Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/vankka/pr-target-branch-action
A GitHub action to check that a PR's target branch is correct, commenting and/or changing it if required
https://github.com/vankka/pr-target-branch-action
Last synced: 2 months ago
JSON representation
A GitHub action to check that a PR's target branch is correct, commenting and/or changing it if required
- Host: GitHub
- URL: https://github.com/vankka/pr-target-branch-action
- Owner: Vankka
- License: mit
- Created: 2021-05-13T16:59:26.000Z (over 3 years ago)
- Default Branch: main
- Last Pushed: 2024-06-07T19:23:55.000Z (7 months ago)
- Last Synced: 2024-10-26T10:37:40.045Z (3 months ago)
- Language: JavaScript
- Size: 469 KB
- Stars: 10
- Watchers: 2
- Forks: 2
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# PR Target Branch Action
A GitHub action to check that a PR's target branch is correct, commenting and/or changing it if required
## Example usage
**Please note** using `pull_request_target` can be dangerous, read [GitHub's security article here](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/) before using examples with it
```yaml
name: Make sure new PRs are sent to development
on:
pull_request_target:
types: [opened, edited]
jobs:
check-branch:
runs-on: ubuntu-latest
permissions:
pull-requests: write
steps:
# Do not checkout the repository here. See https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ for more information
- uses: Vankka/pr-target-branch-action@v3
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
target: main
exclude: development # Don't prevent going from development -> main
change-to: development
comment: |
Your PR's base branch was set to `main`, PRs should be set to target `development`.
The base branch of this PR has been automatically changed to `development`, please check that there are no merge conflicts
```
When `change-to`, `comment`, `already-exists-action`, `already-exists-comment` and `already-exists-other-comment` are not used, pull_request_target and the GITHUB_TOKEN are not required. The Action will just fail (instead of changing the base branch or commenting) when the target branch is wrong.
```yaml
name: Make sure new PRs are sent to development
on:
pull_request:
types: [opened, edited]
jobs:
check-branch:
runs-on: ubuntu-latest
permissions:
pull-requests: write
steps:
# Do not checkout the repository here. See https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ for more information
- uses: Vankka/pr-target-branch-action@v3
with:
target: main
exclude: development # Don't prevent going from development -> main
```
### Full example
Contains all the options, not necessarily a good configuration - see `already-exists-action` for more details
```yaml
name: Make sure new PRs are sent to development
on:
pull_request_target:
types: [opened, edited]
jobs:
check-branch:
runs-on: ubuntu-latest
permissions:
pull-requests: write
steps:
# Do not checkout the repository here. See https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ for more information
- uses: Vankka/pr-target-branch-action@v3
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
target: main
exclude: development # Don't prevent going from development -> main
change-to: development
comment: |
Your PR's base branch was set to `main`, PRs should be set to target `development`.
The base branch of this PR has been automatically changed to `development`, please check that there are no merge conflicts
already-exists-action: close_other_continue
already-exists-comment: "Closing {url} as it has the same base branch"
already-exists-other-comment: "This PR was closed in favor of {url}"
```
## `Error: Resource not accessible by integration`
If you run into this error when running this action please enable `Write` permissions for actions in your repository settings.
You can do this by going to `Settings > Actions > General` and ticking `Read and write permissions` under `Workflow permissions`.
If you want to restrict what permissions the action has access to, you can do so by following [Github's documentation](https://docs.github.com/en/actions/security-guides/automatic-token-authentication#modifying-the-permissions-for-the-github_token) or as specified in the above examples
# Variables
## target (Required)
The base branch this action will check for, this also accepts a Regular Expression (pre- and suffixed with /, the pattern should match only the branch name), example values:
```
# Only matches the development branch
development
# Match all branches matching the pattern: feature-\w+
/feature-\\w+/
```
Multiple values can be provided with a string of values separated by spaces, example:
```
include: "main development v1"
```
## include
Head (or compare) branch(es) that are subject to checking, can be provided with a branch name, `organization/owner name:branch name` or a Regular Expression matching the latter. Also supports providing multiple targets by using spaces. Example values:
```
# Match the target project's branch called development
development
# Only match GitHub's development branch
GitHub:development
# Match PRs from all of GitHub's branches
/GitHub:.*/
```
Multiple values can be provided with a string of values separated by spaces, example:
```
include: "main development v1"
```
## exclude
Head (or compare) branch(es) that will **not** be checked, can be provided with a branch name, `organization/owner name:branch name` or a Regular Expression matching the latter. Also supports providing multiple targets by using spaces. Example values:
```
# Match the target project's branch called development
development
# Only match GitHub's development branch
GitHub:development
# Match PRs from all of GitHub's branches
/GitHub:.*/
```
Multiple values can be provided with a string of values separated by spaces, example:
```
exclude: "main development v1"
```
## change-to
What the PRs base branch should be changed to if the base branched matches the given criteria.
Requires using the `pull_request_target` event and including the `GITHUB_TOKEN` environment variable
## comment
The comment to post if the base branch matches the given criteria.
Requires using the `pull_request_target` event and including the `GITHUB_TOKEN` environment variable
## already-exists-action
**Only if change-to is specified,** the action to take if another open PR with the same head & base branches exists
### error
The action simply fails, this is the default value
### close_this
Closes this PR
### close_other
Closes the other PR. Keep in mind this ignores if the other pr was created by someone else.
### close_other_continue
Closes the other PR, and processes `change-to` and `comment` as normal. Keep in mind this ignores if the other pr was created by someone else.
### nothing
Nothing special happens, `already-exists-comment` will be posted if it is specified
## already-exists-comment
**Only if change-to is specified,** the comment to post if another open PR with the same head & base branches exists.
Use {number} to get the pull request number or {url} to get the pull request link for the other pr.
## already-exists-other-comment
The comment to post on the other pr if a pr is closed due to `already-exists-action` being set to `close_other` or `close_other_continue`.
Use {number} to get the pull request number or {url} to get the pull request link for the pr that wasn't closed.