Skip to content

[FEAT] merge, create PR 로직 분리 #100

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
ujinsim merged 1 commit into from
Nov 16, 2025
Merged

[FEAT] merge, create PR 로직 분리 #100

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
60 changes: 60 additions & 0 deletions .github/workflows/bump-pr.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,60 @@
name: Create & Merge Bump PR

on:
push:
branches:
- 'bump/*'

permissions:
contents: write
pull-requests: write

jobs:
create-pr:
runs-on: ubuntu-latest
steps:
- name: Create PR
id: cpr
uses: actions/github-script@v7
with:
script: |
const branch = context.ref.replace('refs/heads/', '');

const pr = await github.rest.pulls.create({
owner: context.repo.owner,
repo: context.repo.repo,
title: 'chore: bump version & sync exports',
head: branch,
base: 'main'
});

core.setOutput('pr_number', pr.data.number);
Comment on lines +16 to +31
Copy link
Copy Markdown

@coderabbitai coderabbitai bot Nov 16, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

PR 생성 실패 시 다음 단계 진행 방지 필요합니다.

라인 31에서 pr_number를 출력한 후, 라인 33의 auto-merge 스텝이 무조건 실행됩니다. PR 생성이 실패해도 워크플로우는 계속 진행되어 존재하지 않는 PR 번호로 merge 요청을 시도하게 됩니다.

제안: if: success() 조건을 auto-merge 스텝에 추가하거나, 스크립트에 명시적 에러 처리를 추가하세요.

      - name: Auto-merge PR
        if: success()
        uses: actions/github-script@v7
        with:
          script: |
            await github.rest.pulls.merge({
              owner: context.repo.owner,
              repo: context.repo.repo,
              pull_number: ${{ steps.cpr.outputs.pr_number }}
            });
🤖 Prompt for AI Agents 
.github/workflows/bump-pr.yaml lines 16-31: the workflow sets and outputs
pr_number even if the PR creation fails, allowing a subsequent auto-merge step
to run against a non-existent PR; fix by making PR creation fail-fast or gating
the auto-merge step: either catch errors from github.rest.pulls.create and
rethrow (or call core.setFailed) so the workflow stops and do not set the output
on failure, or keep the script as-is but add if: success() to the Auto-merge PR
step so it only runs when prior steps succeeded.


- name: Auto-merge PR
uses: actions/github-script@v7
with:
script: |
await github.rest.pulls.merge({
owner: context.repo.owner,
repo: context.repo.repo,
pull_number: ${{ steps.cpr.outputs.pr_number }}
});
Comment on lines +33 to +41
Copy link
Copy Markdown

@coderabbitai coderabbitai bot Nov 16, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

PR merge 실패 시 npm publish 진행 방지가 필요합니다.

라인 33-41의 auto-merge 스텝이 실패해도 (예: 충돌 발생) 라인 57의 npm publish는 여전히 실행됩니다. 이는 구 버전의 npm 패키지가 배포될 수 있다는 뜻입니다.

제안:

  1. Auto-merge 스텝 및 checkout 스텝에 if: success() 추가
  2. 또는 merge 성공 여부를 출력으로 반환하고 npm publish 전 확인
      - name: Checkout merged main
        if: success()
        uses: actions/checkout@v4
        with:
          ref: main

      - name: Publish to npm
        if: success()
        run: npm publish
        env:
          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
🤖 Prompt for AI Agents 
.github/workflows/bump-pr.yaml lines 33-41: the auto-merge step can fail (e.g.,
conflict) but subsequent steps still run causing npm publish of an unmerged/main
version; ensure downstream steps only run when merge succeeded by adding a
success gate or explicit merge result check. Update the workflow so the
auto-merge step and the following checkout step include a conditional like if:
success(), and gate the Publish to npm step with if: success() (or alternatively
have the merge step set an output indicating success and make the publish step
depend on that output) so npm publish only runs when the merge completed
successfully.


- name: Checkout merged main
uses: actions/checkout@v4
with:
ref: main

- name: Setup Node
uses: actions/setup-node@v4
with:
node-version: '20'
registry-url: 'https://registry.npmjs.org'

- name: Install dependencies
run: npm ci

- name: Publish to npm
run: npm publish
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
Comment on lines +1 to +60
Copy link
Copy Markdown

@coderabbitai coderabbitai bot Nov 16, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🧹 Nitpick | 🔵 Trivial

두 워크플로우 간 타이밍 문제 및 race condition 가능성을 검토하세요.

bump-version.yamlbump/* 브랜치를 푸시하면, 이 워크플로우(bump-pr.yaml)가 자동 트리거됩니다. 하지만:

  1. 푸시 이후 워크플로우 트리거 사이의 지연
  2. bump-version.yaml이 동일한 조건(main 브랜치 머지)에서 반복 실행되면 여러 bump 브랜치 생성 가능
  3. 여러 bump 브랜치가 동시에 PR을 생성하면 순서 보장 안 됨

제안: bump-pr.yaml 실행 중 새 bump 브랜치 푸시에 대한 동시 실행 제어(concurrency) 설정 추가 검토

concurrency:
  group: bump-and-publish
  cancel-in-progress: false
🤖 Prompt for AI Agents 
.github/workflows/bump-pr.yaml lines 1-60: this workflow can run concurrently
when multiple bump/* branches are pushed causing race conditions; add a
top-level concurrency stanza to serialize or control overlapping runs (place it
directly under the workflow name) — set a stable group name (for example a
constant group like bump-and-publish or scoped with the ref/branch using GitHub
context) and set cancel-in-progress to the desired behavior (use
cancel-in-progress: false as suggested to avoid canceling running jobs) so only
one bump-pr workflow run proceeds at a time and new runs are queued or blocked.

47 changes: 6 additions & 41 deletions .github/workflows/auto-bump-version.yaml → .github/workflows/bump-version.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
name: Auto Bump Version on Merge to main
name: Bump Version on Merge to main

on:
pull_request:
Expand All @@ -7,14 +7,12 @@ on:

permissions:
contents: write
pull-requests: write

jobs:
bump-version:
if: >
github.event.pull_request.merged == true &&
github.event.pull_request.base.ref == 'main' &&
github.actor != 'github-actions[bot]'
github.event.pull_request.base.ref == 'main'
runs-on: ubuntu-latest
steps:
- name: Checkout main
Expand All @@ -27,7 +25,6 @@ jobs:
uses: actions/setup-node@v4
with:
node-version: '20'
registry-url: 'https://registry.npmjs.org'

- name: Detect if package.json version changed in PR
id: ver_changed
Expand Down Expand Up @@ -102,7 +99,7 @@ jobs:
- name: Install dependencies
run: npm ci

- name: Sync exports to src/shared/index.ts
- name: Sync exports (inline)
run: |
node -e "
const fs = require('fs');
Expand Down Expand Up @@ -154,55 +151,23 @@ jobs:
- name: Build package
run: npm run build

- name: Create branch and commit
- name: Create bump branch and push
run: |
TIMESTAMP=$(date -u +'%Y%m%d-%H%M%S%N' | cut -c1-14)
BRANCH="bump/$TIMESTAMP"

git checkout -b "$BRANCH"

if git diff --quiet; then
echo "No changes to commit."
echo "NO_CHANGES=true" >> $GITHUB_ENV
exit 0
fi

git config user.name "github-actions[bot]"
git config user.email "github-actions[bot]@users.noreply.github.com"

git add .
git commit -m "chore: bump version and sync shared exports"
git commit -m "chore: bump version and sync exports"
git push origin "$BRANCH"

echo "BRANCH_NAME=$BRANCH" >> $GITHUB_ENV

- name: Create PR
id: cpr
uses: actions/github-script@v7
with:
script: |
const branch = process.env.BRANCH_NAME;

const pr = await github.rest.pulls.create({
owner: context.repo.owner,
repo: context.repo.repo,
title: 'chore: bump version & sync exports',
head: branch,
base: 'main'
});

core.setOutput('pr_number', pr.data.number);

- name: Auto-merge PR
uses: actions/github-script@v7
with:
script: |
await github.rest.pulls.merge({
owner: context.repo.owner,
repo: context.repo.repo,
pull_number: ${{ steps.cpr.outputs.pr_number }}
});

- name: Publish to npm
run: npm publish
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}