-
Notifications
You must be signed in to change notification settings - Fork 4.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[mergify] backport automation to 7.x, 7.12 and 7.11 #24608
Conversation
.mergify.yml
Outdated
- name: backport patches to 7.x branch | ||
conditions: | ||
- base=master | ||
- label=backport-to-7.x |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Labels to be agreed!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think we should use the existing labels like v7.13.0
so people don't have to duplicate them.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, I added a comment to remember we need to set the labels accordingly.
For the record, we have a WiP automation to apply the same labels across all the observability repositories, therefore it will be quite simple to apply a new label everywhere.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think we should use the existing labels like v7.13.0 so people don't have to duplicate them.
We backport too often after FF, sometimes right before release time leaving us with fixes that didn't make it into the release. From past experience we've been notoriously bad at telling which exact a fix/features is in. I think I would prefer to tell the target branch instead of the exact version.
.mergify.yml
Outdated
- name: backport patches to 7.12 branch | ||
conditions: | ||
- base=master | ||
- label=backport-to-7.12 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Labels to be agreed
.mergify.yml
Outdated
- name: backport patches to 7.11 branch | ||
conditions: | ||
- base=master | ||
- label=backport-to-7.11 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Labels to be agreed!
💚 Build Succeeded
Expand to view the summary
Build stats
Trends 🧪❕ Flaky test reportNo test was executed to be analysed. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I know this is a backport (sorry!) and I should have commented on the original, but I didn't realize until now -- did the original come with any developer documentation?
It might be good to find a home for this somewhere in here: https://github.com/elastic/beats/tree/master/docs/devguide
One thing that becomes more and more important from my perspective is that we have consistency across repositories. There are quite a few engineers that work on beats, kibana, integrations and other repositories. Having to use different tools for each repository is a hurdle. The same is the case for the labels, they have to be consistent. Kibana uses the backport tool today and it seems to work well. So I would like to understand why we can't do the same here as Kibana. |
In order to help with the rationale about this PR, let me highlight what happened for having two different PRs for a similar problem:
In a nutshell:
Regarding the GitHub labels:
|
This sounds great. As long as the dev does not need to have specific knowledge if it is in Kibana or Beats, this sounds great. And I think short term it is more important to having A tool than none. I'm pretty sure the devil / differences are somewhere in the details but we will find out. Lets keep moving on this in case @sqren agrees. My main ask is to make sure labels are aligned so the statement above holds true. Long term I think we should align tooling. |
Going the mergify route is good with me. I agree with @ruflin that the user experience should be the same if you contribute to kibana or beats. I'm curious to hear what happens when the mergify backport fails. How does it delegate the resolution to the end user? Running |
The backport action in It won't add any notifications to the original PR. But create a PR with the label. See below to illustrate a real example: elastic/apm-pipeline-library#978 is one example for instance
Further details in https://docs.mergify.io/commands.html |
The user only need to run the backport tool locally if a conflict occurs. Similar to how the mergify approach requires the user to checkout the branch locally and resolve the conflicts. imo the mergify approach is a little more tedious, especially if there are multiple branches with conflicts (like the example above) but we'll see. |
we can add a comment with the instructions to backport the PR with backport locally in case of failure https://docs.mergify.io/examples.html#request-for-action |
That sounds like a good idea 👍 |
.mergify.yml
Outdated
actions: | ||
comment: | ||
message: | | ||
This pull request is now in conflicts. Could you fix it @{{author}}? 🙏 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
author
won't be resolved correctly -> Mergifyio/mergify#1096
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just want to mention here that while Mergify is free for public repos (and very good IMHO!), its per-organization pricing may be a barrier if we ever want to roll it out to private repos. If tooling consistency across repos/teams is a concern, we should take this into account. |
Master and 7.x are mostly in sync. We seldomly have conflicts on the code and often it is a sign of a missing backport. I don't consider this a big problem. Smaller conflicts (e.g. on the changelog) can be fixed via the github UI. With mergify doing the backport, will the PR be assigned to the original author? |
No, Backport are not assigned to the original contributor. See my comment in #24608 (comment) Off the top of my head, an easy Meanwhile, I'll look it at if we can contribute to the mergify source code to provide that feature |
Oh, I thaught this is about the author only. As backports still might need manual intervention (changelog), I was just wondering if we can as a fallback just add the original author as 'reviewer' or 'assignee'. What is the title of the backport PR? The changelog scripts extract the original PR of a backport based on the PR title. |
The tile is the original backport's title in addition to A real example, elastic/e2e-testing#935 was the original PR and created: |
Thanks. This format will not match our regex, but it should just be a one liner here. |
.mergify.yml
Outdated
- name: backport patches to 7.12 branch | ||
conditions: | ||
- base=master | ||
- label=v7.12.0 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
How exactly will the labels work?
a. If we are about to release 7.12.0, I might want to use the label v7.12.1
, in order to postpone the backport for after the release is out. Will we update the version filter here after a release? If so, will my PR automatically backported when we update the label filter here?
b. Will my PR be backported if I add v7.12.0
even after lets say 7.12.1 was released? (Although it might be a bit confusing to users looking at the PR labels to figure out if a bug fix is available)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'll answer your questions in a minute, for clarity, the initial proposal was to use the existing labels vmajor.minor.0
(see #24576 (comment))
a. If we are about to release 7.12.0, I might want to use the label v7.12.1, in order to postpone the backport for after the release is out. Will we update the version filter here after a release? If so, will my PR automatically backported when we update the label filter here?
Yes, mergify
works for even PRs which were not backported after the merge, as long as the label is added. In addition you can use the github comment
= @Mergifyio backport <destination> will backport this PR on <destination> branch
To illustrate the above, I just tagged elastic/apm-pipeline-library#1053 with the explicit label and elastic/apm-pipeline-library#1056 was created. NOTE: for some reason the timestamp for the label does not match with when I did it, (about 7 minutes ago instead of 2 days...)
b. Will my PR be backported if I add v7.12.0 even after lets say 7.12.1 was released? (Although it might be a bit confusing to users looking at the PR labels to figure out if a bug fix is available)
Yes, backports with mergify don't know about releases but branches and labels.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
a. If we are about to release 7.12.0, I might want to use the label v7.12.1, in order to postpone the backport for after the release is out. Will we update the version filter here after a release? If so, will my PR automatically backported when we update the label filter here?
if the mergify config is updated with that branch before you merge the PR, the PR would backported.
b. Will my PR be backported if I add v7.12.0 even after lets say 7.12.1 was released? (Although it might be a bit confusing to users looking at the PR labels to figure out if a bug fix is available)
the backport is made on a new PR when you merge the fixed PR, if the labels and mergify configuration are in place when you merge, a new PR is made to every branch that you requested backport with the labels.
There is an alternative way to make the backports manually using a GitHub comment (see https://docs.mergify.io/commands.html#backport)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe to clarify case a:
- mergify only backports if label
v7.12.0
is set - I create a PR and merge it
- I add the label
v7.12.1
to my PR (because of FF I don't want the change be backported yet) - Version 7.12.0 gets released
- After 7.12.0 is released we update the mergify configuration to backport if
v7.12.0
orv7.12.1
is set.
After step 5, will my old PR be picked up automatically or am I required to remember that I did have a 2 weeks old PR that I must now 'manually' backport by adding a comment to the PR (or remove + add label again).
Case b is a little unfortunate as labels do not necesarrily reflect reality, but well, it's the way it is.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
After 7.12.0 is released we update the mergify configuration to backport if v7.12.0 or v7.12.1 is set.
this happens after you merge the PR, mergify does not review old merged PRs, so the backport is not made. In this case, you have to manually backport the PR, either from the PR with a GiHub Comment or as you make now from your laptop.
However, if we detect changes on the mergify configfile can trigger something that reviews all PRs with the new label and make backport mergify comments on those PRs, but this is something not out of the box. We have to see if this use case exists and how many times it happens, then we can evaluate the effort and the value of this process.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
AFAIK if you fix something in branch 7.12 that has the version 7.12.0 this will be in the 7.12 branch (the same major.minor) that will contain the version 7.12.1 (different patch), so in the case you put as an example there is no backport.
I can see a case similar of what you explain between minor versions, but in those case you use the branch 7.x
and then you backport to 7.12
, 7.11
, ... in those cases the branch already exists so the backport is made.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
To help to unblock this 🧵
Since there is no backport automation in place for this project I see the benefits of enabling it for facilitating the backporting process, but I don't know if it could cause any issues. Although, mergify
requires certain discipline regarding what labels should be added.
Do you think if we enable mergify
it will help with the backporting? Or is it required to solve all of the above-mentioned use cases?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't think either behavior is a blocker and adding mergify is an improvement either way. As we have to document the backport process in our how to guides. I'm trying to figure out how it works and where we have potential gotchas that we should document as well. I did just bring up the two cases as we've seen them from time to time in the past: label does not match actual release + us holding of with backport in order to target the next patch release... cough... kafka ... cough.
I contributed with a new feat -> Mergifyio/mergify#2336 (wait for their feedback) |
Nice. Let's push this PR here anyways. We can still enhance the experience once the mergify feature is merged. |
* upstream/master: (91 commits) [Filebeat] Change okta.target to nested field (elastic#24636) Add RFC5424 format support for syslog input (elastic#23954) Fix links to Beats product pages (elastic#24821) [DOCS] Fix 'make setup' instructions for a new beat (elastic#24944) Remove duplicate decode_xml entry (elastic#24941) [libbeat] Add wineventlog schema to decode_xml processor (elastic#24726) [Elastic Agent] Add check for URL set when cert and cert key. (elastic#24904) feat: stage execution cache (elastic#24780) Fix error in Journalbeat commands (elastic#24880) Add baseline ECS 1.9.0 upgrade (elastic#24909) [Elastic Agent] Cloud container legacy apm files. (elastic#24896) [Elastic Agent]: Reduce allowed socket path length (elastic#24914) Add ability to destroy indices with wildcards in testing (elastic#24915) Add status subcommand to report status of running daemon. (elastic#24856) Fix types of fields GetHits and Ops in Metricbeat module for Couchbase (elastic#23287) Add support for Filestream input in elastic agent. (elastic#24820) Implement k8s secrets provider for Agent (elastic#24789) Sort processor list in docs (elastic#24874) Add support for SCRAM authentication in kafka metricbeat module (elastic#24810) Properly update offset in case of unparasable line (elastic#22685) ...
Mergify commit status checks won't be waiting for but the backport will happen after the PR has been merged as expected but the checks won't be enabled
If we agree in our monthly meeting today, then I'll proceed with merging this PR. |
@@ -29,7 +32,7 @@ pull_request_rules: | |||
actions: | |||
comment: | |||
message: | | |||
This pull request is now in conflicts. Could you fix it @{{author}}? 🙏 | |||
This pull request is now in conflicts. Could you fix it? 🙏 | |||
To fixup this pull request, you can check out it locally. See documentation: https://help.github.com/articles/checking-out-pull-requests-locally/ | |||
``` | |||
git fetch upstream |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Wouldn't it be easier to ask the user to use a tool for this? Either running mergify locally or backport.
In Kibana we help the user like this:
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
good point. I don't know what's the tool the team have in place for that, in order to be be tool-agnostic the message provides the git commands to solve it locally.
I'll keep a note to iterate on this and make the user experience smooth. Thanks for the feedback :)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Most people use the dev-tools/cherry-pick-pr
tool in the Beats repo it seems. But a few contributors use the nodejs backport tool. Both are supported. For the changelog we have a 'requirement' on the PR title to properly link to the original PR, so we can find unique PRs and double check if these features are really released (github tags can be missleading). Both tools are supported by our changelog scripts. Using custom git commands might be a problem if the title is not properly formatted (unless we add another lint check on the PR title for backports).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We can then iterate with the existing tools, the current comment intends to help with fixing the just created backport PR that has got some conflicts, so we might need to think about that particular use case. I'll keep a note for the upcoming iterations
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
As agreed we will roll out this automation in two phases:
- experimental one by using the
backport-vMajor.Minor.0
labels. Therefore, users should use those new tags. - production, so remove the
backport-vMajor.Minor.0
labels and use the usual ones.
I'll proceed with an email in the mailing list to explain how this will work.
…eline * upstream/master: CI: curl seems to be available but where cannot find it (elastic#24965) [mergify] backport automation to 7.x, 7.12 and 7.11 (elastic#24608) Only show deprecation warnings for CN-based verification once (elastic#24948) CI: use ubuntu-20 (elastic#24963) Debug empty root field instead of error (elastic#24966) Kubernetes_secrets provider improvements (elastic#24912)
What does this PR do?
Enable backports with mergify.
Why is it important?
Mergify
provides different mechanism to interact with PRs and automate certain process.Use cases
We enabled it for the https://github.com/elastic/apm-pipeline-library/ project for three different automations:
Some examples
Backports to 7.x -> elastic/apm-pipeline-library#995
Merges to master -> elastic/apm-pipeline-library#994
Pros
infosec
team approved.Cons
.backportrc.json
is automatically modified when new branches are created -> https://github.com/elastic/beats/pull/24098 . Therefore
.mergify.yml` could be also modified accordingly.Issues
backport
workflow #24576Actions
mergify
app in this project.