Skip to content

feat: automated go fix PR on Go version bump #4678

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
Copilot wants to merge 24 commits into
base: master
Choose a base branch
from
Open

feat: automated go fix PR on Go version bump #4678

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
24 commits
Select commit Hold shift + click to select a range
7767d9f
Initial plan
Copilot Mar 11, 2026
a6374a9
feat: add automated go-fix workflow triggered on Go version bump
Copilot Mar 11, 2026
ebdf630
fix: replace peter-evans/create-pull-request with gh pr create
Copilot Mar 16, 2026
5db9b73
fix: monitor both go.mod files in go-fix workflow
tuxerrante Mar 16, 2026
3f99150
avoid possible branches overwriting
tuxerrante Mar 16, 2026
9126898
fix: address review comments on go-fix workflow
tuxerrante Mar 16, 2026
d4a9722
test: temporarily enable go-fix trigger on PR branch
tuxerrante Apr 3, 2026
3879147
Merge pull request #4742 from Azure/alessandro/pr-4678-trigger-test
tuxerrante Apr 3, 2026
1f91fd7
test: temporarily bump pkg/api Go directive to trigger go-fix workflow
tuxerrante Apr 3, 2026
7a95d1d
Merge pull request #4743 from Azure/alessandro/pr-4678-workflow-test-run
tuxerrante Apr 3, 2026
3784dc5
test: revert temporary pkg/api Go directive bump
tuxerrante Apr 3, 2026
fb5c7b9
Merge pull request #4744 from Azure/alessandro/pr-4678-workflow-test-…
tuxerrante Apr 3, 2026
571ebe7
test: remove temporary go-fix PR-branch trigger
tuxerrante Apr 3, 2026
eafb21f
Merge pull request #4745 from Azure/alessandro/pr-4678-trigger-cleanup
tuxerrante Apr 3, 2026
b435f3b
chore: bump harden-runner action to v2.16.1
tuxerrante Apr 3, 2026
d44eb07
Merge pull request #4746 from Azure/alessandro/pr-4678-validation2
tuxerrante Apr 3, 2026
8f40787
test: temporarily enable go-fix trigger on PR branch for go1.26 valid…
tuxerrante Apr 3, 2026
4b98a4c
Merge pull request #4747 from Azure/alessandro/pr-4678-go126-trigger-…
tuxerrante Apr 3, 2026
6041e6a
test: temporarily bump both modules to Go 1.26.1 for go-fix validation
tuxerrante Apr 3, 2026
3d5bb3d
Merge pull request #4748 from Azure/alessandro/pr-4678-go126-trigger-run
tuxerrante Apr 3, 2026
33f87ce
test: revert temporary Go 1.26.1 module bumps
tuxerrante Apr 3, 2026
cd3d504
Merge pull request #4749 from Azure/alessandro/pr-4678-go126-revert
tuxerrante Apr 3, 2026
890e8bb
test: remove temporary PR-branch trigger after Go1.26 validation
tuxerrante Apr 3, 2026
cfcfad8
Merge pull request #4750 from Azure/alessandro/pr-4678-go126-trigger-…
tuxerrante Apr 3, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
95 changes: 95 additions & 0 deletions .github/workflows/go-fix.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,95 @@
name: go-fix

on:
Copy link
Copy Markdown
Collaborator

@tuxerrante tuxerrante Mar 16, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This workflow can't be tested via normal CI because:

  • It triggers on pushes to master that modify go.mod
  • workflow_dispatch only works if the workflow file already exists on the default branch

To actually test this, you'd need to either:

  • Fork the repo and merge the workflow into the fork's default branch, then trigger workflow_dispatch
  • Create a test workflow on a branch that uses on: push to that branch instead of master (temporary, just for validation)
  • Merge to master and test live (risky for a first run)

push:
branches:
- master
paths:
- 'go.mod'
- 'pkg/api/go.mod'
workflow_dispatch:

concurrency:
group: go-fix
cancel-in-progress: false

permissions:
Copy link
Copy Markdown
Collaborator

@tuxerrante tuxerrante Mar 16, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@mociarain do we have the rights for these permissions?

Copy link
Copy Markdown
Collaborator

@mociarain mociarain Apr 1, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

They look correct to me but I'm sure what you are asking. Do you mean:

  • Are these the correct permissions for the workflow?
  • Do we have the rights to grant these permissions?

Copy link
Copy Markdown
Collaborator

@tuxerrante tuxerrante Apr 3, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The second one, I know these could be an issue:

  contents: write
  pull-requests: write

Copy link
Copy Markdown
Collaborator

@mociarain mociarain Apr 7, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've granted "Allow GitHub Actions to create and approve pull requests" so hopefully this should be good now

contents: write
pull-requests: write

jobs:
go-fix:
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1
with:
egress-policy: audit

- name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
fetch-depth: 2

- name: Check if Go version changed
id: go-version
run: |
ROOT_CURRENT=$(grep '^go ' go.mod | awk '{print $2}')
API_CURRENT=$(grep '^go ' pkg/api/go.mod | awk '{print $2}')
GO_VERSION=$(printf '%s\n' "$ROOT_CURRENT" "$API_CURRENT" | sort -V | tail -1)
echo "current=$GO_VERSION" >> "$GITHUB_OUTPUT"
echo "root=$ROOT_CURRENT" >> "$GITHUB_OUTPUT"
echo "api=$API_CURRENT" >> "$GITHUB_OUTPUT"
if [[ "${{ github.event_name }}" == "workflow_dispatch" ]]; then
echo "run=true" >> "$GITHUB_OUTPUT"
else
ROOT_PREVIOUS=$(git show HEAD~1:go.mod | grep '^go ' | awk '{print $2}')
API_PREVIOUS=$(git show HEAD~1:pkg/api/go.mod | grep '^go ' | awk '{print $2}')
if [[ "$ROOT_CURRENT" != "$ROOT_PREVIOUS" ]] || [[ "$API_CURRENT" != "$API_PREVIOUS" ]]; then
echo "run=true" >> "$GITHUB_OUTPUT"
else
echo "run=false" >> "$GITHUB_OUTPUT"
fi
fi

- name: Set up Golang
if: steps.go-version.outputs.run == 'true'
uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0
with:
go-version: ${{ steps.go-version.outputs.current }}

- name: Run go fix
if: steps.go-version.outputs.run == 'true'
run: make go-fix

- name: Create Pull Request
if: steps.go-version.outputs.run == 'true'
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
BRANCH="automated/go-fix-root-${{ steps.go-version.outputs.root }}-api-${{ steps.go-version.outputs.api }}"
git config user.name "github-actions[bot]"
git config user.email "github-actions[bot]@users.noreply.github.com"
git checkout -b "$BRANCH"
git add -A
if git diff --staged --quiet; then
echo "No changes from go fix, skipping PR creation."
exit 0
fi
git commit -m "run go fix for Go ${{ steps.go-version.outputs.current }}"
git push --force origin "$BRANCH"
Copy link
Copy Markdown
Collaborator

@tuxerrante tuxerrante Mar 16, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

with the idempotent PR check we added, you could argue the workflow should just skip entirely if the branch already exists. We could replace the force push with a check-and-skip:

  if git ls-remote --exit-code origin "refs/heads/$BRANCH" >/dev/null 2>&1; then
    echo "Branch $BRANCH already exists, skipping."
    exit 0
  fi
  git push origin "$BRANCH"

EXISTING_PR=$(gh pr list --head "$BRANCH" --json number --jq '.[0].number')
if [[ -n "$EXISTING_PR" ]]; then
echo "PR #$EXISTING_PR already exists for branch $BRANCH, skipping creation."
else
gh pr create \
--title "go fix: apply Go ${{ steps.go-version.outputs.current }} fixes" \
--body "This PR was automatically created to apply \`go fix\` changes after bumping Go.

- Root module: \`${{ steps.go-version.outputs.root }}\`
- API module: \`${{ steps.go-version.outputs.api }}\`

\`go fix\` rewrites source code to use newer Go APIs and idioms." \
--base "${{ github.event.repository.default_branch }}" \
--head "$BRANCH"
fi
5 changes: 5 additions & 0 deletions Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -345,6 +345,11 @@ fmt: $(GOLANGCI_LINT) ## Format Go source files using golangci-lint formatters (
$(GOLANGCI_LINT) fmt
cd pkg/api/ && $(GOLANGCI_LINT) fmt

.PHONY: go-fix
go-fix: ## Run go fix on both Go modules
go fix ./...
cd pkg/api/ && go fix ./...

.PHONY: lint-go
lint-go: $(GOLANGCI_LINT)
$(GOLANGCI_LINT) run --verbose
Expand Down
1 change: 0 additions & 1 deletion go.mod
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,6 @@
module github.com/Azure/ARO-RP

go 1.25.3

require (
github.com/Azure/ARO-RP/pkg/api v0.0.0-00010101000000-000000000000
github.com/Azure/azure-sdk-for-go v63.1.0+incompatible
Expand Down
1 change: 0 additions & 1 deletion pkg/api/go.mod
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,6 @@
module github.com/Azure/ARO-RP/pkg/api

go 1.24.0

require (
github.com/Azure/azure-sdk-for-go/sdk/azcore v1.17.0
github.com/Azure/go-autorest/autorest v0.11.29
Expand Down
1 change: 0 additions & 1 deletion test/e2e/aks.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,4 @@
//go:build e2e
// +build e2e

package e2e

Expand Down
1 change: 0 additions & 1 deletion test/e2e/aro.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,4 @@
//go:build e2e
// +build e2e

package e2e

Expand Down
1 change: 0 additions & 1 deletion test/e2e/e2e_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,4 @@
//go:build e2e
// +build e2e

package e2e

Expand Down
Loading