-
Notifications
You must be signed in to change notification settings - Fork 38
139 lines (128 loc) · 5.9 KB
/
backport.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
---
name: Backport changes
on:
pull_request:
types:
- closed
branches:
- main
jobs:
get-labels:
if: github.event.pull_request.merged == true
runs-on: ubuntu-latest
outputs:
branches: ${{ steps.get-labels.outputs.branches }}
user: ${{ steps.get-labels.outputs.user }}
valid: ${{ steps.get-labels.outputs.valid }}
steps:
- name: Determine branches to cherry-pick to
id: get-labels
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
# concat labels into comman-separated string, e.g. "bug,backport to all versions,remediation"
PR_LABELS="${{ join(github.event.pull_request.labels.*.name, ',') }}"
if [[ -z "$PR_LABELS" ]]; then
echo "valid=false" >> $GITHUB_OUTPUT
exit 0
else
echo "valid=true" >> $GITHUB_OUTPUT
fi
BRANCHES=""
if [[ $PR_LABELS =~ "backport to all versions" ]]; then
# fetch all branches with 'v/' prefix from the GitHub API
RAW_RESPONSE=$(gh api --paginate --jq '.[].name' /repos/${{ github.repository }}/branches)
ALL_BRANCHES=$(echo "$RAW_RESPONSE" | grep '^v/')
# Prepare the BRANCHES variable, remove trailing comma and newline
BRANCHES=$(echo "$ALL_BRANCHES" | tr '\n' ',')
BRANCHES=${BRANCHES%,} # Removing the trailing comma and newline
else
BRANCH_NAMES=$(echo "$PR_LABELS" | grep -o 'backport to v/[0-9]\+\.[0-9]\+' | sed -e 's/backport to //')
BRANCHES=$(echo "$BRANCH_NAMES" | tr '\n' ',')
BRANCHES=${BRANCHES::-1} # Removing the trailing comma
fi
# Convert BRANCHES into a valid JSON array
BRANCHES_ARRAY=$(echo "$BRANCHES" | tr ', ' '\n\n' | sed 's/^/"/;s/$/"/' | tr '\n' ',' | sed 's/,$//')
BRANCHES_ARRAY="[$BRANCHES_ARRAY]"
echo "branches=$BRANCHES_ARRAY" >> $GITHUB_OUTPUT
echo "user=${{ github.actor }}" >> $GITHUB_OUTPUT
backport:
needs: get-labels
if: needs.get-labels.outputs.branches != '' && needs.get-labels.outputs.valid == 'true'
strategy:
matrix:
branch: ${{fromJson(needs.get-labels.outputs.branches)}}
runs-on: ubuntu-latest
permissions:
id-token: write
contents: read
steps:
- uses: aws-actions/configure-aws-credentials@v4
with:
aws-region: ${{ vars.RP_AWS_CRED_REGION }}
role-to-assume: arn:aws:iam::${{ secrets.RP_AWS_CRED_ACCOUNT_ID }}:role/${{ vars.RP_AWS_CRED_BASE_ROLE_NAME }}${{ github.event.repository.name }}
- uses: aws-actions/aws-secretsmanager-get-secrets@v2
with:
secret-ids: |
,sdlc/prod/github/actions_bot_token
parse-json-secrets: true
# Checkout the specified branch from redpanda repository.
- name: Checkout redpanda repository
uses: actions/checkout@v4
with:
fetch-depth: 0
repository: redpanda-data/docs
token: ${{ env.ACTIONS_BOT_TOKEN }}
- name: Set up git config
run: |
echo "Setting up git config..."
git config user.name "vbotbuildovich"
git config user.email "[email protected]"
- name: Checkout maintenance branch and cherry-pick
run: |
echo "Fetching latest changes..."
git fetch
# Check if the branch exists
BRANCH_CHECK=$(git ls-remote --heads origin ${{ matrix.branch }})
if [[ -z "$BRANCH_CHECK" ]]; then
echo "Branch ${{ matrix.branch }} does not exist. Skipping."
exit 0
fi
echo "Checking out branch: ${{ matrix.branch }}..."
git checkout ${{ matrix.branch }} || (echo "Failed to checkout branch: ${{ matrix.branch }}." && exit 1)
echo "Cherry-picking changes..."
# Attempt cherry-pick and capture any errors
if ! git cherry-pick -x $GITHUB_SHA; then
echo "Cherry-pick had conflicts for branch ${{ matrix.branch }}. Creating GitHub issue for manual intervention."
# Create a GitHub issue
issue_title="Manual backport required for ${{ matrix.branch }}"
issue_body="A conflict occurred while backporting commit $GITHUB_SHA to branch ${{ matrix.branch }}. Manual intervention is required.\
\nTo manually apply the change, you must cherry-pick it locally and fix the conflicts:\
\n\`\`\`bash\
\n git fetch origin\
\n git checkout ${{ matrix.branch }}\
\n git pull origin ${{ matrix.branch }}\
\n git cherry-pick $GITHUB_SHA\
\n # Resolve any merge conflicts here, then commit the changes\
\n git push origin ${{ matrix.branch }}\
\n\`\`\`\
\nIf you no longer want to backport the change to this version, close this issue."
response=$(curl -sS -w "%{http_code}" -X POST \
-H "Authorization: token ${{ env.ACTIONS_BOT_TOKEN }}" \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/repos/${{ github.repository }}/issues \
-d "{ \"title\": \"$issue_title\", \"body\": \"$issue_body\", \"assignees\": [\"${{ needs.get-labels.outputs.user }}\"] }")
status_code=$(echo "$response" | tail -n 1)
if [[ $status_code -lt 200 || $status_code -gt 299 ]]; then
echo "Failed to create GitHub issue. HTTP status code: $status_code"
echo "$response"
exit 1
fi
json_response=$(echo "$response" | head -n -1)
issue_url=$(echo "$json_response" | jq '.html_url')
git cherry-pick --abort
echo "Failed to cherry-pick. Manual intervention might be needed. See the created issue: $issue_url"
else
echo "Pushing changes to branch: ${{ matrix.branch }}..."
git push
fi