Commit graph

229 commits

Author SHA1 Message Date
Julien Pivotto
10bd82a8ea
ci: don't delete repo-sync branch when force-updating open PR
push_branch unconditionally deleted the remote branch before pushing.
On the force-update path for an existing bot-only PR, deleting the
branch closes the PR on GitHub, so the PR was lost instead of updated.
Force-push in place on that path and keep the delete only for the
fresh-PR path.

Signed-off-by: Julien Pivotto <291750+roidelapluie@users.noreply.github.com>
2026-07-02 17:50:09 +02:00
Julien Pivotto
5626eed5b4
ci: force-update stale repo-sync PRs when content changes
When a repo_sync PR is already open, the sync script skipped the repo
entirely, so the PR went stale whenever the source files changed again.

Now, if the open PR carries only the single bot commit, the branch is
rebuilt from the target default branch (staying current with the base)
and force-pushed, but only when the synced files actually differ from
the PR branch. PRs that a maintainer has committed to (more than one
commit) are left untouched.

Signed-off-by: Julien Pivotto <291750+roidelapluie@users.noreply.github.com>
2026-07-02 15:13:41 +02:00
Julien
406a0e5fe0
ci: fix repo sync writing dependabot.yml to wrong path (#19077)
The scripts/dependabot.yml -> .github/dependabot.yml remapping was present
in the detection loop but missing from the copy loop, so downstream repos
received a stray scripts/dependabot.yml that Dependabot never reads while
.github/dependabot.yml was never created.

Signed-off-by: Julien Pivotto <291750+roidelapluie@users.noreply.github.com>
2026-07-02 14:44:10 +02:00
Julien Pivotto
f8a9929f31
ci: fix no_prometheus_repo_sync opt-out in repo sync
check_no_sync received the fetched file contents but grepped them as a
filename, so the marker was never detected and repos opting out via
no_prometheus_repo_sync were synced anyway. Feed the contents on stdin
with a here-string, matching check_license, and log the filename instead
of the whole file body.

Signed-off-by: Julien Pivotto <291750+roidelapluie@users.noreply.github.com>
2026-07-02 13:29:07 +02:00
György Krajcsovits
39f54360ee
Merge remote-tracking branch 'origin/release-3.13' into krajo/merge-release-3.13-to-main 2026-07-01 16:18:37 +02:00
renovate[bot]
2f43e049c5
chore(deps): update golangci/golangci-lint-action action to v9.3.0 (#19064)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2026-07-01 15:24:13 +02:00
Ben Kochie
3e6e5c8c84
Sync dependabot configs (#19051)
Add `.github/dependabot.yml` to the repo sync script.
* Sync is optional.
* Add feature to skip files that contain the string `no_prometheus_repo_sync`.
* Add generic dependabot config for Go and GitHub Actions ecosystems.

Signed-off-by: SuperQ <superq@gmail.com>
2026-07-01 14:50:26 +02:00
renovate[bot]
b27435d356
chore(deps): update actions/checkout action to v7 (#19056)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2026-07-01 14:27:44 +02:00
renovate[bot]
954cb0b5cc
chore(deps): update actions/setup-go action to v6.5.0 (#19054)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2026-07-01 14:04:40 +02:00
Julien Pivotto
5e280be974 ui: do not tag pre-release npm packages as latest
Derive the npm dist-tag from the Prometheus version (VERSION file) and
download.json so pre-releases and old patches never move the "latest"
tag: pre-releases publish under their channel (rc/beta/alpha/next), the
latest stable under "latest", the newest LTS under "lts", and older
stable or LTS patches under "oldstable". Fail the publish if
download.json cannot be fetched.

Signed-off-by: Julien Pivotto <291750+roidelapluie@users.noreply.github.com>
2026-06-23 10:28:21 +02:00
George Krajcsovits
2fe27be7ac
ui: fix check-package version read under pnpm (#18976)
checkPackage read each workspace package's version via `pnpm run env | grep
npm_package_version`, an npm-ism. pnpm has no built-in `env` script, so it
fails with ERR_PNPM_NO_SCRIPT and returns an empty string, making
`ui_release.sh --check-package` report a false version mismatch for every
package.

Read the version with `pnpm pkg get version` instead. Leftover from the
npm-to-pnpm migration (#18797).

Signed-off-by: György Krajcsovits <gyorgy.krajcsovits@grafana.com>
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-22 10:22:15 +02:00
George Krajcsovits
12cb96a63c
fix: no need to pnpm update the react-app separately (#18975)
You get
[ERR_PNPM_VERSION_NOT_CHANGED] Version was not changed: 0.313.0-rc.0
error if you try.

Signed-off-by: György Krajcsovits <gyorgy.krajcsovits@grafana.com>
2026-06-19 12:00:27 +00:00
Julien
18fa2d8b8e
ui: link react-app to local codemirror-promql instead of an npm version (#18967)
Some checks are pending
CI / Go tests (push) Waiting to run
CI / More Go tests (push) Waiting to run
CI / Go tests for 32-bit x86 (push) Waiting to run
CI / Go tests for Prometheus upgrades and downgrades (push) Waiting to run
CI / Go tests with previous Go version (push) Waiting to run
CI / UI tests (push) Waiting to run
CI / Go tests on Windows (push) Waiting to run
CI / Mixins tests (push) Waiting to run
CI / Compliance testing (push) Waiting to run
CI / Build Prometheus for common architectures (push) Waiting to run
CI / Build Prometheus for all architectures (push) Waiting to run
CI / Report status of build Prometheus for all architectures (push) Blocked by required conditions
CI / Check generated parser (push) Waiting to run
CI / golangci-lint (push) Waiting to run
CI / fuzzing (push) Waiting to run
CI / codeql (push) Waiting to run
CI / Publish main branch artifacts (push) Blocked by required conditions
CI / Publish release artefacts (push) Blocked by required conditions
CI / Publish UI on npm Registry (push) Blocked by required conditions
react-app is not part of the pnpm workspace, so it pulled
@prometheus-io/codemirror-promql from the npm registry by exact version.
During a release, `make ui-bump-version` rewrote that pin to the new,
not-yet-published version, so the subsequent `pnpm install` failed with
ERR_PNPM_NO_MATCHING_VERSION.

Use pnpm's "link:" protocol to consume the locally built workspace package
instead. There is no version to publish or rewrite, react-app always builds
against the in-tree codemirror-promql, and its lockfile stays isolated (which
is why react-app was separated from the workspace in the first place).

build_ui.sh --all already builds the modules before react-app, so dist/ is
present at build time; `make ui-build` passes. Drop the dependency-rewriting
sed from ui_release.sh's bumpVersion accordingly.

Signed-off-by: Julien Pivotto <291750+roidelapluie@users.noreply.github.com>
2026-06-19 10:00:48 +02:00
Julien
5679ecbbc7
Merge pull request #18945 from roidelapluie/roidelapluie/reposync-maintainer-can-modify
ci: allow maintainers to edit repo_sync PRs
2026-06-17 12:15:35 +02:00
Julien Pivotto
13d8952abd ci: allow maintainers to edit repo_sync PRs
Set maintainer_can_modify on the create-pull-request API call so that
target-repo maintainers can push directly to the repo_sync branch from
the GitHub UI instead of only via the local checkout workaround.

Signed-off-by: Julien Pivotto <291750+roidelapluie@users.noreply.github.com>
2026-06-17 09:50:04 +02:00
Julien Pivotto
53cde1b1be chore(UI): Move to pnpm
Switch the UI workspace from npm to pnpm. Declare jest as a direct
devDependency in lezer-promql (pnpm's strict isolation requires every
binary to be an explicit dependency), fix the moduleNameMapper path in
codemirror-promql's jest config to reflect pnpm's per-package
node_modules layout, and add a localStorage mock to mantine-ui's test
setup so module-level Redux slice initializers work under Node.js v22+,
which pre-defines localStorage as undefined on globalThis.

Signed-off-by: Julien Pivotto <291750+roidelapluie@users.noreply.github.com>
2026-06-11 14:13:28 +02:00
renovate[bot]
e05f5a74a3
chore(deps): update actions/checkout action to v6.0.3 (#18866)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2026-06-07 17:57:45 +02:00
renovate[bot]
c0bceeeb27
chore(deps): update golangci/golangci-lint-action action to v9.2.1 (#18870)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2026-06-07 17:40:07 +02:00
Julien
55226fb8b2
Merge pull request #18802 from roidelapluie/roidelapluie/reposync-per-org-token
Some checks failed
buf.build / lint and publish (push) Has been cancelled
CI / Go tests (push) Has been cancelled
CI / More Go tests (push) Has been cancelled
CI / Go tests for 32-bit x86 (push) Has been cancelled
CI / Go tests for Prometheus upgrades and downgrades (push) Has been cancelled
CI / Go tests with previous Go version (push) Has been cancelled
CI / UI tests (push) Has been cancelled
CI / Go tests on Windows (push) Has been cancelled
CI / Mixins tests (push) Has been cancelled
CI / Compliance testing (push) Has been cancelled
CI / Build Prometheus for common architectures (push) Has been cancelled
CI / Build Prometheus for all architectures (push) Has been cancelled
CI / Check generated parser (push) Has been cancelled
CI / golangci-lint (push) Has been cancelled
CI / fuzzing (push) Has been cancelled
CI / codeql (push) Has been cancelled
govulncheck / Run govulncheck (push) Has been cancelled
Scorecards supply-chain security / Scorecards analysis (push) Has been cancelled
CI / Report status of build Prometheus for all architectures (push) Has been cancelled
CI / Publish main branch artifacts (push) Has been cancelled
CI / Publish release artefacts (push) Has been cancelled
CI / Publish UI on npm Registry (push) Has been cancelled
chore(reposync): use per-org PATs for repo sync PR creation
2026-05-27 16:35:47 +02:00
Julien
f83961b78e
Merge pull request #18800 from roidelapluie/roidelapluie/reposynclicense
scripts: fix LICENSE check using stale target_file in sync_repo_files
2026-05-27 15:32:25 +02:00
Julien Pivotto
b67d15347a ci: use per-org PATs for repo sync PR creation
Signed-off-by: Julien Pivotto <291750+roidelapluie@users.noreply.github.com>
2026-05-27 15:23:08 +02:00
Julien
e22a55b241
Merge pull request #18801 from roidelapluie/roidelapluie/syncfail
chore(reposync): Debug failures.
2026-05-27 14:27:57 +02:00
Julien Pivotto
ae068a8898 chore(reposync): Debug failures.
Signed-off-by: Julien Pivotto <291750+roidelapluie@users.noreply.github.com>
2026-05-27 14:24:10 +02:00
Julien Pivotto
20bc5a2f99 scripts: fix LICENSE check using stale target_file in sync_repo_files
The check_license guard ran before target_file was fetched, so it always
tested the previous iteration's file content (CODE_OF_CONDUCT.md) instead
of the target repo's LICENSE. This caused the LICENSE file to be silently
skipped on every run regardless of the actual license.

Signed-off-by: Julien Pivotto <291750+roidelapluie@users.noreply.github.com>
2026-05-27 10:18:44 +02:00
Julien Pivotto
7657baa6c3 scripts: fork without organization in sync_repo_files
Signed-off-by: Julien Pivotto <291750+roidelapluie@users.noreply.github.com>
2026-05-27 09:59:05 +02:00
Julien Pivotto
0b47509663 chore(reposync): use fork actual name and new API version in sync_repo_files
Read the fork's actual full_name from the fork API response instead of
constructing it.  Pass the fork full_name to post_pull_request so the checkout
hint uses the correct repo name.

Use newly-created scoped PROMBOT_REPOSYNC_TOKEN in the workflow.

Signed-off-by: Julien Pivotto <291750+roidelapluie@users.noreply.github.com>
2026-05-26 17:00:13 +02:00
Julien Pivotto
c2386b2da5 scripts: add checkout hint to sync_repo_files PR body
Signed-off-by: Julien Pivotto <291750+roidelapluie@users.noreply.github.com>
2026-05-26 12:28:29 +02:00
Julien Pivotto
4d28ed112b scripts: sync_repo_files via prombot fork
Open the sync PRs from a prombot-owned fork instead of pushing the branch
to the upstream repo. The fork name is prefixed with the upstream org
(e.g. prometheus_node_exporter) so repos with the same name in
different orgs do not collide. The GitHub forks API is idempotent and
returns the existing fork on subsequent calls.

Signed-off-by: Julien Pivotto <291750+roidelapluie@users.noreply.github.com>
2026-05-26 11:52:38 +02:00
Bartlomiej Plotka
2a146bce7f
Revert "chore: prepare 3.12.0-rc.0 release" 2026-05-19 08:40:18 +01:00
bwplotka
bc598efafc improve generate_release_notes to skip author for consistency
Signed-off-by: bwplotka <bwplotka@gmail.com>
2026-05-18 12:14:36 +01:00
Julien Pivotto
64e465dddc chore: Update NPM deps for 3.12
Signed-off-by: Julien Pivotto <291750+roidelapluie@users.noreply.github.com>
2026-05-08 13:59:50 +02:00
Ben Kochie
7475a07d82
Enable govulncheck in CI (#18553)
Add a CI job to run govulncheck.
* Run daily.
* Run when touching go.{mod,sum}.on PRs and merge to the default branch.
* Cleanup unused / broken govulncheck in Makefile.common.
* Add status badge.
* Add to repo sync for all Go projects.
* Reduce green lines in sync script to make it easier to read the log.

Signed-off-by: SuperQ <superq@gmail.com>
2026-04-22 09:14:54 +02:00
Ben Kochie
b81f79b47f
Bump actions/setup-go (#18504)
Some checks are pending
buf.build / lint and publish (push) Waiting to run
CI / Go tests (push) Waiting to run
CI / More Go tests (push) Waiting to run
CI / Go tests for Prometheus upgrades and downgrades (push) Waiting to run
CI / Go tests with previous Go version (push) Waiting to run
CI / UI tests (push) Waiting to run
CI / Go tests on Windows (push) Waiting to run
CI / Mixins tests (push) Waiting to run
CI / Compliance testing (push) Waiting to run
CI / Build Prometheus for common architectures (push) Waiting to run
CI / Build Prometheus for all architectures (push) Waiting to run
CI / Report status of build Prometheus for all architectures (push) Blocked by required conditions
CI / Check generated parser (push) Waiting to run
CI / golangci-lint (push) Waiting to run
CI / fuzzing (push) Waiting to run
CI / codeql (push) Waiting to run
CI / Publish main branch artifacts (push) Blocked by required conditions
CI / Publish release artefacts (push) Blocked by required conditions
CI / Publish UI on npm Registry (push) Blocked by required conditions
Scorecards supply-chain security / Scorecards analysis (push) Waiting to run
Update actions/setup-go to the latest release.

Signed-off-by: SuperQ <superq@gmail.com>
2026-04-10 09:06:09 +02:00
Ben Kochie
c30b596c1f
Fix dockerignore sync (#18488)
Add `.dockerignore` to the always sync file list.
* Sort container archs.

Signed-off-by: SuperQ <superq@gmail.com>
2026-04-10 07:19:58 +02:00
SuperQ
f186cfdad1
Update common container archs
Promote the Prometheus container archs settings to common so they
are used by default on other projects.
* Add `.dockerignore` to sync script to include docker archs.

Signed-off-by: SuperQ <superq@gmail.com>
2026-04-08 15:25:07 +02:00
machine424
31f0678cdf
release: automate CHANGELOG.md generation and improve release notes process
Adds `scripts/generate_release_notes.sh` to produce a structured CHANGELOG.md starting point using the Kubernetes release-notes tool. It handles both minor and patch releases.
`RELEASE.md` is updated to reference the script and drop the manual instructions.

Version examples are updated from 2.x to 3.x.

The `check_release_notes` CI workflow is extended to also run on `release-*` branches in order for the script to catch commits added to the release note , and the PR template wording is tightened.

Signed-off-by: machine424 <ayoubmrini424@gmail.com>
2026-03-25 20:20:35 +01:00
Ben Kochie
8f1f1f3146
Update CI (#18173)
Some checks failed
buf.build / lint and publish (push) Waiting to run
CI / Go tests (push) Waiting to run
CI / More Go tests (push) Waiting to run
CI / Go tests with previous Go version (push) Waiting to run
CI / UI tests (push) Waiting to run
CI / Go tests on Windows (push) Waiting to run
CI / Mixins tests (push) Waiting to run
CI / Compliance testing (push) Waiting to run
CI / Build Prometheus for common architectures (push) Waiting to run
CI / Build Prometheus for all architectures (push) Waiting to run
CI / Report status of build Prometheus for all architectures (push) Blocked by required conditions
CI / Check generated parser (push) Waiting to run
CI / golangci-lint (push) Waiting to run
CI / fuzzing (push) Waiting to run
CI / codeql (push) Waiting to run
CI / Publish main branch artifacts (push) Blocked by required conditions
CI / Publish release artefacts (push) Blocked by required conditions
CI / Publish UI on npm Registry (push) Blocked by required conditions
Scorecards supply-chain security / Scorecards analysis (push) Waiting to run
Push README to Docker Hub / Push README to Docker Hub (push) Has been cancelled
Push README to Docker Hub / Push README to quay.io (push) Has been cancelled
* Bump promu to latest release.
* Update actions/checkout.
* Update Go to 1.26.x for golangci-lint in synced repos.
* Improve golangci-lint push filter for synced repos.

Signed-off-by: SuperQ <superq@gmail.com>
2026-02-23 15:25:09 +01:00
Julien Pivotto
3f25a53e20 chore: Check that previous go version check actually uses previous go version
Signed-off-by: Julien Pivotto <291750+roidelapluie@users.noreply.github.com>
2026-02-11 16:05:50 +01:00
SuperQ
d8e9ed3246
Add CI check for Go version support
Fail Go mod check if the `go` directive in `go.mod` is newer than
the currently supported Go versions.

Signed-off-by: SuperQ <superq@gmail.com>
2026-02-11 13:36:27 +01:00
renovate[bot]
edb6731d92
chore(deps): update actions/setup-go action to v6.2.0 (#18055)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2026-02-11 09:13:35 +01:00
Julien Pivotto
9a56fecb75 scripts: use git ls-files and check go.work files in version check
Update check-go-mod-version.sh to use git ls-files instead of find for
better performance and to respect .gitignore. Also include go.work files
in the version check to ensure consistency across workspace files and
modules.

Signed-off-by: Julien Pivotto <291750+roidelapluie@users.noreply.github.com>
2026-01-09 17:52:38 +01:00
dependabot[bot]
79b0b86560
chore(deps): bump golangci/golangci-lint-action in /scripts (#17759)
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) from 9.0.0 to 9.2.0.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases)
- [Commits](0a35821d5c...1e7e51e771)

---
updated-dependencies:
- dependency-name: golangci/golangci-lint-action
  dependency-version: 9.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-01-04 14:53:47 +00:00
dependabot[bot]
b34e3410f3
chore(deps): bump golangci/golangci-lint-action in /scripts (#17574)
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) from 8.0.0 to 9.0.0.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases)
- [Commits](4afd733a84...0a35821d5c)

---
updated-dependencies:
- dependency-name: golangci/golangci-lint-action
  dependency-version: 9.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-21 09:31:32 +01:00
dependabot[bot]
3698cd044c
chore(deps): bump actions/setup-go from 6.0.0 to 6.1.0 in /scripts (#17573)
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 6.0.0 to 6.1.0.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](4469467582...4dc6199c7b)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-version: 6.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-21 09:30:58 +01:00
dependabot[bot]
a5811e2da9
chore(deps): bump actions/checkout from 4.2.2 to 5.0.1 in /scripts (#17572)
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.2.2 to 5.0.1.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](11bd71901b...93cb6efe18)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: 5.0.1
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-21 09:29:37 +01:00
SuperQ
4bee2c754e
Improve repo sync script logging
Improve the repo sync logging output and add some additional logging.
This should help debugging some failed updates.

Signed-off-by: SuperQ <superq@gmail.com>
2025-11-18 11:18:02 +01:00
dependabot[bot]
77225a6aca
chore(deps): bump actions/setup-go from 5.5.0 to 6.0.0 in /scripts (#17262)
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 5.5.0 to 6.0.0.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](d35c59abb0...4469467582)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-version: 6.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-10-22 10:27:57 +02:00
Ayoub Mrini
7416f33df5
chore: define golangci-lint version in a single place and bump to v2.4.0 (#17202)
Signed-off-by: machine424 <ayoubmrini424@gmail.com>
2025-09-17 10:52:09 +02:00
Duciwuci
070ffd7edb bump go version across all stages
Signed-off-by: Duciwuci <duciwuci@gmail.com>
2025-09-02 10:02:39 +02:00
Duciwuci
739791a285 update script for internal and web
Signed-off-by: Duciwuci <duciwuci@gmail.com>
2025-09-02 10:02:01 +02:00