Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add workflow to update PR title based on target branch version #18835

Merged
merged 8 commits into from
Oct 14, 2024
Merged

Add workflow to update PR title based on target branch version #18835

Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
4160c31
Add workflow to update PR title based on target branch version
arash77 Sep 17, 2024
17a124e
Use pull_request_target instead of pull_request
arash77 Sep 17, 2024
e5acd13
use branches instead of if in the job, add permissions
arash77 Sep 17, 2024
d3c9e03
Trigger workflow on edited PR
arash77 Sep 17, 2024
6a8df78
Merge branch 'galaxyproject:dev' into Update-PR-Title-Workflow
arash77 Oct 1, 2024
b5d1432
checkout first as it need to run git commands
arash77 Oct 10, 2024
f4ffa9d
More generic and shorter title
arash77 Oct 11, 2024
9433ece
Using github action contexts instead of gh CLI
arash77 Oct 14, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
27 changes: 27 additions & 0 deletions .github/workflows/pr-title-update.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
name: Update PR title

on:
pull_request_target:
types: [opened, edited]
branches:
- "release_**"

jobs:
update-title:
runs-on: ubuntu-latest
permissions:
pull-requests: write
steps:
- uses: actions/checkout@v4
- name: Update PR title
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
nsoranzo marked this conversation as resolved.
Show resolved Hide resolved
run: |
PR_NUMBER=${{ github.event.pull_request.number }}
TARGET_BRANCH="${{ github.base_ref }}"
PR_TITLE="${{ github.event.pull_request.title }}"
VERSION=$(echo $TARGET_BRANCH | grep -oP '\d+\.\d+')
if [[ -n "$VERSION" && ! "$PR_TITLE" =~ ^\[$VERSION\] ]]; then
NEW_TITLE="[$VERSION] $PR_TITLE"
gh pr edit $PR_NUMBER --title "$NEW_TITLE"
fi
Comment on lines +19 to +27

Check failure

Code scanning / CodeQL

Expression injection in Actions Critical

Potential injection from the ${{ github.event.pull_request.title }}, which may be controlled by an external user.
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should we sanitize PR_TITLE to prevent injection here or is it unnecessary?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not sanitize it, but define it in env: : #18987

Loading