github.com/crossplane/upjet@v1.3.0/.github/workflows/backport.yml

github.com/crossplane/upjet@v1.3.0/.github/workflows/backport.yml (about)

     1  # SPDX-FileCopyrightText: 2023 The Crossplane Authors <https://crossplane.io>
     2  #
     3  # SPDX-License-Identifier: CC0-1.0
     4  
     5  name: Backport
     6  
     7  on:
     8    # NOTE(negz): This is a risky target, but we run this action only when and if
     9    # a PR is closed, then filter down to specifically merged PRs. We also don't
    10    # invoke any scripts, etc from within the repo. I believe the fact that we'll
    11    # be able to review PRs before this runs makes this fairly safe.
    12    # https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
    13    pull_request_target:
    14      types: [closed]
    15    # See also commands.yml for the /backport triggered variant of this workflow.
    16  
    17  jobs:
    18    # NOTE(negz): I tested many backport GitHub actions before landing on this
    19    # one. Many do not support merge commits, or do not support pull requests with
    20    # more than one commit. This one does. It also handily links backport PRs with
    21    # new PRs, and provides commentary and instructions when it can't backport.
    22    # The main gotchas with this action are that it _only_ supports merge commits,
    23    # and that PRs _must_ be labelled before they're merged to trigger a backport.
    24    open-pr:
    25      runs-on: ubuntu-20.04
    26      if: github.event.pull_request.merged
    27      steps:
    28        - name: Checkout
    29          uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 #v3
    30          with:
    31            fetch-depth: 0
    32  
    33        - name: Open Backport PR
    34          uses: zeebe-io/backport-action@v0.0.4
    35          with:
    36            github_token: ${{ secrets.GITHUB_TOKEN }}
    37            github_workspace: ${{ github.workspace }}
    38            version: v0.0.4