diff --git a/.github/workflows/auto-merge-successful-prs.yaml b/.github/workflows/auto-merge-successful-prs.yaml new file mode 100644 index 0000000000..957d4bad7c --- /dev/null +++ b/.github/workflows/auto-merge-successful-prs.yaml @@ -0,0 +1,29 @@ +name: Auto-merge Successful PRs + +on: + workflow_dispatch: + schedule: + - cron: "*/15 * * * *" # Every 15 minutes + +permissions: + contents: read + pull-requests: write + +jobs: + find_and_merge: + runs-on: ubuntu-latest + + steps: + - name: Harden Runner + uses: step-security/harden-runner@v2 + with: + egress-policy: audit + - name: Checking out repo + uses: actions/checkout@v4 + + # Fetch open pull requests and check for status checks on automerge PRs + - name: Auto-merge pull requests if all status checks pass + env: + GITHUB_TOKEN: ${{ secrets.DEPLOY_KEY_TO_UPDATE_STRICT_BRANCH }} + run: | + build-scripts/hack/auto-merge-successful-prs.sh \ No newline at end of file diff --git a/.github/workflows/update-components.yaml b/.github/workflows/update-components.yaml index 7f9e437458..3793d83bfc 100644 --- a/.github/workflows/update-components.yaml +++ b/.github/workflows/update-components.yaml @@ -56,5 +56,9 @@ jobs: title: "[${{ matrix.branch }}] Update component versions" body: "[${{ matrix.branch }}] Update component versions" branch: "autoupdate/sync/${{ matrix.branch }}" + labels: | + automerge + automated pr + component update delete-branch: true base: ${{ matrix.branch }} diff --git a/build-scripts/auto-merge-successful-pr.sh b/build-scripts/auto-merge-successful-pr.sh new file mode 100755 index 0000000000..6b4bdcf3a6 --- /dev/null +++ b/build-scripts/auto-merge-successful-pr.sh @@ -0,0 +1,25 @@ +#!/bin/bash + +set -e + +# Fetch the open pull requests +prs=$(gh pr list --state open --json number,headRefName,labels | jq '[.[] | select(.labels | any(.name == "automerge"))]') + +for pr in $(echo "$prs" | jq -r '.[] | @base64'); do + _jq() { + echo ${pr} | base64 --decode | jq -r ${1} + } + + pr_number=$(_jq '.number') + head_branch=$(_jq '.headRefName') + + # Check status checks for each PR + checks_passed=$(gh pr checks $pr_number --json bucket | jq -r '.[].bucket == "pass"' | sort | uniq) + +if [[ "$checks_passed" == "true" ]]; then + echo "All status checks passed for PR #$pr_number. Proceeding with merge..." + echo gh pr merge $pr_number --auto --squash +else + echo "Status checks have not passed for PR #$pr_number. Skipping merge." +fi +done