-
Notifications
You must be signed in to change notification settings - Fork 4.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Github Action] Add backport
workflow
#24576
Conversation
Pinging @elastic/agent (Team:Agent) |
💚 Build Succeeded
Expand to view the summary
Build stats
Trends 🧪❕ Flaky test reportNo test was executed to be analysed. |
- name: Run Backport | ||
uses: ./actions/backport | ||
with: | ||
github_token: ${{secrets.BACKPORT_ACTION_TOKEN}} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This secret can be added via Github repos settings.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this is one of the reasons we do not want to use actions, the management of secrets.
uses: ./actions/backport | ||
with: | ||
github_token: ${{secrets.BACKPORT_ACTION_TOKEN}} | ||
commit_user: kibanamachine |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is there a Github user for beats similar to kibanamachine?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah, they should use something other than kibanamachine
, probably elasticmachine
or their jenkins-beats-ci
bot?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hey @sqren , thanks for raising this PR! 🙏
I like this approach, in fact, it was in our TODO list among evaluating other tools such as mergify
.
What Ivan mentioned about the credentials is something we would like to spend a bit more of time to think about it and come up with a final decision with the Beats team.
Would you mind if I ask you to hold on this PR for the time being until we get an agreement?
Thanks again for pushing this 🙏
@sqren I am trying to understand the auto-merge workflow, does that mean that you tag a PR with "auto-backport" and you add a label for the version / branch to target? Is this used by Kibana already? Is this the official doc https://github.com/sqren/backport-github-action ? @v1v and @kuisathaverat I understand the complexity of managing secrets, but this seems something that could simplify dev workflow and the "managing' of secret could come after, or actually it's a problem we would need to solve anyway? If other teams are using a similar workflow, either they are fine with the token or they actually have something to manage it. Looking at @ruflin comment and myself I would be OK to turn it on, maybe with auto merge off initially until we see how it behaves and turn it on after. |
Yes, the user adds
Yes! You can see all the PRs with the
No - it was the initial POC I did. Based on that the Kibana team then built this: https://github.com/elastic/kibana-github-actions/tree/main/backport |
The secret is managed at the repository level, this is fine is you only have one repository on observability we have more than 90 repositories, this means that every time we rotate that token we have to update 90 repositories, because of that @v1v is testing alternatives, we have enabled |
I just raised #24608 in order to add more context about the |
If you do want to use an action similar to ours, you have a couple of options for the secrets:
Not trying to push you toward actions, just making sure you're aware of options. |
This adds the backport Github action.
It will automatically create backports for PRs containing the
auto-backport
label. The PRs will be merged automatically when they pass CI (this can be turned off if deemed too scary).@brianseeders looks good to you?