CI: Migrate release-drafter to v7 split#108
Merged
ModeSevenIndustrialSolutions merged 1 commit intolfreleng-actions:mainfrom Mar 19, 2026
Merged
Conversation
There was a problem hiding this comment.
Pull request overview
Migrates this repository’s GitHub Actions configuration for release-drafter from the v6 combined workflow to the v7 split architecture, separating release drafting (push-only) from PR autolabeling (PR-triggered, fork-safe).
Changes:
- Split release-drafter into two workflows: push-only drafting and PR autolabeling.
- Bump release-drafter to v7.1.0 and harden-runner to v2.16.0 (pinned SHAs).
- Remove the repository-level
.github/release-drafter.ymlto rely on the org-level configuration.
Reviewed changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated 2 comments.
| File | Description |
|---|---|
.github/workflows/release-drafter.yaml |
Push-only release drafting workflow updated for v7 and runner hardening; permissions/concurrency adjusted. |
.github/workflows/autolabeler.yaml |
New PR autolabeling workflow supporting forks via pull_request_target + fork-detection gating. |
.github/release-drafter.yml |
Removes per-repo release-drafter configuration (org-level config expected). |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Release-drafter v7 removed the disable-releaser and disable-autolabeler inputs, replacing them with dedicated sub-actions. This commit: - Splits the combined workflow into two files: release-drafter.yaml (push-only, drafter) and autolabeler.yaml (PR events, autolabeler) - Updates to release-drafter v7.1.0 - Updates harden-runner to v2.16.0 - Removes the per-repo release-drafter config (falls back to org-level .github repo config) - Removes deprecated env GITHUB_TOKEN usage - Removes debug concurrency group step Co-authored-by: Claude <claude@anthropic.com> Signed-off-by: Matthew Watkins <mwatkins@linuxfoundation.org>
ModeSevenIndustrialSolutions
force-pushed
the
fix/release-drafter-v7-split
branch
from
1a23c9f to
5327978
Compare
tykeal
approved these changes
Mar 19, 2026
Contributor
tykeal
left a comment
tykeal
left a comment
There was a problem hiding this comment.
Auto-approved by dependamerge
ModeSevenIndustrialSolutions
merged commit fbabb35
into
lfreleng-actions:main
5 of 6 checks passed
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Migrates release-drafter from v6 (combined workflow) to v7 (split architecture).
Release-drafter v7 removed the
disable-releaseranddisable-autolabelerinputs, replacing them with dedicated sub-actions. These inputs were left as dead code inaction.yml— accepted without warning but never acted upon (upstream bug report).Changes
release-drafter.yamlworkflow into two:release-drafter.yaml— push-only trigger, uses root drafter action,contents: writeautolabeler.yaml— PR trigger (bothpull_requestandpull_request_targetfor fork support), uses dedicated/autolabelersub-action,pull-requests: write+contents: read.github/release-drafter.ymlconfig (falls back to the org-level.githubrepo config)env: GITHUB_TOKENusage (v7 defaults to${{ github.token }}viatokeninput)Context
This is part of an org-wide migration. The same change is being applied to all lfreleng-actions repositories that have release-drafter configured. The canonical fix was first applied in lfreleng-actions/github2gerrit-action#172.
Security
The
pull_request_targettrigger in the autolabeler workflow is safe because: