| # This action requires the following secrets to be set on the repository: |
| # GH_USER_NAME: GitHub user whose Jenkins and GitHub token are defined below |
| # GH_USER_TOKEN: GitHub user token, to be used by ncu and to push changes |
| # JENKINS_TOKEN: Jenkins token, to be used to check CI status |
| |
| name: Commit Queue |
| |
| on: |
| # `schedule` event is used instead of `pull_request` because when a |
| # `pull_request` event is triggered on a PR from a fork, GITHUB_TOKEN will |
| # be read-only, and the Action won't have access to any other repository |
| # secrets, which it needs to access Jenkins API. |
| schedule: |
| - cron: '*/5 * * * *' |
| |
| concurrency: ${{ github.workflow }} |
| |
| env: |
| NODE_VERSION: lts/* |
| |
| permissions: |
| contents: read |
| |
| jobs: |
| get_mergeable_prs: |
| permissions: |
| pull-requests: read |
| if: github.repository == 'nodejs/node' |
| runs-on: ubuntu-latest |
| outputs: |
| numbers: ${{ steps.get_mergeable_prs.outputs.numbers }} |
| steps: |
| - name: Get Pull Requests |
| id: get_mergeable_prs |
| run: | |
| prs=$(gh pr list \ |
| --repo ${{ github.repository }} \ |
| --base ${{ github.ref_name }} \ |
| --label 'commit-queue' \ |
| --json 'number' \ |
| --search "created:<=$(date --date="2 days ago" +"%Y-%m-%dT%H:%M:%S%z") -label:blocked" \ |
| -t '{{ range . }}{{ .number }} {{ end }}' \ |
| --limit 100) |
| fast_track_prs=$(gh pr list \ |
| --repo ${{ github.repository }} \ |
| --base ${{ github.ref_name }} \ |
| --label 'commit-queue' \ |
| --label 'fast-track' \ |
| --search "-label:blocked" \ |
| --json 'number' \ |
| -t '{{ range . }}{{ .number }} {{ end }}' \ |
| --limit 100) |
| numbers=$(echo $prs' '$fast_track_prs | jq -r -s 'unique | join(" ")') |
| echo "numbers=$numbers" >> $GITHUB_OUTPUT |
| env: |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |
| commitQueue: |
| needs: get_mergeable_prs |
| if: needs.get_mergeable_prs.outputs.numbers != '' |
| runs-on: ubuntu-latest |
| steps: |
| - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 |
| with: |
| # Needs the whole git history for ncu to work |
| # See https://github.com/nodejs/node-core-utils/pull/486 |
| fetch-depth: 0 |
| # A personal token is required because pushing with GITHUB_TOKEN will |
| # prevent commits from running CI after they land. It needs |
| # to be set here because `checkout` configures GitHub authentication |
| # for push as well. |
| token: ${{ secrets.GH_USER_TOKEN }} |
| |
| # Install dependencies |
| - name: Install Node.js |
| uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a # v4.2.0 |
| with: |
| node-version: ${{ env.NODE_VERSION }} |
| - name: Install @node-core/utils |
| run: npm install -g @node-core/utils |
| |
| - name: Set variables |
| run: | |
| echo "REPOSITORY=$(echo ${{ github.repository }} | cut -d/ -f2)" >> $GITHUB_ENV |
| echo "OWNER=${{ github.repository_owner }}" >> $GITHUB_ENV |
| |
| - name: Configure @node-core/utils |
| run: | |
| ncu-config set branch ${GITHUB_REF_NAME} |
| ncu-config set upstream origin |
| ncu-config set username "$USERNAME" |
| ncu-config set token "$GH_TOKEN" |
| ncu-config set jenkins_token "$JENKINS_TOKEN" |
| ncu-config set repo "${REPOSITORY}" |
| ncu-config set owner "${OWNER}" |
| env: |
| USERNAME: ${{ secrets.JENKINS_USER }} |
| GH_TOKEN: ${{ secrets.GH_USER_TOKEN }} |
| JENKINS_TOKEN: ${{ secrets.JENKINS_TOKEN }} |
| |
| - name: Start the Commit Queue |
| run: ./tools/actions/commit-queue.sh ${{ env.OWNER }} ${{ env.REPOSITORY }} ${{ needs.get_mergeable_prs.outputs.numbers }} |
| env: |
| GITHUB_TOKEN: ${{ secrets.GH_USER_TOKEN }} |
