change(merge): Require 2 reviews for PRs with an extra-reviews label (#7158)

Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
2023-07-11 09:34:15 +10:00 · 2023-07-11 09:34:15 +10:00 · d3cc91e594
parent da07b11f1b
commit d3cc91e594
2 changed files with 77 additions and 39 deletions
--- a/.github/mergify.yml
+++ b/.github/mergify.yml
@ -29,34 +29,67 @@ queue_rules:
    conditions:
      - base=main

+# These rules are checked in order, the first one to be satisfied applies
 pull_request_rules:
-  - name: move to urgent queue when CI passes with 1 review and not WIP targeting main
+  - name: move to urgent queue when CI passes with multiple reviews
    conditions:
-      # This queue handles a PR if:
-      # - it targets main
-      # - is not in draft
-      # - does not include the do-not-merge label
-      # - is labeled with Critical priority
-      - base=main
-      - -draft
-      - label!=do-not-merge
+      # This queue handles a PR if it:
+      # has multiple approving reviewers
+      - "#approved-reviews-by>=2"
+      # is labeled with Critical priority
      - 'label~=^P-Critical'
+      # and satisfies the standard merge conditions:
+      # targets main
+      - base=main
+      # is not in draft
+      - -draft
+      # does not include the do-not-merge label
+      - label!=do-not-merge
    actions:
      queue:
        name: urgent
        method: squash

-  - name: move to batched queue when CI passes with 1 review and not WIP targeting main
+  - name: move to urgent queue when CI passes with 1 review
    conditions:
-      # This queue handles a PR if:
-      # - it targets main
-      # - is not in draft
-      # - does not include the do-not-merge label
-      # - is labeled with any other priority except Critical, or does not have a priority label,
-      #   including automated dependabot PRs.
-      #
-      # We don't need to check priority labels here, because the rules are evaluated in order:
-      # https://docs.mergify.com/configuration/#pull-request-rules      
+      # This queue handles a PR if it:
+      # has at least one approving reviewer (branch protection rule)
+      # does not need extra reviews
+      - 'label!=extra-reviews'
+      # is labeled with Critical priority
+      - 'label~=^P-Critical'
+      # and satisfies the standard merge conditions:
+      - base=main
+      - -draft
+      - label!=do-not-merge
+    actions:
+      queue:
+        name: urgent
+        method: squash
+
+  - name: move to batched queue when CI passes with multiple reviews
+    conditions:
+      # This queue handles a PR if it:
+      # has multiple approving reviewers
+      - "#approved-reviews-by>=2"
+      # is labeled with any other priority (rules are checked in order)
+      # and satisfies the standard merge conditions:
+      - base=main
+      - -draft
+      - label!=do-not-merge
+    actions:
+      queue:
+        name: batched
+        method: squash
+
+  - name: move to batched queue when CI passes with 1 review
+    conditions:
+      # This queue handles a PR if it:
+      # has at least one approving reviewer (branch protection rule)
+      # does not need extra reviews
+      - 'label!=extra-reviews'
+      # is labeled with any other priority (rules are checked in order)
+      # and satisfies the standard merge conditions:
      - base=main
      - -draft
      - label!=do-not-merge
--- a/.github/release-drafter.yml
+++ b/.github/release-drafter.yml
@ -11,34 +11,33 @@ autolabeler:
      - '/secur/i'
    title:
      - '/secur/i'
-  - label: 'C-removed'
-    branch:
-      - '/remov/i'
-    title:
-      - '/remov/i'
+      - '/crash/i'
+      - '/destr/i'
+      - '/unsafe/i'
  - label: 'C-deprecated'
    branch:
      - '/deprecat/i'
    title:
      - '/deprecat/i'
+  - label: 'extra-reviews'
+    branch:
+      - '/remov/i'
+      - '/deprecat/i'
+    title:
+      - '/remov/i'
+      - '/deprecat/i'
+      - '/crash/i'
+      - '/destr/i'
+      - '/unsafe/i'
  - label: 'C-feature'
    branch:
-      - '/add/i'
      - '/feat/i'
    title:
-      - '/add/i'
      - '/feat/i'
-  - label: 'C-enhancement'
-    branch:
-      - '/chang/i'
-    title:
-      - '/chang/i'
  - label: 'C-bug'
    branch:
-      - '/fix/i'
      - '/bug/i'
    title:
-      - '/fix/i'
      - '/bug/i'
  # Changes that are almost always trivial for users
  - label: 'C-trivial'
@ -46,16 +45,24 @@ autolabeler:
      - '/clean/i'
      - '/chore/i'
      - '/clippy/i'
+      - '/test/i'
    title:
      - '/clean/i'
      - '/chore/i'
      - '/clippy/i'
+      - '/test/i'
+      - '/(ci)/i'
+      - '/(cd)/i'
+      - '/job/i'
+      - '/patch/i'
+      - '/actions/i'
    files:
      # Regular changes that don't need to go in the CHANGELOG
      - 'CHANGELOG.md'
      - 'zebra-consensus/src/checkpoint/*-checkpoints.txt'
      # Developer-only changes
      - '.gitignore'
+      - '.dockerignore'
      # Test-only changes
      - 'zebra-test'
      - '.cargo/config.toml'
@ -80,8 +87,7 @@ categories:
    labels:
      - 'C-security'
      # Other labels that are usually security issues
-      - 'I-bad-code'
-      - 'I-bad-data'
+      - 'I-invalid-data'
      - 'I-consensus'
      - 'I-crash'
      - 'I-destructive'
@ -90,11 +96,10 @@ categories:
      - 'I-privacy'
      - 'I-remote-node-overload'
      - 'I-unbounded-growth'
-      - 'I-unsound'
+      - 'I-memory-safety'
  - title: 'Removed'
    labels:
      - 'C-removal'
-      - 'C-breaking'
  - title: 'Deprecated'
    labels:
      - 'C-deprecation'
@ -164,9 +169,9 @@ template: |
  ### Breaking Changes
  
  This release has the following breaking changes:
-  - *TODO*: Check the `Removed` section for any breaking changes
+  - *TODO*: Check the `Removed` and `Deprecated` sections for any breaking changes
  - *TODO*: Add a short description of the user impact of each breaking change, and any actions users need to take
-    
+  
  $CHANGES
  
  ### Contributors