diff options
Diffstat (limited to 'infra/libkookie/nixpkgs/.github/workflows/rebase.yml')
-rw-r--r-- | infra/libkookie/nixpkgs/.github/workflows/rebase.yml | 134 |
1 files changed, 134 insertions, 0 deletions
diff --git a/infra/libkookie/nixpkgs/.github/workflows/rebase.yml b/infra/libkookie/nixpkgs/.github/workflows/rebase.yml new file mode 100644 index 000000000000..50d066dd754f --- /dev/null +++ b/infra/libkookie/nixpkgs/.github/workflows/rebase.yml @@ -0,0 +1,134 @@ +on: + issue_comment: + types: + - created + +# This action allows people with write access to the repo to rebase a PRs base branch +# by commenting `/rebase ${branch}` on the PR while avoiding CODEOWNER notifications. + +jobs: + rebase: + runs-on: ubuntu-latest + if: github.repository_owner == 'NixOS' && github.event.issue.pull_request != '' && contains(github.event.comment.body, '/rebase') + steps: + - uses: peter-evans/create-or-update-comment@v1 + with: + comment-id: ${{ github.event.comment.id }} + reactions: eyes + - uses: scherermichael-oss/action-has-permission@1.0.6 + id: check-write-access + with: + required-permission: write + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + - name: check permissions + run: | + echo "Commenter doesn't have write access to the repo" + exit 1 + if: "! steps.check-write-access.outputs.has-permission" + - name: setup + run: | + curl "https://api.github.com/repos/${{ github.repository }}/pulls/${{ github.event.issue.number }}" 2>/dev/null >pr.json + cat <<EOF >>"$GITHUB_ENV" + CAN_MODIFY=$(jq -r '.maintainer_can_modify' pr.json) + COMMITS=$(jq -r '.commits' pr.json) + CURRENT_BASE=$(jq -r '.base.ref' pr.json) + PR_BRANCH=$(jq -r '.head.ref' pr.json) + COMMENT_BRANCH=$(echo ${{ github.event.comment.body }} | awk "/^\/rebase / {print \$2}") + PULL_REQUEST=${{ github.event.issue.number }} + EOF + rm pr.json + - name: check branch + env: + PERMANENT_BRANCHES: "haskell-updates|master|nixos|nixpkgs|python-unstable|release|staging" + VALID_BRANCHES: "haskell-updates|master|python-unstable|release-20.09|staging|staging-20.09|staging-next" + run: | + message() { + cat <<EOF + Can't rebase $PR_BRANCH from $CURRENT_BASE onto $COMMENT_BRANCH (PR:$PULL_REQUEST COMMITS:$COMMITS) + EOF + } + if ! [[ "$COMMENT_BRANCH" =~ ^($VALID_BRANCHES)$ ]]; then + cat <<EOF + Check that the branch from the comment is valid: + + $(message) + + This action can only rebase onto these branches: + + $VALID_BRANCHES + + \`/rebase \${branch}\` must be at the start of the line + EOF + exit 1 + fi + if [[ "$COMMENT_BRANCH" == "$CURRENT_BASE" ]]; then + cat <<EOF + Check that the branch from the comment isn't the current base branch: + + $(message) + EOF + exit 1 + fi + if [[ "$COMMENT_BRANCH" == "$PR_BRANCH" ]]; then + cat <<EOF + Check that the branch from the comment isn't the current branch: + + $(message) + EOF + exit 1 + fi + if [[ "$PR_BRANCH" =~ ^($PERMANENT_BRANCHES) ]]; then + cat <<EOF + Check that the PR branch isn't a permanent branch: + + $(message) + EOF + exit 1 + fi + if [[ "$CAN_MODIFY" != "true" ]]; then + cat <<EOF + Check that maintainers can edit the PR branch: + + $(message) + EOF + exit 1 + fi + - uses: actions/checkout@v2 + with: + fetch-depth: 0 + - name: rebase pull request + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + git config --global user.email "41898282+github-actions[bot]@users.noreply.github.com" + git config --global user.name "github-actions[bot]" + git fetch origin + gh pr checkout "$PULL_REQUEST" + git rebase \ + --onto="$(git merge-base origin/"$CURRENT_BASE" origin/"$COMMENT_BRANCH")" \ + "HEAD~$COMMITS" + git push --force + curl \ + -X POST \ + -H "Accept: application/vnd.github.v3+json" \ + -H "Authorization: token $GITHUB_TOKEN" \ + -d "{ \"base\": \"$COMMENT_BRANCH\" }" \ + "https://api.github.com/repos/${{ github.repository }}/pulls/$PULL_REQUEST" + curl \ + -X PATCH \ + -H "Accept: application/vnd.github.v3+json" \ + -H "Authorization: token $GITHUB_TOKEN" \ + -d '{ "state": "closed" }' \ + "https://api.github.com/repos/${{ github.repository }}/pulls/$PULL_REQUEST" + - uses: peter-evans/create-or-update-comment@v1 + with: + issue-number: ${{ github.event.issue.number }} + body: | + Rebased, please reopen the pull request to restart CI + - uses: peter-evans/create-or-update-comment@v1 + if: failure() + with: + issue-number: ${{ github.event.issue.number }} + body: | + [Failed to rebase](https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}) |