkey: true + git_commit_gpgsign: true + # Allow auto-merge on general - name: Create Pull Request id: create_pr @@ -169,6 +176,7 @@ jobs: title: "robot update website from ${{ needs.release_doc.outputs.ref }} to branch ${{ env.MERGE_BRANCH }} with tag ${{ needs.release_doc.outputs.doc_tag }}" commit-message: "robot update website from ${{ needs.release_doc.outputs.ref }} to branch ${{ env.MERGE_BRANCH }} with tag ${{ needs.release_doc.outputs.doc_tag }}" branch-suffix: timestamp + committer: ty-dc branch: robot/update_doc delete-branch: true base: ${{ env.MERGE_BRANCH }} diff --git a/.github/workflows/call-update-githubpages.yaml b/.github/workflows/call-update-githubpages.yaml index ebc6c0c565..9dfe3b7e56 100644 --- a/.github/workflows/call-update-githubpages.yaml +++ b/.github/workflows/call-update-githubpages.yaml @@ -76,6 +76,13 @@ jobs: helm repo index ./charts --url ${{ env.url }}/charts mv ./charts/index.yaml ./index.yaml + - uses: crazy-max/ghaction-import-gpg@v5 + with: + gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }} + passphrase: ${{ secrets.GPG_PASSPHRASE }} + git_user_signingkey: true + git_commit_gpgsign: true + # ========= finally, create PR # Allow auto-merge on general - name: Create Pull Request @@ -86,6 +93,7 @@ jobs: commit-message: "robot update chart and website from ${{ needs.prepare_doc.outputs.ref }} to branch ${{ env.MERGE_BRANCH }} " branch-suffix: timestamp branch: robot/update_doc + committer: ty-dc delete-branch: true base: ${{ env.MERGE_BRANCH }} signoff: true