Continuous integration (CI) tools for Julia package registries, including registry consistency testing, automatic merging (automerge) of pull requests, and automatic TagBot triggers
As discussed on Slack, this is a step towards running AutoMerge on non-Registrator PRs. We also need to tweak the if on General to run AutoMerge on forks.
Note that we don't provision the merging token unless the PR is not from a fork, so we do have some additional security from that.
The guideline shoudl help give a clear error to explain why merging is not happening.
I put the guideline near the end so we still run all the other checks (it is after the last :update_status).
This PR does not address the fact that these PRs could be bad in ways we aren't testing for, bc we are counting on RegistryTools-based PRs. Quoting @GunnarFarneback on Slack:
The well-formedness of the PR tests could probably be sharpened. If there is no guarantee that the changes are created by RegistryTools, it should be verified that the given tree hash has the right name, uuid, version in the project file.
As discussed on Slack, this is a step towards running AutoMerge on non-Registrator PRs. We also need to tweak the
ifon General to run AutoMerge on forks.Note that we don't provision the merging token unless the PR is not from a fork, so we do have some additional security from that.
The guideline shoudl help give a clear error to explain why merging is not happening.
I put the guideline near the end so we still run all the other checks (it is after the last
:update_status).This PR does not address the fact that these PRs could be bad in ways we aren't testing for, bc we are counting on RegistryTools-based PRs. Quoting @GunnarFarneback on Slack: