{"id":18079307,"url":"https://github.com/ashawley/aws-lambda-github-merge","last_synced_at":"2025-06-10T15:09:24.517Z","repository":{"id":150092800,"uuid":"76466831","full_name":"ashawley/aws-lambda-github-merge","owner":"ashawley","description":"Integrate GitHub PRs in AWS Lambda","archived":false,"fork":false,"pushed_at":"2023-04-13T19:09:34.000Z","size":243,"stargazers_count":3,"open_issues_count":12,"forks_count":1,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-04-12T13:13:23.706Z","etag":null,"topics":["aws-apigateway","aws-lambda","continuous-integration","git-flow","github-notifications","pr-workflow"],"latest_commit_sha":null,"homepage":null,"language":"Scala","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ashawley.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2016-12-14T14:30:28.000Z","updated_at":"2023-03-21T20:25:56.000Z","dependencies_parsed_at":"2023-06-05T07:45:28.378Z","dependency_job_id":null,"html_url":"https://github.com/ashawley/aws-lambda-github-merge","commit_stats":null,"previous_names":[],"tags_count":9,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ashawley%2Faws-lambda-github-merge","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ashawley%2Faws-lambda-github-merge/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ashawley%2Faws-lambda-github-merge/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ashawley%2Faws-lambda-github-merge/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ashawley","download_url":"https://codeload.github.com/ashawley/aws-lambda-github-merge/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ashawley%2Faws-lambda-github-merge/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":259098651,"owners_count":22804793,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aws-apigateway","aws-lambda","continuous-integration","git-flow","github-notifications","pr-workflow"],"created_at":"2024-10-31T12:42:13.487Z","updated_at":"2025-06-10T15:09:24.475Z","avatar_url":"https://github.com/ashawley.png","language":"Scala","readme":"[JGit]: https://eclipse.org/jgit/\n[JSch]: http://www.jcraft.com/jsch/\n[github-api]: https://github.com/code-check/github-api-scala\n[Async HTTP Client]: https://github.com/AsyncHttpClient/async-http-client\n[json4s]: http://json4s.org/\n[AWS Lambda Java libraries]: https://github.com/aws/aws-lambda-java-libs\n[SBT Assembly]: http://github.com/sbt/sbt-assembly\n[SBT]: http://scala-sbt.org\n[SLF4J]: https://www.slf4j.org/\n[Typesafe Scala Logging]: https://github.com/typesafehub/scala-logging\n[knobs]: http://verizon.github.io/knobs/\n[Typesafe Config]: https://typesafehub.github.io/config/\n\n## Merging pull requests on AWS Lambda with GitHub webhooks\n\n[![build](https://github.com/ashawley/aws-lambda-github-merge/actions/workflows/build.yml/badge.svg)](https://github.com/ashawley/aws-lambda-github-merge/actions/workflows/build.yml)\n\nThe following Scala code builds a Java JAR file that can run on AWS\nLambda to automatically continuously integrate pull requests for a\nGitHub project.\n\n### Overview\n\nA Scala program that is tightly coupled to the following libraries:\n\n- The Java library, [JGit], by Eclipse can clone Git repositories,\ncheckout branches, merge them and push them.\n- The Java library, [JSch], from JCraft provides SSH support for JGit\nincluding support for user and host key verification.\n- Use of the GitHub API is with a Scala library, [github-api], by SHUNJI\nKonishi of Codecheck.\n- Connect to GitHub's API over HTTP with a Java library, [Async HTTP\nClient], by Ning.\n- JSON serialization with the Scala library, [json4s], by Ivan Porto\nCarrero and KAZUHIRO Sera.\n- The [AWS Lambda Java libraries] by Amazon AWS provide the ability to\nrun the JAR in their *serverless* Java 8 runtime.\n- JAR produced using the SBT plugin, [SBT Assembly], by Eugene Yokota.\n- JVM file system housekeeping provided by the sbt.io Scala library,\nfrom [SBT] team at Lightbend, Inc.\n- Configuration file support managed by [knobs] from Verizon and\n[Typesafe Config] from Lightbend, Inc.\n- Logging provided by [SLF4J] of QoS.ch and [Typesafe Scala Logging] by\nLightbend, Inc.\n\nSteps in detail:\n\n- Receive event from GitHub by way of AWS API Gateway request\n- Load config file from `application.conf`\n- Verify repo in request is same repo in config file\n- Find name of base branch in config file to merge on to\n- Use GitHub token in config file to call GitHub API\n- Find all pull requests in the repo for the base branch\n- Set HEAD commit to all pull requests to pending\n- Checkout base branch with Git and SSH\n- Use SSH keys and known_hosts specified in config file\n- Use SSH keys and known_hosts included in JAR file\n- Create integration branch specified in config file with Git\n- Merge pull requests on to integration branch with Git\n- Force push to GitHub using Git and SSH\n- If merge succeeds, merged branches\n- If merge fails, don't push, and return unmergable branch\n- Notify success or failure with GitHub status API\n\n### Installing\n\nFor deploying the JAR see the INSTALLING file for instructions.\n\n### Contributing\n\nFor development tasks see the CONTRIBUTING file.\n\n### Warranty\n\n**Buyer beware**: This application will overwrite Git branches.\nShould the merge complete successfully, the application does a forced\npush to a branch of a remote Git repo.  The branch is the one that is\nconfigured in `application.conf`.  A forced push could result in data\nloss.  The SSH ~~deploy~~ user key added to GitHub will have access to\nall the repos the user is configured for.  However, by the nature of\nprivate repos in GitHub, write access to a root repo in GitHub will\nprovide the same access to forked repos.  This is advantageous since\nthe program requires read-access to forks.  Public repos provide\nread-access, by default, ~~without a deploy key~~ for any GitHub user.\nSince this program requires write-access to the repo configured in\n`application.conf`, the ~~deploy~~ user key will have write-access to\n~~forks of private~~ all repos that user has access to.\n\n The code will verify that the Git repo specified in\n`application.conf`, including the branch to monitor for pull requests.\n\nThe application as written doesn't catch any exceptions.  There's no\nneed for the program to recover given it is an internal task that runs\nin AWS Lambda, a serverless environment.\n\nThe SSH key used to pull from private repos or push to repositories,\nis included in the JAR file.  This is a security concern, since the\nSSH key will have write privileges to remote Git repositories at\nGitHub.\n\nCurrently, if there is an error then it results in an exception being\nthrown and execution being halted.\n\nSome of the failure conditions that should be caught with a friendly\nerror message, include\n\n- Unable to read or write to temporary directory on filesystem\n- Conf file missing from JAR\n- Conf file missing directives\n- API Gateway json is malformed\n- GitHub json is malformed\n- SSH keys missing from the JAR\n- SSH hosts key file, `known_hosts`, is missing from JAR\n- SSH host key verification fails\n- Git client is broken or unavailable\n- Git server is broken or unavailable\n- A Git remote doesn't exist\n- Base branch doesn't exist\n- HTTP is broken or unavailable\n- GitHub API is broken or unavailable\n- Configuring Git remotes fails\n- Git fetching fails\n- Checking out remote branch fails\n- Git merge fails\n- Git push to remote fails\n\n### References\n\n- https://developer.github.com/webhooks/\n- http://aws.amazon.com/blogs/compute/writing-aws-lambda-functions-in-scala/\n- http://aws.amazon.com/blogs/compute/dynamic-github-actions-with-aws-lambda/\n- http://eclipse.org/jgit/\n- http://github.com/code-check/github-api-scala/\n- http://www.jcraft.com/jsch/\n- http://github.com/ashawley/aws-lambda-scala-hello-world\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fashawley%2Faws-lambda-github-merge","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fashawley%2Faws-lambda-github-merge","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fashawley%2Faws-lambda-github-merge/lists"}