diff --git a/.github/policies/auto-merge.yml b/.github/policies/auto-merge.yml new file mode 100644 index 000000000..182524282 --- /dev/null +++ b/.github/policies/auto-merge.yml @@ -0,0 +1,41 @@ +id: +name: GitOps.PullRequestIssueManagement +description: GitOps.PullRequestIssueManagement primitive +owner: +resource: repository +disabled: false +where: +configuration: + resourceManagementConfiguration: + eventResponderTasks: + - description: Auto-squash-merge PRs to main labeled with auto-merge + triggerOnOwnActions: true + if: + - payloadType: Pull_Request + - labelAdded: + label: ":octocat: auto-merge" + - targetsBranch: + branch: main + then: + - enableAutoMerge: + mergeMethod: Squash + + - description: Auto-merge PRs to live labeled with auto-merge + triggerOnOwnActions: true + if: + - payloadType: Pull_Request + - labelAdded: + label: ":octocat: auto-merge" + - targetsBranch: + branch: live + then: + - enableAutoMerge: + mergeMethod: Merge + + - description: Don't auto-merge PRs with auto-merge label removed + if: + - payloadType: Pull_Request + - labelRemoved: + label: ":octocat: auto-merge" + then: + - disableAutoMerge diff --git a/.github/policies/label-issues.yml b/.github/policies/label-issues.yml new file mode 100644 index 000000000..89f5c82f7 --- /dev/null +++ b/.github/policies/label-issues.yml @@ -0,0 +1,74 @@ +id: +name: GitOps.PullRequestIssueManagement +description: GitOps.PullRequestIssueManagement primitive +owner: +resource: repository +disabled: false +where: +configuration: + resourceManagementConfiguration: + scheduledSearches: + - description: Label doc-bug issues with okr-health (scheduled search) + frequencies: + - hourly: + hour: 3 + filters: + - isIssue + - isOpen + - hasLabel: + label: doc-bug + - isNotLabeledWith: + label: okr-health + actions: + - addLabel: + label: okr-health + + eventResponderTasks: + - description: Add in-pr label to issues + if: + - payloadType: Pull_Request + then: + - inPrLabel: + label: in-pr + + - description: Synchronize OKR and release labels from PRs to closing issues + if: + - payloadType: Pull_Request + then: + - labelSync: + pattern: okr- + - labelSync: + pattern: ':checkered_flag: Release' + + - description: Label issues with okr-freshness (event-based) + if: + - payloadType: Issues + - or: + - titleContains: + pattern: freshness + isRegex: False + - titleContains: + pattern: out( |-)of( |-)date + isRegex: True + - titleContains: + pattern: stale + isRegex: False + then: + - addLabel: + label: okr-freshness + + - description: Label typo issues + if: + - payloadType: Issues + - isAction: + action: Opened + - titleContains: + pattern: (T|t)ypo + isRegex: True + then: + - addLabel: + label: doc-bug + - addLabel: + label: help wanted + - addLabel: + label: good first issue \ No newline at end of file diff --git a/.github/policies/label-prs.yml b/.github/policies/label-prs.yml new file mode 100644 index 000000000..091a18c06 --- /dev/null +++ b/.github/policies/label-prs.yml @@ -0,0 +1,102 @@ +id: +name: GitOps.PullRequestIssueManagement +description: GitOps.PullRequestIssueManagement primitive +owner: +resource: repository +disabled: false +where: +configuration: + resourceManagementConfiguration: + eventResponderTasks: + - description: Label community PRs + if: + - payloadType: Pull_Request + - isAction: + action: Opened + - and: + - not: + activitySenderHasPermission: + permission: Admin + - not: + activitySenderHasPermission: + permission: Write + - not: + isActivitySender: + user: github-actions[bot] + - not: + isActivitySender: + user: github-actions + - not: + isActivitySender: + user: azure-sdk + - not: + isActivitySender: + user: dependabot + then: + - addLabel: + label: community-contribution + + - description: Label publish PRs from the dotnet-policy-service bot + triggerOnOwnActions: true + if: + - payloadType: Pull_Request + - isAction: + action: Opened + - isActivitySender: + user: dotnet-policy-service[bot] + - titleContains: + pattern: Merge main into live + isRegex: False + then: + - addLabel: + label: ":octocat: auto-merge" + + - description: Label PRs from the Azure SDK bot + if: + - payloadType: Pull_Request + - isActivitySender: + user: azure-sdk + then: + - approvePullRequest: + comment: "Approved; this PR will merge when all status checks pass." + - addLabel: + label: ":octocat: auto-merge" + + - description: Label PRs from dependabot + if: + - payloadType: Pull_Request + - isActivitySender: + user: dependabot + then: + - approvePullRequest: + comment: "Approved; this PR will merge when all status checks pass." + - addLabel: + label: ":octocat: auto-merge" + + - description: Label PRs with okr-health + if: + - payloadType: Pull_Request + - or: + - titleContains: + pattern: build warning + isRegex: False + - bodyContains: + pattern: build warning + isRegex: False + then: + - addLabel: + label: okr-health + + - description: Label PRs with okr-freshness + if: + - payloadType: Pull_Request + - or: + - titleContains: + pattern: freshness + isRegex: False + - bodyContains: + pattern: freshness + isRegex: False + then: + - addLabel: + label: okr-freshness diff --git a/.github/policies/scheduled-prs.yml b/.github/policies/scheduled-prs.yml new file mode 100644 index 000000000..aebd9cab4 --- /dev/null +++ b/.github/policies/scheduled-prs.yml @@ -0,0 +1,19 @@ +name: GitOps.PullRequestIssueManagement - Scheduled PRs +description: Creates pull requests on a schedule +resource: repository + +where: +configuration: + resourceManagementConfiguration: + scheduledSearches: + - description: Push to live branch (scheduled publish) + frequencies: + - daily: + time: 08:0 + filters: [] + actions: + - createPullRequest: + head: main + base: live + title: "✅ Merge `main` into `live`" + body: "🤖 Queue merge when ready..." diff --git a/.github/workflows/dependabot-approve-and-automerge.yml b/.github/workflows/dependabot-approve-and-automerge.yml deleted file mode 100644 index cf9817f46..000000000 --- a/.github/workflows/dependabot-approve-and-automerge.yml +++ /dev/null @@ -1,27 +0,0 @@ -name: Dependabot auto-approve and auto-merge -on: pull_request - -permissions: - contents: write - pull-requests: write - -jobs: - dependabot: - runs-on: ubuntu-latest - if: ${{ github.actor == 'dependabot[bot]' && github.repository_owner == 'dotnet' }} - steps: - - name: Dependabot metadata - id: metadata - uses: dependabot/fetch-metadata@5e5f99653a5b510e8555840e80cbf1514ad4af38 - with: - github-token: "${{ secrets.GITHUB_TOKEN }}" - - name: Approve a PR - run: gh pr review --approve "$PR_URL" - env: - PR_URL: ${{github.event.pull_request.html_url}} - GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} - - name: Enable auto-merge for Dependabot PRs - run: gh pr merge --auto --merge "$PR_URL" - env: - PR_URL: ${{github.event.pull_request.html_url}} - GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} diff --git a/.github/workflows/merge-main-to-live.yml b/.github/workflows/merge-main-to-live.yml deleted file mode 100644 index ffc6c13fe..000000000 --- a/.github/workflows/merge-main-to-live.yml +++ /dev/null @@ -1,54 +0,0 @@ -name: go-live - -on: - workflow_dispatch: - inputs: - reason: - description: "The reason for running the workflow" - required: true - default: "Need to update live now, before daily scheduled run." - schedule: - # Run at midnight every day - - cron: "0 0 * * *" - -jobs: - go-live: - runs-on: ubuntu-latest - env: - GH_TOKEN: ${{ github.token }} - permissions: - contents: write - pull-requests: write - - steps: - - name: "Print manual run reason" - if: github.event_name == 'workflow_dispatch' - run: | - echo 'Reason: ${{ github.event.inputs.reason }}' - - - name: Check out code - uses: actions/checkout@main - - - name: Check for existing PR - id: exists - run: | - result=$(gh pr list --base live --head main --json number --jq '.[0].number' || echo "") - echo "PR_NUMBER=$result" >> $GITHUB_OUTPUT - shell: bash - - - name: Create pull request - id: create - if: steps.exists.outputs.PR_NUMBER == '' - run: | - gh pr create \ - --title "✅ Merge \`main\` into \`live\`" \ - --body "🤖 Queue merge when ready..." \ - --base live \ - --head main - echo "CREATED=true" >> $GITHUB_OUTPUT - - - name: Enable auto-merge for the pull request - if: steps.create.outputs.CREATED == 'true' - run: | - PR_NUMBER=$(gh pr list --base live --head main --json number --jq '.[0].number') - gh pr merge $PR_NUMBER --merge --auto