melange/update block: provide config option to indicate that automate…

…d pull requests should be merged in order rather than superseding and closing previous unmerged PRs Some packages such as [jenkins](https://github.com/wolfi-dev/os/blob/main/jenkins.yaml) are required to build all upstream versions. The default behaviour of the update bot will close previous automated update bot PRs superceeded by a new version. This new config option will allow maintainers to tell the update bot to _not_ close existing PRs if they have not yet been merged. Signed-off-by: James Rawlings <jrawlings@chainguard.dev>
chainguard-dev · Dec 7, 2024 · fcf2036 · fcf2036
1 parent e788406
commit fcf2036
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 1 deletion.
diff --git a/docs/UPDATE.md b/docs/UPDATE.md
@@ -25,7 +25,8 @@ package:
 update:
   enabled: true # provide a flag to easily prevent a package from receiving auto update PRs
   manual: true # indicates that this package should be manually updated, usually taking care over special version numbers which can be hard to automate
-  shared: false # indicate that an update to this package requires an epoch bump of downstream dependencies, e.g. golang, java
+  shared: false # indicate that an update to this package requires an epoch bump of downstream dependencies, e.g. golang, java 
+  require-sequential: true # Default: false - indicates that automated pull requests should be merged in order rather than superseding and closing previous unmerged PRs
   release-monitor:
     identifier: 38 # Mandatory, ID number for release monitor
     strip-prefix: v # Optional, if the version obtained from the update service contains a prefix which should be ignored
@@ -50,6 +51,7 @@ update:
   enabled: true # provide a flag to easily toggle a package from receiving auto update PRs
   manual: true # indicates that this package should be manually updated, usually taking care over special version numbers which can be hard to automate
   shared: false # indicate that an update to this package requires an epoch bump of downstream dependencies, e.g. golang, java
+  require-sequential: true # Default: false - indicates that automated pull requests should be merged in order rather than superseding and closing previous unmerged PRs
   github: # alternative today is `release_monitor:`
     identifier: sigstore/cosign # Mandatory, org/repo for github
     strip-prefix: v # Optional, if the version obtained from the update service contains a prefix which should be ignored

diff --git a/pkg/config/config.go b/pkg/config/config.go
@@ -681,6 +681,8 @@ type Update struct {
 	// Indicates that this package should be manually updated, usually taking
 	// care over special version numbers
 	Manual bool `json:"manual,omitempty" yaml:"manual"`
+	// Indicates that automated pull requests should be merged in order rather than superseding and closing previous unmerged PRs
+	RequireSequential bool `json:"require-sequential,omitempty" yaml:"require-sequential"`
 	// Indicate that an update to this package requires an epoch bump of
 	// downstream dependencies, e.g. golang, java
 	Shared bool `json:"shared,omitempty" yaml:"shared,omitempty"`