upstream/icinga2
1
0
Fork 0
mirror of https://github.com/Icinga/icinga2.git synced 2026-02-03 20:40:17 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
icinga2/.github/workflows/backbot.yml
Yonas Habteab 5cbcb0ff7b backbot: drop conflict_resolution option
2026-01-21 14:03:34 +01:00

57 lines
2.9 KiB
YAML
Raw Blame History

name: Backbot
on:
pull_request_target:
types:
- closed
- labeled
# Disable all permissions for the GITHUB_TOKEN, as we are using a GitHub App token instead.
permissions: {}
jobs:
backbot:
runs-on: ubuntu-latest
if: |
github.repository_owner == 'Icinga' &&
github.event.pull_request.merged == true && (
github.event.action != 'labeled' ||
startsWith(github.event.label.name, 'backport-to-support/')
)
steps:
- name: Generate GitHub Installation Access Token
# Use GitHub App to generate an installation access token to allow PRs created by Backbot to trigger workflows.
# This is necessary because PRs created using the default GITHUB_TOKEN do not trigger workflows plus
# GitHub doesn't allow to alter any file within the .github/workflows directory using the default GITHUB_TOKEN.
# This action will create a token with the permissions defined below and is valid only for 1 hour, but if the
# job completes before that 1 hour limit, the token will automatically be revoked.
uses: actions/create-github-app-token@v2.2.1
id: backbot-token
with:
app-id: ${{ secrets.BACKBOT_APP_ID }}
private-key: ${{ secrets.BACKBOT_APP_PRIVATE_KEY }}
skip-token-revoke: false # Revoke the token after the job is done (is the default behavior).
# GitHub recommends to explicitly list the permissions the token should have instead of inheriting all the
# permissions from the GitHub App itself. See https://github.com/actions/create-github-app-token
permission-contents: write # Allow to create, delete and update branches.
permission-pull-requests: write # Allow to create and update PRs.
permission-workflows: write # Allow to backport PRs that modify workflow files.
permission-issues: write # Needed to add comments to the PRs created by Backbot and the original PR.
- name: Checkout
uses: actions/checkout@v6
with:
token: ${{ steps.backbot-token.outputs.token }} # To make authenticated git operations.
sha: ${{ github.event.pull_request.head.sha }} # Checkout the latest commit of the merged PR.
- name: Run Backbot
uses: korthout/backport-action@c656f5d5851037b2b38fb5db2691a03fa229e3b2 # v4.0.1
with:
github_token: ${{ steps.backbot-token.outputs.token }}
copy_labels_pattern: '^(?!cla\/signed$).*' # copy all labels other than the cla/signed label
label_pattern: 'backport-to-(support\/\d+\.\d+)' # regex to match labels like backport-to-support/2.14
merge_commits: skip # skip merge commits found in the original PR history
pull_description: |-
Backport of #${pull_number} to `${target_branch}`, triggered by a label.
---
This is an automated backport PR. Please review it carefully before merging.
Reference in a new issue View git blame Copy permalink