Backport user crd #501
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: Backport changes | |
| on: | |
| pull_request: | |
| types: | |
| - closed | |
| branches: | |
| - main | |
| jobs: | |
| get-labels: | |
| if: github.event.pull_request.merged == true | |
| runs-on: ubuntu-latest | |
| outputs: | |
| branches: ${{ steps.get-labels.outputs.branches }} | |
| user: ${{ steps.get-labels.outputs.user }} | |
| valid: ${{ steps.get-labels.outputs.valid }} | |
| steps: | |
| - name: Determine branches to cherry-pick to | |
| id: get-labels | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| # concat labels into comman-separated string, e.g. "bug,backport to all versions,remediation" | |
| PR_LABELS="${{ join(github.event.pull_request.labels.*.name, ',') }}" | |
| if [[ -z "$PR_LABELS" ]]; then | |
| echo "valid=false" >> $GITHUB_OUTPUT | |
| exit 0 | |
| else | |
| echo "valid=true" >> $GITHUB_OUTPUT | |
| fi | |
| BRANCHES="" | |
| if [[ $PR_LABELS =~ "backport to all versions" ]]; then | |
| # fetch all branches with 'v/' prefix from the GitHub API | |
| RAW_RESPONSE=$(gh api --paginate --jq '.[].name' /repos/${{ github.repository }}/branches) | |
| ALL_BRANCHES=$(echo "$RAW_RESPONSE" | grep '^v/') | |
| # Prepare the BRANCHES variable, remove trailing comma and newline | |
| BRANCHES=$(echo "$ALL_BRANCHES" | tr '\n' ',') | |
| BRANCHES=${BRANCHES%,} # Removing the trailing comma and newline | |
| else | |
| BRANCH_NAMES=$(echo "$PR_LABELS" | grep -o 'backport to v/[0-9]\+\.[0-9]\+' | sed -e 's/backport to //') | |
| BRANCHES=$(echo "$BRANCH_NAMES" | tr '\n' ',') | |
| BRANCHES=${BRANCHES::-1} # Removing the trailing comma | |
| fi | |
| # Convert BRANCHES into a valid JSON array | |
| BRANCHES_ARRAY=$(echo "$BRANCHES" | tr ', ' '\n\n' | sed 's/^/"/;s/$/"/' | tr '\n' ',' | sed 's/,$//') | |
| BRANCHES_ARRAY="[$BRANCHES_ARRAY]" | |
| echo "branches=$BRANCHES_ARRAY" >> $GITHUB_OUTPUT | |
| echo "user=${{ github.actor }}" >> $GITHUB_OUTPUT | |
| backport: | |
| needs: get-labels | |
| if: needs.get-labels.outputs.branches != '' && needs.get-labels.outputs.valid == 'true' | |
| strategy: | |
| matrix: | |
| branch: ${{fromJson(needs.get-labels.outputs.branches)}} | |
| runs-on: ubuntu-latest | |
| permissions: | |
| id-token: write | |
| contents: read | |
| steps: | |
| - uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| aws-region: ${{ vars.RP_AWS_CRED_REGION }} | |
| role-to-assume: arn:aws:iam::${{ secrets.RP_AWS_CRED_ACCOUNT_ID }}:role/${{ vars.RP_AWS_CRED_BASE_ROLE_NAME }}${{ github.event.repository.name }} | |
| - uses: aws-actions/aws-secretsmanager-get-secrets@v2 | |
| with: | |
| secret-ids: | | |
| ,sdlc/prod/github/actions_bot_token | |
| parse-json-secrets: true | |
| # Checkout the specified branch from redpanda repository. | |
| - name: Checkout redpanda repository | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| repository: redpanda-data/docs | |
| token: ${{ env.ACTIONS_BOT_TOKEN }} | |
| - name: Set up git config | |
| run: | | |
| echo "Setting up git config..." | |
| git config user.name "vbotbuildovich" | |
| git config user.email "[email protected]" | |
| - name: Checkout maintenance branch and cherry-pick | |
| run: | | |
| echo "Fetching latest changes..." | |
| git fetch | |
| # Check if the branch exists | |
| BRANCH_CHECK=$(git ls-remote --heads origin ${{ matrix.branch }}) | |
| if [[ -z "$BRANCH_CHECK" ]]; then | |
| echo "Branch ${{ matrix.branch }} does not exist. Skipping." | |
| exit 0 | |
| fi | |
| echo "Checking out branch: ${{ matrix.branch }}..." | |
| git checkout ${{ matrix.branch }} || (echo "Failed to checkout branch: ${{ matrix.branch }}." && exit 1) | |
| echo "Cherry-picking changes..." | |
| # Attempt cherry-pick and capture any errors | |
| if ! git cherry-pick -x $GITHUB_SHA; then | |
| echo "Cherry-pick had conflicts for branch ${{ matrix.branch }}. Creating GitHub issue for manual intervention." | |
| # Create a GitHub issue | |
| issue_title="Manual backport required for ${{ matrix.branch }}" | |
| issue_body="A conflict occurred while backporting commit $GITHUB_SHA to branch ${{ matrix.branch }}. Manual intervention is required.\ | |
| \nTo manually apply the change, you must cherry-pick it locally and fix the conflicts:\ | |
| \n\`\`\`bash\ | |
| \n git fetch origin\ | |
| \n git checkout ${{ matrix.branch }}\ | |
| \n git pull origin ${{ matrix.branch }}\ | |
| \n git cherry-pick $GITHUB_SHA\ | |
| \n # Resolve any merge conflicts here, then commit the changes\ | |
| \n git push origin ${{ matrix.branch }}\ | |
| \n\`\`\`\ | |
| \nIf you no longer want to backport the change to this version, close this issue." | |
| response=$(curl -sS -w "%{http_code}" -X POST \ | |
| -H "Authorization: token ${{ env.ACTIONS_BOT_TOKEN }}" \ | |
| -H "Accept: application/vnd.github.v3+json" \ | |
| https://api.github.com/repos/${{ github.repository }}/issues \ | |
| -d "{ \"title\": \"$issue_title\", \"body\": \"$issue_body\", \"assignees\": [\"${{ needs.get-labels.outputs.user }}\"] }") | |
| status_code=$(echo "$response" | tail -n 1) | |
| if [[ $status_code -lt 200 || $status_code -gt 299 ]]; then | |
| echo "Failed to create GitHub issue. HTTP status code: $status_code" | |
| echo "$response" | |
| exit 1 | |
| fi | |
| json_response=$(echo "$response" | head -n -1) | |
| issue_url=$(echo "$json_response" | jq '.html_url') | |
| git cherry-pick --abort | |
| echo "Failed to cherry-pick. Manual intervention might be needed. See the created issue: $issue_url" | |
| else | |
| echo "Pushing changes to branch: ${{ matrix.branch }}..." | |
| git push | |
| fi |