CI: Auto cherry-pick to Gutenberg release branches#78879
Conversation
Mirror the existing WP Auto Cherry-Pick workflow for Gutenberg's own release branches. On merge of a PR labeled `Backport to Gutenberg RC`, cherry-pick the merge commit onto the highest `release/X.Y` branch, push, remove the label, and comment the target branch + cherry-pick SHA. The Gutenberg backport label is versionless (the two-week cadence makes a per-release label impractical), so the target branch is resolved by semver-sorting `release/*` and picking the highest. Conflicts post a manual-resolution comment, matching the WP workflow. This removes the need for manual cherry-pick PRs like #78848 for the label-driven picks. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
|
The following accounts have interacted with this PR and/or linked issues. I will continue to update these lists as activity occurs. You can also manually ask me to refresh this list by adding the If you're merging code through a pull request on GitHub, copy and paste the following into the bottom of the merge commit message. To understand the WordPress project's expectations around crediting contributors, please review the Contributor Attribution page in the Core Handbook. |
cbravobernal
added
[Type] Build Tooling
cbravobernal
added
[Package] Project management automation
| # Using pull_request_target instead of pull_request so that the workflow | ||
| # has access to repository secrets for fork PRs. | ||
| # https://docs.github.com/en/actions/writing-workflows/choosing-when-your-workflow-runs/events-that-trigger-workflows#pull_request_target | ||
| pull_request_target: |
There was a problem hiding this comment.
After recent events in the security world, are we still using pull_request_target?
There was a problem hiding this comment.
We are still using it. And the script is meant to run only in already reviewed and merged PRs. But happy to have a second opinion. @pkevan may help us?
|
Would it be better to also support "Backport to Gutenberg Minor Release" as well? |
Gutenberg Minors are usually less common than cherry-picking to RCs before a point release, maybe we could do it in a different PR. |
3 participants
What?
Adds
.github/workflows/cherry-pick-gutenberg-release.yml— an Auto Cherry-Pick workflow for Gutenberg's own release branches, mirroring the existing WP Auto Cherry-Pick workflow (cherry-pick-wp-release.yml).On merge of a PR to
trunklabeledBackport to Gutenberg RC, it:release/X.Y(semver sort).Backport to Gutenberg RClabel.Why?
Today these picks are done by hand — e.g. #78848 opened a manual cherry-pick PR onto
release/23.3. This automates the label-driven picks, the same way WP backports are already automated.Design notes
Backport to WP X.Y Beta/RC) impractical, so the label carries no version. The target branch is resolved by picking the highestrelease/X.Yinstead. The chosen target is commented on the PR so a wrong target (e.g. a label applied after stable shipped but before the next branch is cut) is easy to spot.pull_request_targettrigger, same pinned action SHAs, sameGUTENBERG_TOKENsecret (which bypassesrelease/*push protection — the restriction Backport to 23.3: 10 cherry-picks for stable #78848 worked around).Not covered (still manual)
Testing
Workflow logic mirrors the proven
cherry-pick-wp-release.yml1:1, differing only in label match, target-branch resolution, and label cleanup. Needs a maintainer to validate on a real merge once landed.🤖 Generated with Claude Code