-
Notifications
You must be signed in to change notification settings - Fork 721
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
CI: Prevent breaking backports (#4812)
- Prevent `major` changes to be merged into a `stable` branch. - Place a comment on backport MRs to provide context of what it means. Comment looks like this:  --------- Signed-off-by: Oliver Tale-Yazdi <[email protected]>
- Loading branch information
Showing
1 changed file
with
53 additions
and
10 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -5,9 +5,16 @@ on: | |
| types: [opened, synchronize, reopened, ready_for_review] | ||
| paths: | ||
| - prdoc/*.prdoc | ||
| workflow_dispatch: | ||
|
|
||
| concurrency: | ||
| group: check-semver-${{ github.event.pull_request.number || github.ref }} | ||
| cancel-in-progress: true | ||
|
|
||
| env: | ||
| TOOLCHAIN: nightly-2024-06-01 | ||
|
|
||
|
|
||
| jobs: | ||
| check-semver: | ||
| runs-on: ubuntu-latest | ||
|
|
@@ -16,32 +23,67 @@ jobs: | |
| steps: | ||
| - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | ||
|
|
||
| - name: extra git setup | ||
| run: | | ||
| git config --global --add safe.directory '*' | ||
| git fetch --no-tags --no-recurse-submodules --depth=1 origin master | ||
| git branch old origin/master | ||
| - name: Comment If Backport | ||
| if: ${{ startsWith(github.event.pull_request.base.ref, 'stable') }} | ||
| env: | ||
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| PR: ${{ github.event.pull_request.number }} | ||
| run: | | ||
| echo "This is a backport into stable." | ||
| wget -q https://github.com/cli/cli/releases/download/v2.51.0/gh_2.51.0_linux_amd64.tar.gz -O gh.tar.gz && \ | ||
| tar -xzf gh.tar.gz && mv gh_2.51.0_linux_amd64/bin/gh /usr/local/bin/gh && rm gh.tar.gz | ||
| chmod +x /usr/local/bin/gh | ||
| cat > msg.txt <<EOF | ||
| This pull request is amending an existing release. Please proceed with extreme caution, | ||
| as to not impact downstream teams that rely on the stability of it. Some things to consider: | ||
| - Backports are only for 'patch' or 'minor' changes. No 'major' or other breaking change. | ||
| - Should be a legit *fix* for some bug, not adding tons of new features. | ||
| - Must either be already audited or trivial (not sure audit). | ||
| <details><summary><i>Emergency Bypass</i></summary> | ||
| <p> | ||
| If you really need to bypass this check: add <code>validate: false</code> to each crate | ||
| in the Prdoc where a breaking change is introduced. This will release a new major | ||
| version of that crate and all its reverse dependencies and basically break the release. | ||
| </p> | ||
| </details> | ||
| EOF | ||
| gh issue comment $PR --edit-last -F msg.txt || gh issue comment $PR -F msg.txt | ||
| echo "PRDOC_EXTRA_ARGS=--max-bump minor" >> $GITHUB_ENV | ||
| - name: Rust Cache | ||
| uses: Swatinem/rust-cache@23bce251a8cd2ffc3c1075eaa2367cf899916d84 # v2.7.3 | ||
| with: | ||
| cache-on-failure: true | ||
|
|
||
| - name: install parity-publish | ||
| run: cargo install [email protected] | ||
|
|
||
| - name: Rust compilation prerequisites | ||
| run: | | ||
| rustup default $TOOLCHAIN | ||
| rustup target add wasm32-unknown-unknown --toolchain $TOOLCHAIN | ||
| rustup component add rust-src --toolchain $TOOLCHAIN | ||
| - name: extra git setup | ||
| run: | | ||
| git config --global --add safe.directory '*' | ||
| git fetch --no-tags --no-recurse-submodules --depth=1 origin master | ||
| git branch old origin/master | ||
| - name: install parity-publish | ||
| # Set the target dir to cache the build. | ||
| run: CARGO_TARGET_DIR=./target/ cargo install parity-publish -q | ||
|
|
||
| - name: check semver | ||
| run: | | ||
| export CARGO_TARGET_DIR=target | ||
| export RUSTFLAGS='-A warnings -A missing_docs' | ||
| export SKIP_WASM_BUILD=1 | ||
| if ! parity-publish --color always prdoc --since old --validate prdoc/pr_$PR.prdoc -v --toolchain $TOOLCHAIN; then | ||
| if ! parity-publish --color always prdoc --since old --validate prdoc/pr_$PR.prdoc $PRDOC_EXTRA_ARGS -v --toolchain $TOOLCHAIN; then | ||
| cat <<EOF | ||
| 👋 Hello developer! The SemVer information that you declared in the prdoc file did not match what the CI detected. | ||
|
|
@@ -56,3 +98,4 @@ jobs: | |
| fi | ||
| env: | ||
| PR: ${{ github.event.pull_request.number }} | ||
| PRDOC_EXTRA_ARGS: ${{ env.PRDOC_EXTRA_ARGS }} | ||