forked from mirrors/nixpkgs
b5f0fdc371
Since v1.2.0 the backport action supports copying labels from the source to the backport PR. This is useful for copying the security label from the original PR to the backport PR, so relevant security updates don't get lost.
36 lines
1.5 KiB
YAML
36 lines
1.5 KiB
YAML
name: Backport
|
|
on:
|
|
pull_request_target:
|
|
types: [closed, labeled]
|
|
|
|
# WARNING:
|
|
# When extending this action, be aware that $GITHUB_TOKEN allows write access to
|
|
# the GitHub repository. This means that it should not evaluate user input in a
|
|
# way that allows code injection.
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
jobs:
|
|
backport:
|
|
permissions:
|
|
contents: write # for korthout/backport-action to create branch
|
|
pull-requests: write # for korthout/backport-action to create PR to backport
|
|
name: Backport Pull Request
|
|
if: github.repository_owner == 'NixOS' && github.event.pull_request.merged == true && (github.event_name != 'labeled' || startsWith('backport', github.event.label.name))
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v3
|
|
with:
|
|
ref: ${{ github.event.pull_request.head.sha }}
|
|
- name: Create backport PRs
|
|
uses: korthout/backport-action@v1.2.0
|
|
with:
|
|
# Config README: https://github.com/korthout/backport-action#backport-action
|
|
copy_labels_pattern: 'severity:\ssecurity'
|
|
pull_description: |-
|
|
Bot-based backport to `${target_branch}`, triggered by a label in #${pull_number}.
|
|
|
|
* [ ] Before merging, ensure that this backport complies with the [Criteria for Backporting](https://github.com/NixOS/nixpkgs/blob/master/CONTRIBUTING.md#criteria-for-backporting-changes).
|
|
* Even as a non-commiter, if you find that it does not comply, leave a comment.
|