[RFC 0128] Selective auto-merge on bot upgrades #128
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change | ||||
|---|---|---|---|---|---|---|
| @@ -0,0 +1,58 @@ | ||||||
| --- | ||||||
| feature: Selective auto-merge on bot upgrades | ||||||
| start-date: 2022-07-07 | ||||||
| author: superherointj | ||||||
| co-authors: (find a buddy later to help out with the RFC) | ||||||
| shepherd-team: (names, to be nominated and accepted by RFC steering committee) | ||||||
| shepherd-leader: (name to be appointed by RFC steering committee) | ||||||
| related-issues: (will contain links to implementation PRs) | ||||||
| --- | ||||||
|
|
||||||
| # Summary | ||||||
| [summary]: #summary | ||||||
|
|
||||||
| Introduce a `meta.autoMerge` attribute to packages to allow committers to delegate merge rights to package maintainers for bot auto updates. | ||||||
|
|
||||||
| # Motivation | ||||||
| [motivation]: #motivation | ||||||
|
|
||||||
| * Reduce pending PRs for review and merge in nixpkgs. | ||||||
| * Save reviewers and commiters time. | ||||||
| * Speed up package upgrades. | ||||||
| * Motivate reviewers into becoming maintainers and reviewing PRs. | ||||||
|
|
||||||
| # Detailed design | ||||||
| [design]: #detailed-design | ||||||
|
|
||||||
| Add a new `meta.autoMerge` package attribute with type `bool` defaulting to `false`. To be documented in Nixpkgs manual. | ||||||
|
|
||||||
| Maintainer adds `auto-merge` label to PR which triggers GitHub Actions to enforce rules and merge. | ||||||
|
|
||||||
| Rules are: | ||||||
| 1) `@r-ryantm` is PR's author. | ||||||
|
There was a problem hiding this comment. Is it currently possible for other committers to push to a @r-ryantm branch? If so, does it get possible then to hijack a PR and (force) push something different? (Of course committers can do that already) There was a problem hiding this comment. Yes, it is possible and I have do this on many occasions to fixup things. |
||||||
| 2) Package `meta.autoMerge` attribute is enabled. | ||||||
| 3) All CI checks passed. | ||||||
|
There was a problem hiding this comment. This would also enforce that the package has right meta.broken/meta.platforms set otherwise darwin failures blocks auto merges. There was a problem hiding this comment. Wouldn't having to review & properly set platforms for autoMerge be a good thing? It could be checked/done when enabling the flag. |
||||||
| 4) Package maintainer has approved PR. | ||||||
|
There was a problem hiding this comment. How would that work if a package has multiple maintainers? Would they all need to approve? Would one be enough? Would 50% need to approve? Would we need to prune old maintainers? There was a problem hiding this comment.
As it is now, on autoMerge enabled packages, any single maintainer could trigger autoMerge by adding the autoMerge label to PR. The commiter would have to consider to whom and to which package he is granting auto-merge permission. The policy can be improved to fullfill needs. Like:
As an initial proposal, I'd prefer to keep this simple, for a prototype at least. Delaying implementing
Inactive maintainers don't approve PRs. => Not an issue? There was a problem hiding this comment. I would default to 50% of the maintainers listed. |
||||||
|
|
||||||
| Due maintainers being able to add labels in GitHub, labels are untrusted and are only used to trigger GitHub Actions. | ||||||
| An extra check of the 4 conditions (without using labels) is necessary in GitHub Actions before merge can happen. | ||||||
|
|
||||||
| The appropriateness of setting `meta.autoMerge` is left up to committers. Commiters have to consider to whom and to which package is being granted auto-merge permission. | ||||||
|
|
||||||
| # Drawbacks | ||||||
| [drawbacks]: #drawbacks | ||||||
|
|
||||||
| * Reduced trustworthiness. | ||||||
|
There was a problem hiding this comment.
Suggested change
|
||||||
| * Security issues: | ||||||
| - Possible failures in the GitHub Action code used to enforce rules and merge. | ||||||
|
|
||||||
| # Alternatives | ||||||
| [alternatives]: #alternatives | ||||||
|
|
||||||
| * https://github.com/NixOS/rfcs/pull/50/ | ||||||
|
There was a problem hiding this comment.
Suggested change
There was a problem hiding this comment. The closest alternative I found was #50, should I really remove it?
How does this sentence relate to this RFC? There was a problem hiding this comment.
it had a similar goal to improve the review and merge situation |
||||||
|
|
||||||
| # Unresolved questions | ||||||
| [unresolved]: #unresolved-questions | ||||||
|
|
||||||
| * Reduced trustworthiness. | ||||||
| * Security risks. | ||||||
superherointj marked this conversation as resolved.
Show resolved
Hide resolved
|
||||||
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If such a attribute/flag is to be implemented, I don't think it should be a
metaket, but apassthruone.meta, as the name suggests, it for metadata about the package, not about how our particular infrastructure would treat such package.Even if some
metaflags are useful to our infra -licensedefines if something can be cached or not, but has an informational nature independent of it; the same can be said aboutbrokenandbadPlatforms.Maybe
meta.hydraXXXis a notable exception.