diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md index 131d9057d2..b691d1aae7 100644 --- a/.github/CONTRIBUTING.md +++ b/.github/CONTRIBUTING.md @@ -162,8 +162,7 @@ When you're ready to submit a pull request: | --- | --- | | `pr/no-changelog` | This PR does not have an intended changelog entry | | `pr/no-metrics-test` | This PR does not require any testing for metrics | - | `backport/stable-website` | This PR contains documentation changes that are ready to be deployed immediately. Changes will also automatically get backported to the latest release branch | - | `backport/1.12.x` | Backport the changes in this PR to the targeted release branch. Consult the [Consul Release Notes](https://www.consul.io/docs/release-notes) page to view active releases. | + | `backport/1.12.x` | Backport the changes in this PR to the targeted release branch. Consult the [Consul Release Notes](https://www.consul.io/docs/release-notes) page to view active releases. Website documentation merged to the latest release branch is deployed immediately | Other labels may automatically be added by the Github Action CI. 7. After you submit, the Consul maintainers team needs time to carefully review your contribution and ensure it is production-ready, considering factors such as: security, diff --git a/.github/workflows/backport-assistant.yml b/.github/workflows/backport-assistant.yml index 7eac100546..95fc03c10b 100644 --- a/.github/workflows/backport-assistant.yml +++ b/.github/workflows/backport-assistant.yml @@ -18,33 +18,6 @@ jobs: runs-on: ubuntu-latest container: hashicorpdev/backport-assistant:0.3.0 steps: - - name: Run Backport Assistant for stable-website - run: | - backport-assistant backport -merge-method=squash -gh-automerge - env: - BACKPORT_LABEL_REGEXP: "type/docs-(?Pcherrypick)" - BACKPORT_TARGET_TEMPLATE: "stable-website" - BACKPORT_MERGE_COMMIT: true - GITHUB_TOKEN: ${{ secrets.ELEVATED_GITHUB_TOKEN }} - - name: Backport changes to latest release branch - run: | - # Use standard token here - resp=$(curl -f -s -H 'authorization: Bearer ${{ secrets.GITHUB_TOKEN }}' "https://api.github.com/repos/$GITHUB_REPOSITORY/labels?per_page=100") - ret="$?" - if [[ "$ret" -ne 0 ]]; then - echo "The GitHub API returned $ret" - exit $ret - fi - # get the latest backport label excluding any website labels, ex: `backport/0.3.x` and not `backport/website` - latest_backport_label=$(echo "$resp" | jq -r '.[] | select(.name | (startswith("backport/") and (contains("website") | not))) | .name' | sort -rV | head -n1) - echo "Latest backport label: $latest_backport_label" - # set BACKPORT_TARGET_TEMPLATE for backport-assistant - # trims backport/ from the beginning with parameter substitution - export BACKPORT_TARGET_TEMPLATE="release/${latest_backport_label#backport/}.x" - backport-assistant backport -merge-method=squash -gh-automerge - env: - BACKPORT_LABEL_REGEXP: "type/docs-(?Pcherrypick)" - GITHUB_TOKEN: ${{ secrets.ELEVATED_GITHUB_TOKEN }} - name: Run Backport Assistant for release branches run: | backport-assistant backport -merge-method=squash -gh-automerge diff --git a/.github/workflows/website-checker.yml b/.github/workflows/website-checker.yml deleted file mode 100644 index e5d628235d..0000000000 --- a/.github/workflows/website-checker.yml +++ /dev/null @@ -1,51 +0,0 @@ -# The outline of this workflow is something that the GitHub Security team warns against -# here: https://securitylab.github.com/research/github-actions-preventing-pwn-requests. But -# due to this workflow only running a git diff check and not building or publishing anything, -# there is no harm in checking out the PR HEAD code. -# -# All the code checked out in this workflow should be considered untrusted. This workflow must -# never call any makefiles or scripts. It must never be changed to run any code from the checkout. - -# This workflow posts a message to a PR to remind maintainers that there are website/ changes -# in the PR and if they need to be cherry-picked to the stable-website branch, the -# 'type/docs-cherrypick' label needs to be applied. - -name: Website Checker - -on: - pull_request_target: - types: [opened] - # Runs on PRs to main and all release branches - branches: - - main - - release/* - -jobs: - # checks that a 'type/docs-cherrypick' label is attached to PRs with website/ changes - website-check: - # If there's already a `type/docs-cherrypick` label or an explicit `pr/no-docs` label, we ignore this check - if: >- - !contains(github.event.pull_request.labels.*.name, 'type/docs-cherrypick') && - !contains(github.event.pull_request.labels.*.name, 'pr/no-docs') - runs-on: ubuntu-latest - - steps: - - uses: actions/checkout@v2 - with: - ref: ${{ github.event.pull_request.head.sha }} - fetch-depth: 0 # by default the checkout action doesn't checkout all branches - - name: Check for website/ dir change in diff - run: | - # check if there is a diff in the website/ directory - website_files=$(git --no-pager diff --name-only HEAD "$(git merge-base HEAD "origin/${{ github.event.pull_request.base.ref }}")" -- website/) - - # If we find changed files in the website/ directory, we post a comment to the PR - if [ -n "$website_files" ]; then - # post PR comment to GitHub to check if a 'type/docs-cherrypick' label needs to be applied to the PR - echo "website-check: Did not find a 'type/docs-cherrypick' label, posting a reminder in the PR" - github_message="🤔 This PR has changes in the \`website/\` directory but does not have a \`type/docs-cherrypick\` label. If the changes are for the next version, this can be ignored. If they are updates to current docs, attach the label to auto cherrypick to the \`stable-website\` branch after merging." - curl -s -H "Authorization: token ${{ secrets.PR_COMMENT_TOKEN }}" \ - -X POST \ - -d "{ \"body\": \"${github_message}\"}" \ - "https://api.github.com/repos/${GITHUB_REPOSITORY}/issues/${{ github.event.pull_request.number }}/comments" - fi