-
Notifications
You must be signed in to change notification settings - Fork 14
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Automerge every 4 hours any labeled PR with passing tests (#675)
* Automerge every 4-hours any PR with passing tests labeled with 'automerge' * Make sure the bot can approve the PRs too * Update Bot information only if git email currently unset * consistently use private key secret to setup ssh git-remote * Rename secret to BOT_SSH_KEY * Reimagine auto-merge scripts as python
- Loading branch information
Showing
6 changed files
with
99 additions
and
8 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
name: Auto-merge Successful PRs | ||
|
||
on: | ||
workflow_dispatch: | ||
schedule: | ||
- cron: "0 */4 * * *" # Every 4 hours | ||
|
||
permissions: | ||
contents: read | ||
|
||
jobs: | ||
merge-successful-prs: | ||
runs-on: ubuntu-latest | ||
|
||
steps: | ||
- name: Harden Runner | ||
uses: step-security/harden-runner@v2 | ||
with: | ||
egress-policy: audit | ||
- name: Checking out repo | ||
uses: actions/checkout@v4 | ||
- uses: actions/setup-python@v5 | ||
with: | ||
python-version: '3.12' | ||
- name: Auto-merge pull requests if all status checks pass | ||
env: | ||
GH_TOKEN: ${{ secrets.BOT_TOKEN }} | ||
run: | | ||
build-scripts/hack/auto-merge-successful-pr.py |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,55 @@ | ||
#!/bin/env python3 | ||
|
||
import shlex | ||
import subprocess | ||
import json | ||
|
||
LABEL = "automerge" | ||
APPROVE_MSG = "All status checks passed for PR #{}." | ||
|
||
|
||
def sh(cmd: str) -> str: | ||
"""Run a shell command and return its output.""" | ||
_pipe = subprocess.PIPE | ||
result = subprocess.run(shlex.split(cmd), stdout=_pipe, stderr=_pipe, text=True) | ||
if result.returncode != 0: | ||
raise Exception(f"Error running command: {cmd}\nError: {result.stderr}") | ||
return result.stdout.strip() | ||
|
||
|
||
def get_pull_requests() -> list: | ||
"""Fetch open pull requests matching some label.""" | ||
prs_json = sh("gh pr list --state open --json number,labels") | ||
prs = json.loads(prs_json) | ||
return [pr for pr in prs if any(label["name"] == LABEL for label in pr["labels"])] | ||
|
||
|
||
def check_pr_passed(pr_number) -> bool: | ||
"""Check if all status checks passed for the given PR.""" | ||
checks_json = sh(f"gh pr checks {pr_number} --json bucket") | ||
checks = json.loads(checks_json) | ||
return all(check["bucket"] == "pass" for check in checks) | ||
|
||
|
||
def approve_and_merge_pr(pr_number) -> None: | ||
"""Approve and merge the PR.""" | ||
print(APPROVE_MSG.format(pr_number) + "Proceeding with merge...") | ||
sh(f'gh pr review {pr_number} --comment -b "{APPROVE_MSG.format(pr_number)}"') | ||
sh(f"gh pr merge {pr_number} --admin --squash") | ||
|
||
|
||
def process_pull_requests(): | ||
"""Process the PRs and merge if checks have passed.""" | ||
prs = get_pull_requests() | ||
|
||
for pr in prs: | ||
pr_number: int = pr["number"] | ||
|
||
if check_pr_passed(pr_number): | ||
approve_and_merge_pr(pr_number) | ||
else: | ||
print(f"Status checks have not passed for PR #{pr_number}. Skipping merge.") | ||
|
||
|
||
if __name__ == "__main__": | ||
process_pull_requests() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -2,9 +2,12 @@ | |
|
||
DIR="$(realpath "$(dirname "${0}")")" | ||
|
||
# Configure git author | ||
git config user.email [email protected] | ||
git config user.name k8s-bot | ||
# Configure git author if unset | ||
git_email=$(git config --default "" user.email) | ||
if [ -z "${git_email}" ]; then | ||
git config user.email [email protected] | ||
git config user.name 'k8s-team-ci (CDK Bot)' | ||
fi | ||
|
||
# Remove unrelated tests | ||
rm "${DIR}/../../../tests/integration/tests/test_cilium_e2e.py" | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -3,8 +3,11 @@ | |
DIR="$(realpath "$(dirname "${0}")")" | ||
|
||
# Configure git author | ||
git config user.email [email protected] | ||
git config user.name k8s-bot | ||
git_email=$(git config --default "" user.email) | ||
if [ -z "${git_email}" ]; then | ||
git config user.email [email protected] | ||
git config user.name 'k8s-team-ci (CDK Bot)' | ||
fi | ||
|
||
# Apply strict patch | ||
git am "${DIR}/0001-Strict-patch.patch" |