Manual Patch Rerun #66
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Apply Patch to Subrepos After Merge (Manual Run) | |
| # -------------------------------------------------- | |
| # This GitHub Actions workflow lets you manually run the patching logic for | |
| # previously merged pull requests in the monorepo. | |
| # | |
| # It is useful for cases where the automatic patch workflow failed (e.g., due | |
| # to fork PRs lacking secrets), or if configuration or credentials have changed. | |
| # | |
| # Key Steps: | |
| # 1. Validate that the caller has 'admin' or 'maintain' permission on the monorepo. | |
| # 2. Accept PR number as input. | |
| # 3. Generate a GitHub App token for authentication. | |
| # 4. Use a Python script to detect which subtrees were modified. | |
| # 5. For each changed subtree: | |
| # - Generate a patch from the merge commit for that subtree. | |
| # - Determine the appropriate author (based on PR metadata or fallback). | |
| # - Clone the target sub-repo and apply the patch. | |
| # - Amend the commit message to include links to the monorepo PR and commit. | |
| # - Push the commit directly to the sub-repo. | |
| # | |
| # This ensures downstream sub-repositories are updated to reflect changes | |
| # made in the monorepo, even if the original automated job failed. | |
| name: Manual Patch Rerun | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| pr: | |
| description: 'Pull request number to rerun patch logic for' | |
| required: true | |
| jobs: | |
| rerun-patch: | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - name: Validate maintainer permissions | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| echo "Actor is: ${{ github.actor }}" | |
| PERMISSION=$(gh api \ | |
| repos/${{ github.repository }}/collaborators/${{ github.actor }}/permission \ | |
| --jq .permission) | |
| if [[ "$PERMISSION" != "admin" && "$PERMISSION" != "maintain" ]]; then | |
| echo "❌ User ${{ github.actor }} is not authorized to run this workflow" | |
| exit 1 | |
| fi | |
| - name: Generate a token | |
| id: generate-token | |
| uses: actions/create-github-app-token@df432ceedc7162793a195dd1713ff69aefc7379e # v2.0.6 | |
| with: | |
| app-id: ${{ secrets.APP_ID }} | |
| private-key: ${{ secrets.APP_PRIVATE_KEY }} | |
| owner: ${{ github.repository_owner }} | |
| - name: Checkout code | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| with: | |
| sparse-checkout: .github | |
| sparse-checkout-cone-mode: true | |
| token: ${{ steps.generate-token.outputs.token }} | |
| - name: Set up Python | |
| uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0 | |
| with: | |
| python-version: '3.12' | |
| - name: Install python dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install pydantic requests | |
| - name: Set up Git user | |
| run: | | |
| git config user.name "assistant-librarian[bot]" | |
| git config user.email "assistant-librarian[bot]@users.noreply.github.com" | |
| - name: Detect changed subtrees from merged PR | |
| id: detect | |
| env: | |
| GH_TOKEN: ${{ steps.generate-token.outputs.token }} | |
| run: | | |
| python .github/scripts/pr_detect_changed_subtrees.py \ | |
| --repo "${{ github.repository }}" \ | |
| --pr "${{ github.event.inputs.pr }}" \ | |
| --config ".github/repos-config.json" \ | |
| --require-auto-push | |
| - name: Checkout full repo with changed subtrees | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| with: | |
| sparse-checkout: | | |
| .github | |
| ${{ steps.detect.outputs.subtrees }} | |
| token: ${{ steps.generate-token.outputs.token }} | |
| fetch-depth: 0 | |
| - name: Generate and apply patches | |
| env: | |
| GH_TOKEN: ${{ steps.generate-token.outputs.token }} | |
| run: | | |
| python .github/scripts/pr_merge_sync_patches.py \ | |
| --repo "${{ github.repository }}" \ | |
| --pr "${{ github.event.inputs.pr }}" \ | |
| --subtrees "${{ steps.detect.outputs.subtrees }}" \ | |
| --config ".github/repos-config.json" \ | |
| --debug |