Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

major: remove backing web app #107

Merged
merged 13 commits into from
Dec 13, 2021
Merged

major: remove backing web app #107

merged 13 commits into from
Dec 13, 2021

Conversation

Eomm
Copy link
Member

@Eomm Eomm commented Nov 25, 2021
edited
Loading

fix #103

This PR removes the need for an external application to merge the PRs.

Here is an example of how it shows up: #106

How to upgrade from 2.x to new 3.x

  • Update the action version.
  • Add the new permissions configuration into your workflow or, instead, you can set the permissions rules on the repository or on the organization.
  • If you have customized the api-url you can:

Migration example:

jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      # ...

  automerge:
    needs: build
    runs-on: ubuntu-latest
+    permissions:
+      pull-requests: write
+      contents: write
    steps:
-     - uses: fastify/github-action-merge-dependabot@v2.1.1
+     - uses: fastify/github-action-merge-dependabot@v3.0.0
        with:
          github-token: ${{ secrets.GITHUB_TOKEN }}

@simoneb
Copy link
Collaborator

simoneb commented Nov 25, 2021

fix #103

How to migrate

  • If you have customized the api-url you can:

One the first point above is something you have to change if you customized it, the second always applies. Mention the changes in order of importance please.

We need to show an example here

simoneb
simoneb reviewed Nov 25, 2021
View reviewed changes
.github/workflows/test.yml Outdated Show resolved Hide resolved
src/action.js Outdated Show resolved Hide resolved
src/action.js Outdated Show resolved Hide resolved
src/github-action-client.js Outdated Show resolved Hide resolved
test/action.test.js Outdated Show resolved Hide resolved
test/action.test.js Outdated Show resolved Hide resolved
@simoneb
Copy link
Collaborator

simoneb commented Nov 26, 2021

Looks awesome, thanks. We need to think about a migration plan. See @mcollina's concerns in the original issue. Do you think they're still valid?
The problem is, if we just release a new major people's builds will break and it may not be obvious to them why they break. On the other hand if we don't publish the new version people won't know it's available.

Matteo was suggesting to rebrand this. If we do, I would like to move it back to the @nearform org though, since in practice we have done all the development, but I'm not sure if he would agree. Nonetheless, NearForm developed it.

@Eomm
Copy link
Member Author

Eomm commented Nov 26, 2021

Regarding the rollout.

The main issue is that we don't want auto-merge a major version of this package, regardless of the terget configuration set by the user.
Moreover, we need to manage 2 main uses cases:

  1. users that rely on the default external application
  2. users that have a custom external installation

So, I think we should act on both sides: the external application and this GHA.

The GHA changes:

  • release the 2.4.1 version that does not automerge major PRs for github-action-merge-dependabot when the api_url configuration is not the default one.
  • it must set the step as FAILED. The message will be the migration guidelines.
  • it would be nice to post a message on the PR with a changelog notice not sure if this would work

The external application changes:

  • Skip the approve&merge for the github-action-merge-dependabot@v3 module.
  • It should REJECT the PR with a comment that:
    • warn the user to migrate and how to do that
    • warn that the external installation is being turned off in

These changes are not mandatories, since the changes on the GHA should be enough.
But I think the REJECT review is much more visible for the users than the workflow error.

Finally:

  • release the v3.0.0
  • turn off the external application in

NearForm developed it.

Yeah, I will add the credits for it

@simoneb
Copy link
Collaborator

simoneb commented Nov 26, 2021

Okay that sounds like a reasonable plan. Can we create a timeline to go through so we know we're not missing any steps? Then we close this issue when all steps are completed.

This was referenced Nov 26, 2021
Closed
Closed
Closed
Merged
@Eomm
major: removed external api call
d32ded2
@Eomm
clean unused code
7130f63 
increase coverage
@Eomm
add permissions
394e795 
fix test workflow
@Eomm
docs: add error message
83f5eb4 
fix feedback

fix readme

fix feedback
@Eomm Eomm linked an issue Dec 7, 2021 that may be closed by this pull request
Provide major (and minor) tags #112
Closed
2 tasks
@Eomm Eomm requested a review from simoneb December 13, 2021 11:11
simoneb
simoneb reviewed Dec 13, 2021
View reviewed changes
src/action.js
if (API_URL !== DEFAULT_API_URL &&
pkgName === 'github-action-merge-dependabot' &&
isMajorRelease(pr)) {
if (pkgName === 'github-action-merge-dependabot' && isMajorRelease(pr)) {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

shall we not move this check above, right after the check on whether it's a dependabot PR?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I added this check here after the exclude packages check because it seems less confusing for those users that have added the github-action-merge-dependabot into the exclude option.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

don't we want to fail independently of whether the package would eventually be automerged or not? ok maybe it doesn't make a big difference

simoneb
simoneb reviewed Dec 13, 2021
View reviewed changes
Copy link
Collaborator

@simoneb simoneb left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's make sure

src/action.js Outdated Show resolved Hide resolved
simoneb
simoneb reviewed Dec 13, 2021
View reviewed changes
README.md Outdated Show resolved Hide resolved
simoneb
simoneb reviewed Dec 13, 2021
View reviewed changes
Copy link
Collaborator

@simoneb simoneb left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

where is the migration guide?

@Eomm
Copy link
Member Author

Eomm commented Dec 13, 2021

where is the migration guide?

I plan to include the message here #107 (comment) into the GH release: `https://github.com/fastify/github-action-merge-dependabot/releases/tag/v3.0.0

@Eomm Eomm merged commit 767155d into main Dec 13, 2021
@Eomm Eomm deleted the pure-action branch December 13, 2021 14:24
@glensc glensc mentioned this pull request Jun 27, 2022
Merged
@glensc
Copy link

glensc commented Jun 27, 2022

actions stopped working with a 404:

Error: Request failed with status code 404: 
<html><head>
<meta http-equiv="content-type" content="text/html;charset=utf-8">
<title>404 Page not found</title>
</head>
<body text=#000000 bgcolor=#ffffff>
<h1>Error: Page not found</h1>
<h2>The requested URL was not found on this server.</h2>
<h2></h2>
</body></html>

example:

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@simoneb simoneb simoneb approved these changes

@github-actions github-actions[bot] github-actions[bot] approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Provide major (and minor) tags Remove backing web app
3 participants
@Eomm @simoneb @glensc