github.com/grafana/pyroscope@v1.18.0/.github/workflows/backport.yml (about) 1 name: Backport PR Creator 2 on: 3 pull_request: 4 types: 5 - closed 6 - labeled 7 8 jobs: 9 main: 10 # We don't run the backporting for PRs from forks because those can't access "pyroscope-development-app" secrets in vault. 11 # We don't use GitHub actions app (secrets.GITHUB_TOKEN) because PRs created by the bot don't trigger CI. 12 # Also only run if the PR is merged, as an extra safe-guard. 13 if: ${{ ! github.event.pull_request.head.repo.fork && github.event.pull_request.merged == true }} 14 15 runs-on: ${{ github.repository_owner == 'grafana' && 'ubuntu-x64-small' || 'ubuntu-latest' }} 16 permissions: 17 contents: "read" 18 id-token: "write" 19 pull-requests: "write" 20 steps: 21 - name: Checkout Actions 22 uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 23 with: 24 repository: "grafana/grafana-github-actions" 25 persist-credentials: false 26 path: ./actions 27 ref: 066cbcd084b61558d99d13c76f835c49e31b4670 28 29 - name: Install Actions 30 run: npm install --production --prefix ./actions 31 32 - id: get-secrets 33 uses: grafana/shared-workflows/actions/get-vault-secrets@bae259f9ed5b6fcb050e3b58adf7aee776d4edb5 34 with: 35 repo_secrets: | 36 GITHUB_APP_ID=pyroscope-development-app:app-id 37 GITHUB_APP_PRIVATE_KEY=pyroscope-development-app:private-key 38 39 - name: Generate token 40 id: app-token 41 uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1 42 with: 43 app-id: ${{ env.GITHUB_APP_ID }} 44 private-key: ${{ env.GITHUB_APP_PRIVATE_KEY }} 45 owner: ${{ github.repository_owner }} 46 repositories: | 47 pyroscope 48 49 - name: Run backport 50 uses: ./actions/backport 51 with: 52 token: ${{ steps.app-token.outputs.token }} 53 labelsToAdd: backport 54 # The provided token needs read permissions for organization members if you want to remove the default reviewers. 55 removeDefaultReviewers: false 56 title: "[{{base}}] {{originalTitle}}"