flang: init at 16.x #1144696
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # WARNING: | |
| # When extending this action, be aware that $GITHUB_TOKEN allows write access to | |
| # the GitHub repository. This means that it should not evaluate user input in a | |
| # way that allows code injection. | |
| name: Backport | |
| on: | |
| pull_request_target: | |
| types: [closed, labeled] | |
| permissions: | |
| contents: read | |
| issues: write | |
| pull-requests: write | |
| defaults: | |
| run: | |
| shell: bash | |
| jobs: | |
| backport: | |
| name: Backport Pull Request | |
| if: vars.NIXPKGS_CI_APP_ID && github.event.pull_request.merged == true && (github.event.action != 'labeled' || startsWith(github.event.label.name, 'backport')) | |
| runs-on: ubuntu-24.04-arm | |
| steps: | |
| # Use a GitHub App to create the PR so that CI gets triggered | |
| # The App is scoped to Repository > Contents and Pull Requests: write for Nixpkgs | |
| - uses: actions/create-github-app-token@df432ceedc7162793a195dd1713ff69aefc7379e # v2.0.6 | |
| id: app-token | |
| with: | |
| app-id: ${{ vars.NIXPKGS_CI_APP_ID }} | |
| private-key: ${{ secrets.NIXPKGS_CI_APP_PRIVATE_KEY }} | |
| permission-contents: write | |
| permission-pull-requests: write | |
| - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| with: | |
| ref: ${{ github.event.pull_request.head.sha }} | |
| token: ${{ steps.app-token.outputs.token }} | |
| - name: Log current API rate limits | |
| env: | |
| GH_TOKEN: ${{ steps.app-token.outputs.token }} | |
| run: gh api /rate_limit | jq | |
| - name: Create backport PRs | |
| id: backport | |
| uses: korthout/backport-action@0193454f0c5947491d348f33a275c119f30eb736 # v3.2.1 | |
| with: | |
| # Config README: https://github.com/korthout/backport-action#backport-action | |
| copy_labels_pattern: 'severity:\ssecurity' | |
| github_token: ${{ steps.app-token.outputs.token }} | |
| pull_description: |- | |
| Bot-based backport to `${target_branch}`, triggered by a label in #${pull_number}. | |
| * [ ] Before merging, ensure that this backport is [acceptable for the release](https://github.com/NixOS/nixpkgs/blob/master/CONTRIBUTING.md#changes-acceptable-for-releases). | |
| * Even as a non-committer, if you find that it is not acceptable, leave a comment. | |
| - name: Log current API rate limits | |
| env: | |
| GH_TOKEN: ${{ steps.app-token.outputs.token }} | |
| run: gh api /rate_limit | jq | |
| - name: "Add 'has: port to stable' label" | |
| if: steps.backport.outputs.created_pull_numbers != '' | |
| uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 | |
| with: | |
| # Not using the app on purpose to avoid triggering another workflow run after adding this label. | |
| script: | | |
| await github.rest.issues.addLabels({ | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| issue_number: context.payload.pull_request.number, | |
| labels: [ '8.has: port to stable' ] | |
| }) |