Skip to content
ack

2025-12 releases #1041

Sign in to view logs

2025-12 releases

2025-12 releases #1041

Workflow file for this run

.github/workflows/ack.yml at 4246d5e
---
# ack workflow runs on any change made to a pull-request and aims to verify
# that is following our practices. Initial version is checking correct label
# presence.
name: ack
on:
issues:
types: [opened, reopened]
merge_group:
pull_request_target:
types: [opened, labeled, unlabeled, synchronize]
workflow_call: # allows reuse of this workflow from other devtools repos
secrets:
BOT_PAT:
required: false
jobs:
ack:
runs-on: ubuntu-24.04
environment: ack
env:
BOT_PAT: ${{ secrets.BOT_PAT || secrets.ANSIBUDDY_BOT_PAT }}
permissions:
checks: write
contents: write # needed to update release
pull-requests: write # pr approval and merge
steps:
- name: Checkout
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6
- name: Dump GitHub context
env:
GITHUB_CONTEXT: ${{ toJson(github) }}
run: echo "$GITHUB_CONTEXT"
- uses: bcoe/conventional-release-labels@v1
with:
type_labels: '{"feat": "feat", "fix": "fix", "breaking": "breaking", "chore": "chore"}'
ignored_types: "[]"
- name: Verify PR label action
if: github.event_name != 'merge_group'
uses: mheap/github-action-required-labels@8afbe8ae6ab7647d0c9f0cfa7c2f939650d22509 # v5
with:
mode: exactly
count: 1
add_comment: true
message: >
Label error. Requires {{errorString}} {{count}} of: {{ provided }}.
Found: {{ applied }}. Follow https://www.conventionalcommits.org to
get auto-labeling to work correctly.
exit_type: failure
# see conventional commits prefixes: https://www.conventionalcommits.org
labels: |
breaking
build
chore
ci
docs
feat
fix
perf
refactor
style
test
- name: Update release notes if this is already merged
if: github.event.pull_request.merged == true
uses: release-drafter/release-drafter@b1476f6e6eb133afa41ed8589daba6dc69b4d3f5 # v6
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Add issue or pull-request to 'devtools' project
# Workaround for running this step only if BOT_PAT secret is found
# also this action would not work on merge_group events.
if: env.BOT_PAT != null && github.event_name != 'merge_group'
# Continuing on errors to avoid failures for duplicate content in the project board.
# Occurs when PRs are created from draft on the board, which is standard behavior
# from external orgs (e.g. from ansible-automation-platform org).
# See https://github.com/actions/add-to-project/issues/389
continue-on-error: true
uses: actions/add-to-project@main
with:
project-url: https://github.com/orgs/ansible/projects/86
# Do not use secrets.GITHUB_TOKEN here because it does not have
# access to projects. Only personal access tokens (PAT) can be used.
github-token: ${{ env.BOT_PAT }}
# labeled: skip-changelog
# label-operator: NOT
# https://docs.github.com/en/code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions#approve-a-pull-request
- name: Enable auto-merge and approve PRs from safe bots
# do not use github.actor as this can be someone else than the PR author
if: >
env.BOT_PAT != null &&
github.event_name != 'merge_group' && (
github.event.pull_request.user.login == 'dependabot[bot]' ||
github.event.pull_request.user.login == 'pre-commit-ci[bot]' ||
github.event.pull_request.user.login == 'renovate[bot]'
)
run: |
set -e
gh pr merge --auto --squash "$PR_URL"
gh pr review --approve "$PR_URL"
env:
PR_URL: ${{ github.event.pull_request.html_url }}
GH_TOKEN: ${{ env.BOT_PAT }}