Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature: auto rebase of PRs #1358

Open
laurentsimon opened this issue Dec 4, 2021 · 6 comments
Open

Feature: auto rebase of PRs #1358

laurentsimon opened this issue Dec 4, 2021 · 6 comments
Labels
kind/enhancement New feature or request Stale

Comments

@laurentsimon
Copy link
Contributor

laurentsimon commented Dec 4, 2021
edited
Loading

We spend too much time rebasing PRs to kick off pre-submit runs. Especially when we have many PRs open, it's a waste of time.
It would be great to be able to auto-rebase PRs automatically, so that once we've clicked "auto-merge" button, the PR gets merged automatically when they can (of course, LGTM should still be enforced).

I found this https://github.com/marketplace/actions/automatic-rebase which seems encouraging. I wonder if this requires dangerous write permissions... since it needs to push to remote cloned branch...?
Answering my own questions: cirrus-actions/rebase#84 they need pull-request:write` and this is a danger in itself since it allows changing the code before we merge :/
Probably we need to review the code and pin to this hash for the code we've looked at.

Do we loose other important things by using an auto PR rebase feature?
@laurentsimon laurentsimon added the kind/enhancement New feature or request label Dec 4, 2021
@laurentsimon
Copy link
Contributor Author

@naveensrinivasan @azeemsgoogle @chrismcgehee @oliverchang

@laurentsimon
Copy link
Contributor Author

their code is mostly a shell script and a docker files that pulls a few utilities https://github.com/cirrus-actions/rebase/blob/master/Dockerfile#L12

@laurentsimon
Copy link
Contributor Author

file https://github.com/cirrus-actions/rebase/blob/master/entrypoint.sh looks ok. There are a few places where it does not put env variable between "", which is also caught when I used https://www.shellcheck.net/ on their code.

@evverx
Copy link
Contributor

evverx commented Dec 4, 2021

@laurentsimon I wonder why PRs would have to be rebased in the first place? Considering that PRs are usually reviewed almost as soon as they are opened I think as long as they don't conflict with the main branch it should be fine to merge them even if GitHub says that they are out of date. If it isn't clear whether PRs can break something it's always possible to ask contributors to force-push their branches to retrigger the tests and let GHActions rebase/merge them on top of the main branch to make sure the CI is green.

@evverx
Copy link
Contributor

evverx commented Dec 4, 2021

Looking at https://github.com/marketplace/actions/automatic-rebase it seems for it to work it has to change contributors' repositories and personally I wouldn't be happy if bots rebased branches in my repositories :-) Another issue is that contributors can flip the "Allow edits and access to secrets by maintainers" flag to prevent changes like that.

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 4, 2023

This issue is stale because it has been open for 60 days with no activity.

@github-actions github-actions bot added the Stale label Nov 4, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/enhancement New feature or request Stale
Projects
Scorecard - NEW
Status: No status
Milestone
No milestone
Development

No branches or pull requests
2 participants
@evverx @laurentsimon