| # This action requires the following secrets to be set on the repository: |
| # GH_USER_TOKEN: GitHub user token, to be used by ncu and to push changes |
| # JENKINS_USER: GitHub user whose Jenkins token is defined below |
| # JENKINS_TOKEN: Jenkins token, to be used to check CI status |
| |
| name: Commit Queue |
| |
| on: |
| # `schedule` event is used instead of `pull_request` because when a |
| # `pull_request` event is triggered on a PR from a fork, GITHUB_TOKEN will |
| # be read-only, and the Action won't have access to any other repository |
| # secrets, which it needs to access Jenkins API. |
| schedule: |
| - cron: '*/5 * * * *' |
| |
| concurrency: ${{ github.workflow }} |
| |
| env: |
| NODE_VERSION: lts/* |
| |
| permissions: |
| contents: read |
| |
| jobs: |
| get_mergeable_prs: |
| permissions: |
| pull-requests: read |
| if: github.repository == 'nodejs/node' |
| runs-on: ubuntu-latest |
| outputs: |
| numbers: ${{ steps.get_mergeable_prs.outputs.numbers }} |
| steps: |
| - name: Get Pull Requests |
| id: get_mergeable_prs |
| run: | |
| prs=$(gh pr list \ |
| --repo "$GITHUB_REPOSITORY" \ |
| --base "$GITHUB_REF_NAME" \ |
| --label 'commit-queue' \ |
| --json 'number' \ |
| --search "created:<=$(date --date="2 days ago" +"%Y-%m-%dT%H:%M:%S%z") -label:blocked" \ |
| -t '{{ range . }}{{ .number }} {{ end }}' \ |
| --limit 100) |
| fast_track_prs=$(gh pr list \ |
| --repo "$GITHUB_REPOSITORY" \ |
| --base "$GITHUB_REF_NAME" \ |
| --label 'commit-queue' \ |
| --label 'fast-track' \ |
| --search "-label:blocked" \ |
| --json 'number' \ |
| -t '{{ range . }}{{ .number }} {{ end }}' \ |
| --limit 100) |
| numbers=$(echo $prs' '$fast_track_prs | jq -r -s 'unique | join(" ")') |
| echo "numbers=$numbers" >> "$GITHUB_OUTPUT" |
| env: |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |
| commitQueue: |
| needs: get_mergeable_prs |
| if: needs.get_mergeable_prs.outputs.numbers != '' |
| runs-on: ubuntu-latest |
| steps: |
| - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 |
| with: |
| # A personal token is required because pushing with GITHUB_TOKEN will |
| # prevent commits from running CI after they land. It needs |
| # to be set here because `checkout` configures GitHub authentication |
| # for push as well. |
| token: ${{ secrets.GH_USER_TOKEN }} |
| |
| # Install dependencies |
| - name: Install Node.js |
| uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0 |
| with: |
| node-version: ${{ env.NODE_VERSION }} |
| - name: Install @node-core/utils |
| run: npm install -g @node-core/utils |
| |
| - name: Set variables |
| run: | |
| echo "REPOSITORY=$(echo "$GITHUB_REPOSITORY" | cut -d/ -f2)" >> "$GITHUB_ENV" |
| |
| - name: Configure @node-core/utils |
| run: | |
| ncu-config set branch "${GITHUB_REF_NAME}" |
| ncu-config set upstream origin |
| ncu-config set username "$USERNAME" |
| ncu-config set token "$GITHUB_TOKEN" |
| ncu-config set jenkins_token "$JENKINS_TOKEN" |
| ncu-config set repo "${REPOSITORY}" |
| ncu-config set owner "${GITHUB_REPOSITORY_OWNER}" |
| env: |
| USERNAME: ${{ secrets.JENKINS_USER }} |
| GITHUB_TOKEN: ${{ secrets.GH_USER_TOKEN }} |
| JENKINS_TOKEN: ${{ secrets.JENKINS_TOKEN }} |
| |
| - name: Start the Commit Queue |
| run: ./tools/actions/commit-queue.sh "${GITHUB_REPOSITORY_OWNER}" "${REPOSITORY}" ${{ needs.get_mergeable_prs.outputs.numbers }} |
| env: |
| GITHUB_TOKEN: ${{ secrets.GH_USER_TOKEN }} |
