fix(ci): gate auto-merge by label via API shell check (Forgejo if-expression matched even unlabeled)
All checks were successful
CI / static-tests (pull_request) Successful in 34s
CI / auto-merge (push) Has been skipped
CI / auto-merge (pull_request) Successful in 4s
CI / secret-scan (push) Successful in 7s
CI / php-lint (push) Successful in 16s
CI / static-tests (push) Successful in 30s
CI / secret-scan (pull_request) Successful in 8s
CI / php-lint (pull_request) Successful in 18s
All checks were successful
CI / static-tests (pull_request) Successful in 34s
CI / auto-merge (push) Has been skipped
CI / auto-merge (pull_request) Successful in 4s
CI / secret-scan (push) Successful in 7s
CI / php-lint (push) Successful in 16s
CI / static-tests (push) Successful in 30s
CI / secret-scan (pull_request) Successful in 8s
CI / php-lint (pull_request) Successful in 18s
This commit is contained in:
Imugiii
parent
cc726a00b8
commit
9c0ea4a345
1 changed files with 16 additions and 7 deletions
|
|
@ -97,24 +97,33 @@ jobs:
|
|||
|
||||
auto-merge:
|
||||
# Fusion automatique OPT-IN : poser le label `auto-merge` sur la PR.
|
||||
# Ne s'execute que si les 3 checks passent (needs) ET si le label est present.
|
||||
# Plus fiable que le merge_when_checks_succeed natif de Forgejo (qui ne se
|
||||
# declenche pas toujours au passage au vert). Fusionne via l'API REST.
|
||||
# Ne s'execute que si les 3 checks passent (needs).
|
||||
# IMPORTANT : le filtrage par label se fait DANS le step via l'API, pas dans
|
||||
# `if:` — l'expression contains(github.event.pull_request.labels.*.name, ...)
|
||||
# de Forgejo n'est pas fiable (elle s'evalue a vrai meme sans label, ce qui
|
||||
# fusionnait toute PR verte). La verification shell sur l'API est le vrai gate.
|
||||
needs: [secret-scan, php-lint, static-tests]
|
||||
if: github.event_name == 'pull_request' && contains(github.event.pull_request.labels.*.name, 'auto-merge')
|
||||
if: github.event_name == 'pull_request'
|
||||
runs-on: docker
|
||||
steps:
|
||||
- name: Install curl
|
||||
run: apt-get update -qq && apt-get install -y -qq curl ca-certificates >/dev/null
|
||||
- name: Merge PR (squash) once CI is green
|
||||
- name: Merge PR (squash) si label auto-merge present et CI verte
|
||||
run: |
|
||||
API="${{ github.server_url }}/api/v1/repos/${{ github.repository }}"
|
||||
PR="${{ github.event.pull_request.number }}"
|
||||
TOKEN="${{ secrets.FORGEJO_TOKEN }}"
|
||||
labels=$(curl -s -H "Authorization: token $TOKEN" "$API/issues/$PR/labels")
|
||||
if ! printf '%s' "$labels" | grep -q '"name"[[:space:]]*:[[:space:]]*"auto-merge"'; then
|
||||
echo "Pas de label 'auto-merge' sur la PR #$PR -> relecture manuelle, pas de fusion auto."
|
||||
exit 0
|
||||
fi
|
||||
echo "Label 'auto-merge' present + CI verte -> fusion de la PR #$PR"
|
||||
code=$(curl -s -o /tmp/resp -w "%{http_code}" -X POST \
|
||||
-H "Authorization: token ${{ secrets.FORGEJO_TOKEN }}" \
|
||||
-H "Authorization: token $TOKEN" \
|
||||
-H "Content-Type: application/json" \
|
||||
-d '{"Do":"squash","delete_branch_after_merge":true}' \
|
||||
"$API/pulls/$PR/merge")
|
||||
echo "merge HTTP $code"; cat /tmp/resp || true; echo
|
||||
[ "$code" = "200" ] || { echo "auto-merge failed (HTTP $code)"; exit 1; }
|
||||
echo "PR #$PR merged."
|
||||
echo "PR #$PR mergee."
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue