Skip to content

ci: enable GitHub merge queue#5036

Merged
Yicong-Huang merged 5 commits into
apache:mainfrom
Yicong-Huang:ci/enable-merge-queue
May 12, 2026
Merged

ci: enable GitHub merge queue#5036
Yicong-Huang merged 5 commits into
apache:mainfrom
Yicong-Huang:ci/enable-merge-queue

Conversation

@Yicong-Huang
Copy link
Copy Markdown
Contributor

@Yicong-Huang Yicong-Huang commented May 12, 2026
edited
Loading

What changes were proposed in this PR?

This PR enables GitHub merge queue for the default branch so ready PRs no longer need to repeatedly update against main after other PRs land.

Configuration changes:

  • Add the required meta.environment: github_rulesets section for ASF-managed GitHub rulesets.
  • Replace the previous protected_branches.main configuration with a default-branch ruleset.
  • Keep the existing review gate: 1 approval, resolved review conversations, no code-owner requirement, and no last-push approval requirement.
  • Keep the existing required checks: Required Checks, Check License Headers, and Validate PR title.
  • Preserve GitHub auto-merge support.
  • Disable the old strict branch-up-to-date policy so merge queue validates the final merge result instead of requiring every PR branch to be updated manually.
  • Set the merge queue check timeout to 30 minutes because required checks are expected to finish in under 20 minutes, leaving buffer for runner startup or occasional slow runs.

Workflow changes:

  • Add the merge_group event to required workflows so required checks run on merge queue refs.
  • Keep PR title validation on pull_request_target; make the merge_group path a no-op because the PR title is validated before a PR enters the queue.

Expected behavior:

  • Merge queue creates a temporary ref for main + queued PR(s) and runs required checks there.
  • CI may run once before a PR enters the queue and once after it enters the queue.
  • The second run protects main from integration failures in the queued merge result.
  • If a merge-group run fails or times out, GitHub does not merge that group and the affected PR needs to be fixed/requeued.

Temporary auto-queue removal:

  • Remove .github/workflows/auto-queue.yml because GitHub native merge queue replaces that scripted auto-queue behavior.
  • Do not add any emergency label behavior in this PR. Emergency priority should be handled manually through GitHub queue controls or admin bypass if truly necessary.

Any related issues, documentation, discussions?

Closes #4553, also discussed in https://issues.apache.org/jira/browse/INFRA-27864

How was this PR tested?

Ran local configuration checks:

ruby -e 'require "yaml"; [".asf.yaml", ".github/workflows/required-checks.yml", ".github/workflows/check-header.yml", ".github/workflows/lint-pr.yml"].each { |f| YAML.load_file(f); puts "ok #{f}" }'
ruby -e 'require "yaml"; cfg=YAML.load_file(".asf.yaml"); abort "missing meta" unless cfg["meta"] && cfg["meta"]["environment"] == "github_rulesets"; mq=cfg["github"]["rulesets"].find { |r| r["name"] == "Merge Queue" }; abort "missing merge queue" unless mq; abort "main branch protection still present" if cfg.dig("github", "protected_branches", "main"); checks=mq["rules"].find { |r| r["type"] == "required_status_checks" }["parameters"]["required_status_checks"].map { |c| c["context"] }; abort checks.inspect unless checks == ["Required Checks", "Check License Headers", "Validate PR title"]; puts "asf ruleset sanity ok"'
git diff --check

No automated runtime tests were added because this PR only changes repository/GitHub Actions configuration.

Was this PR authored or co-authored using generative AI tooling?

Generated-by: OpenAI Codex (GPT-5)

@github-actions github-actions Bot added the ci changes related to CI label May 12, 2026
@github-actions
Merge remote-tracking branch 'origin/main' into ci/enable-merge-queue
842e718 
# Conflicts:
#	.asf.yaml
#	.github/workflows/github-action-build.yml
#	.github/workflows/lint-pr.yml
@codecov-commenter
Copy link
Copy Markdown

codecov-commenter commented May 12, 2026
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 42.78%. Comparing base (078ab64) to head (267c2d1).

Additional details and impacted files 
@@            Coverage Diff            @@
##               main    #5036   +/-   ##
=========================================
  Coverage     42.77%   42.78%           
+ Complexity     2195     2194    -1     
=========================================
  Files          1045     1045           
  Lines         39985    39985           
  Branches       4217     4217           
=========================================
+ Hits          17105    17107    +2     
+ Misses        21820    21819    -1     
+ Partials       1060     1059    -1
Flag Coverage Δ
access-control-service 39.53% <ø> (ø)
agent-service 33.72% <ø> (ø)
amber 43.50% <ø> (+0.01%) ⬆️
computing-unit-managing-service 0.00% <ø> (ø)
config-service 0.00% <ø> (ø)
file-service 32.18% <ø> (ø)
frontend 34.04% <ø> (ø)
python 88.90% <ø> (ø)
workflow-compiling-service 47.72% <ø> (ø)

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@Yicong-Huang Yicong-Huang marked this pull request as draft May 12, 2026 19:11
@Yicong-Huang Yicong-Huang marked this pull request as ready for review May 12, 2026 20:15
@Yicong-Huang Yicong-Huang enabled auto-merge (squash) May 12, 2026 20:15
@Yicong-Huang Yicong-Huang requested a review from aglinxinyuan May 12, 2026 20:15
@Yicong-Huang Yicong-Huang merged commit b492a62 into apache:main May 12, 2026
25 checks passed
@Yicong-Huang Yicong-Huang deleted the ci/enable-merge-queue branch May 12, 2026 20:59
@aglinxinyuan aglinxinyuan mentioned this pull request May 13, 2026
Merged
Yicong-Huang pushed a commit that referenced this pull request May 13, 2026
@aglinxinyuan
ci: drop bypass_actors from .asf.yaml ruleset (#5047)
777db47 
### What changes were proposed in this PR?
Remove the `bypass_actors:` block from the `Merge Queue` ruleset added
in #5036. ASF Infra flagged that block specifically with `Invalid
property /bypass_actors/0/actor_id: "4" is not of type integer`, and
removing it is the minimal change that addresses that error.


### Background
Since #5036 merged, every push to `main` triggers this email from ASF
Infra:

```
Validation failed while creating ruleset 'Merge Queue': Invalid request.

Invalid property /bypass_actors/0/actor_id: `"4"` is not of type `integer`.
Invalid property /rules/2: data matches no possible input.
Invalid property /rules/3: data matches no possible input.
Invalid property /rules/5: data matches no possible input.
```

This PR addresses the first line (`bypass_actors/0/actor_id`). ASF
Infra's follow-up reply did not include a `bypass_actors` block in the
recommended example, so removing it aligns with their suggestion.

### How was this PR tested?
Verified `.asf.yaml` still parses through `strictyaml` and that the only
change is the four removed `bypass_actors` lines:

```bash
git diff -- .asf.yaml
ruby -e 'require "yaml"; YAML.load_file(".asf.yaml"); puts "ok"'
```

No automated runtime tests added — this PR only changes repository
configuration.

### Any related issues, documentation, discussions?
Follow-up to #5036.

### Was this PR authored or co-authored using generative AI tooling?
Generated-by: Claude Code (Opus 4.7)
@Yicong-Huang Yicong-Huang mentioned this pull request May 13, 2026
Merged
aglinxinyuan pushed a commit that referenced this pull request May 13, 2026
@Yicong-Huang @github-actions
ci: fix merge queue ruleset payload (#5050)
a671e69 
### What changes were proposed in this PR?
This PR is a follow-up to #5036 to keep enabling GitHub merge queue
while making the ruleset payload accepted by the GitHub repository
rulesets API after ASF Infra reported validation errors for the rules
array.

Merge queue support:
- Keep the `merge_queue` rule in `.asf.yaml`; this PR does not remove or
disable merge queue.
- Keep the ruleset display/reconciliation name as `Merge Queue`.
- Keep the same merge queue behavior: squash merge, up to 5 entries,
`ALLGREEN`, and a 30-minute check response timeout.

Payload compatibility changes:
- Remove `source_type` and `source` from the raw ruleset payload because
they are response fields and are not needed in the create request body.
- Add `allowed_merge_methods: [squash]` to the `pull_request` rule so
the pull request rule explicitly matches the repository merge policy.
- Remove `do_not_enforce_on_create` from the `required_status_checks`
rule to keep the payload aligned with the asfyaml raw ruleset example.
- Remove `integration_id: -1` from required status checks because direct
GitHub API validation rejected `-1` as an invalid integration id, while
omitting the field is accepted.

Validation notes:
- Direct API validation on a personal fork rejected `merge_queue`, which
appears to be because merge queue is only available for
organization-owned repositories.
- Retested on the organization-owned public repository `Texera/Udon`
using the `Yicong-Huang` admin account.
- A minimal disabled `merge_queue` ruleset was created successfully on
`Texera/Udon` and deleted immediately afterward.
- The full #5050 payload, including the ruleset name `Merge Queue`, was
also created successfully as a disabled ruleset on `Texera/Udon` and
deleted immediately afterward.
- This confirms the updated payload shape supports `merge_queue` in an
org-owned repository context.

### Any related issues, documentation, discussions?
Related to #4553 and follow-up to #5036.

### How was this PR tested?
Ran local configuration checks:

```bash
ruby -e 'require "yaml"; cfg=YAML.load_file(".asf.yaml"); rs=cfg.dig("github", "rulesets").find { |r| r["name"] == "Merge Queue" }; abort "missing ruleset" unless rs; abort "unexpected source fields" if rs.key?("source_type") || rs.key?("source"); pr=rs["rules"].find { |r| r["type"] == "pull_request" }; abort "missing allowed_merge_methods" unless pr.dig("parameters", "allowed_merge_methods") == ["squash"]; status=rs["rules"].find { |r| r["type"] == "required_status_checks" }; abort "unexpected do_not_enforce_on_create" if status["parameters"].key?("do_not_enforce_on_create"); abort "unexpected integration_id" if status["parameters"]["required_status_checks"].any? { |c| c.key?("integration_id") }; puts "ruleset sanity ok"'
git diff --check
```

Also validated against the GitHub repository rulesets API on
`Texera/Udon`:
- Created and deleted a temporary disabled minimal `merge_queue`
ruleset.
- Created and deleted a temporary disabled ruleset using the full #5050
payload with the name `Merge Queue`.

No automated runtime tests were added because this PR only changes
repository configuration.

### Was this PR authored or co-authored using generative AI tooling?
Generated-by: OpenAI Codex (GPT-5)

---------

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@aglinxinyuan aglinxinyuan aglinxinyuan approved these changes

Assignees

@Yicong-Huang Yicong-Huang

Labels

ci changes related to CI

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Investigate enabling GitHub merge queue for faster PR merging

3 participants

@Yicong-Huang @codecov-commenter @aglinxinyuan