Allow custom PR templates

[negz]

https://github.com/zeebe-io/backport-action/blob/186066470a540eb4a8d2b1bed1e8e12ab12b8120/src/backport.ts#L212

At the time of writing this action uses a constant backport PR body. Would it be possible to make it configurable?

Specifically the use case I have here is that the backport PRs the action opens are themselves subject to further actions, but GitHub won't let an action run an action so the required checks on the backport PRs are never triggered.

One hacky but very lightweight workaround for this issue is to just have the reviewer close and immediately reopen the PR to trigger the CI, so ideally I'd like the backport PR description to include a note to reviewers that they can just close and reopen the PR to trigger CI. Eventually I might add a /ci command or similar that is slightly less hacky, but I'd still like to document that in the PR body.

[korthout]

Hi @negz, that sounds like a good addition. I can imagine other use cases for this as well. But, allow me first to focus on your case.

One hacky but very lightweight workaround for this issue

In your case, it's probably better to look at the 2nd option from this workaround section:

Use a repo scoped Personal Access Token (PAT) created on an account that has write access to the repository that pull requests are being created in. This is the standard workaround and recommended by GitHub. However, the PAT cannot be scoped to a specific repository so the token becomes a very sensitive secret. If this is a concern, the PAT can instead be created for a dedicated machine account that has collaborator access to the repository. Also note that because the account that owns the PAT will be the creator of pull requests, that user account will be unable to perform actions such as request changes or approve the pull request.

If you change the github_token input value to the PAT of a machine account that is contributor in your repo, the backport-action should simply interact with your repository from that machine account. This should then trigger your workflows normally.

Please let me know if you're still interested in this feature knowing this. If you happen to try the above solution, please also let me know if you run into any issues.

---

Having said that, I see 2 options to support more dynamic PR descriptions:

• allow configuring a template for the PR description
  • this requires some input property, e.g. pr_description_template
  • this requires special keywords that when used in the template are replaced with:
    • the original pr_number
    • the target branchname
• allow configuring a footer/postfix for the PR description
  • this requires some input property, e.g. pr_description_footer
  • just appends the value to the PR description

Clearly the latter is easier to implement, but the prior seems more flexible and extendable in the future. My preference would go to the prior. I'm also open to other ideas.

[negz]

Please let me know if you're still interested in this feature knowing this.

I am. I don't disagree that the PAT approach is likely better, but I'm using this action quite extensively across two orgs and many repos, so being able to turn on a prompt to close and reopen the PR is a more compelling short-term fix than going through and figuring out setting up a bot account, PAT, etc etc across both orgs. Especially considering the potential security implications.

[korthout]

@negz I've created a pull request to add support for this, using the first option I described. Note that the naming has changed from that first proposal. For the full documentation, please have a look at the README.

You can use the version of this pull request by configuring the action in your workflow:

   ...
   uses: zeebe-io/backport-action@custom-pull-descriptions
   with:
     version: custom-pull-descriptions
     pull_description: |-
       Your custom description here,
       It can contain new lines and ${placeholders}
       See the README linked above for more details

Please let me know whether this works correctly for you 🙂