From 5579e03a3f734247f19f061021dd43a20a7b51c0 Mon Sep 17 00:00:00 2001
From: Matt Trachier <matt.trachier@suse.com>
Date: Fri, 3 Oct 2025 20:24:24 -0500
Subject: [PATCH] fix: restrict goreleaser generating rc releases (#230)

Signed-off-by: matttrach <matt.trachier@suse.com>
(cherry picked from commit 1d94e1ad263fb6ac6b9095d2e157642bb09a70bb)
---
 .github/ISSUE_TEMPLATE/bug_report.md          | 26 +++++++++++++++++++
 .github/ISSUE_TEMPLATE/feature_request.md     | 22 ++++++++++++++++
 .github/pull_request_template.md              |  9 ++++---
 .../{backport.yml => backport-issues.yml}     |  2 +-
 .github/workflows/backport-pr-manual.yml      |  2 +-
 .github/workflows/backport-prs.yml            |  2 +-
 .github/workflows/release.yml                 |  6 +++++
 flake.lock                                    |  6 ++---
 8 files changed, 65 insertions(+), 10 deletions(-)
 create mode 100644 .github/ISSUE_TEMPLATE/bug_report.md
 create mode 100644 .github/ISSUE_TEMPLATE/feature_request.md
 rename .github/workflows/{backport.yml => backport-issues.yml} (97%)

diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md
new file mode 100644
index 0000000..0a59fcf
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/bug_report.md
@@ -0,0 +1,26 @@
+---
+name: Bug report
+about: Create a report to help us improve
+title: '[BUG]'
+labels: 
+- 'kind/bug'
+- 'internal/user'
+assignees:
+- 'matttrach'
+- 'jiaqiluo'
+- 'HarrisonWAffel'
+
+---
+
+### Environment Information
+<!--Please add information on the same line in quotes. Eg. - Terraform version: "v1.11.0" -->
+- Terraform version:
+- Provider version:
+
+### Describe the bug
+
+### To Reproduce
+
+### Actual Result
+
+### Expected Result
diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md
new file mode 100644
index 0000000..8940632
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/feature_request.md
@@ -0,0 +1,22 @@
+---
+name: Feature request
+about: Suggest an idea for this project
+title: '[RFE] '
+labels: 
+- 'kind/enhancement'
+- 'internal/user'
+assignees: 'matttrach'
+
+---
+
+### Is your feature request related to a problem? Please describe.
+<!-- A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] -->
+
+### Describe the solution you'd like
+<!-- A clear and concise description of what you want to happen. -->
+
+### Describe alternatives you've considered
+<!-- A clear and concise description of any alternative solutions or features you've considered. -->
+
+### Additional context
+<!-- Add any other context or screenshots about the feature request here. -->
diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md
index 5f29669..15c7ea5 100644
--- a/.github/pull_request_template.md
+++ b/.github/pull_request_template.md
@@ -1,8 +1,8 @@
-## Related Issue
-
+<!--- If there is no user issue related to this then you should remove the next line --->
 Addresses #
 
-<!--- Add release labels (eg. release/v0) for each target release --->
+<!--- Add release labels (eg. release/v2) for each target release --->
+<!--- Labels need to be added before PR is created for automation to run smoothly! --->
 
 ## Description
 
@@ -12,5 +12,6 @@ Addresses #
 
 <!--- Please describe how you verified this change or why testing isn't relevant. --->
 
-<!--- Does this change alter an interface that users of the provider will need to adjust to? Will there be any existing configurations broken by this change? If so, change the following line with an explanation. --->
+<!--- Does this change alter an interface that users of the provider will need to adjust to? --->
+<!--- Will there be any existing configurations broken by this change? If so, change the following line with an explanation. --->
 Not a breaking change.
diff --git a/.github/workflows/backport.yml b/.github/workflows/backport-issues.yml
similarity index 97%
rename from .github/workflows/backport.yml
rename to .github/workflows/backport-issues.yml
index da25bfc..d342444 100644
--- a/.github/workflows/backport.yml
+++ b/.github/workflows/backport-issues.yml
@@ -7,7 +7,7 @@ on:
 jobs:
   create-issue:
     runs-on: ubuntu-latest
-    if: ${{ startsWith(github.event.label.name, 'release/v') }}
+    if: ${{ startsWith(github.event.label.name, 'release/v') }} # only works for release labels
     steps:
       - name: Find and Verify PR Number
         uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 https://github.com/actions/github-script
diff --git a/.github/workflows/backport-pr-manual.yml b/.github/workflows/backport-pr-manual.yml
index de95aa8..c9127bc 100644
--- a/.github/workflows/backport-pr-manual.yml
+++ b/.github/workflows/backport-pr-manual.yml
@@ -93,7 +93,7 @@ jobs:
               execSync(`git config user.email "github-actions[bot]@users.noreply.github.com"`);
               execSync(`git fetch origin ${targetBranch}`);
               execSync(`git checkout -b ${newBranchName} origin/${targetBranch}`);
-              execSync(`git cherry-pick -x ${mergeCommitSha} -X theirs`);
+              execSync(`git cherry-pick --allow-empty -x ${mergeCommitSha} -X theirs`);
               execSync(`git push origin ${newBranchName}`);
 
               core.info(`Creating pull request for branch ${newBranchName} targeting ${targetBranch}...`);
diff --git a/.github/workflows/backport-prs.yml b/.github/workflows/backport-prs.yml
index 5f04ebc..41678e3 100644
--- a/.github/workflows/backport-prs.yml
+++ b/.github/workflows/backport-prs.yml
@@ -90,7 +90,7 @@ jobs:
               execSync(`git config user.email "github-actions[bot]@users.noreply.github.com"`);
               execSync(`git fetch origin ${targetBranch}`);
               execSync(`git checkout -b ${newBranchName} origin/${targetBranch}`);
-              execSync(`git cherry-pick -x ${mergeCommitSha} -X theirs`);
+              execSync(`git cherry-pick --allow-empty -x ${mergeCommitSha} -X theirs`);
               execSync(`git push origin ${newBranchName}`);
 
               core.info(`Creating pull request for branch ${newBranchName} targeting ${targetBranch}...`);
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 560198f..105e3e2 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -92,6 +92,7 @@ jobs:
       # If the e2e tests pass we automatically generate an RC release
       #   this shouldn't happen when the release PR is merged, only when it's opened or updated
       - name: Create and Push RC Tag with Git
+        id: create-push-rc-tag
         if: steps.release-please.outputs.pr && always() && (steps.run-unit-tests.conclusion == 'success') && (steps.run-acc-tests.conclusion == 'success')
         run: |
           BASE_VERSION=$(echo "$GITHUB_REF" | sed 's/refs\/heads\/release\///')
@@ -123,6 +124,8 @@ jobs:
           git tag "$NEXT_RC_TAG" -m "Release Candidate $NEXT_RC_TAG"
           git push origin "$NEXT_RC_TAG"
       - name: retrieve GPG Credentials
+        id: retrieve-gpg-credentials
+        if: steps.release-please.outputs.pr && always() && (steps.run-unit-tests.conclusion == 'success') && (steps.run-acc-tests.conclusion == 'success') && (steps.create-push-rc-tag.conclusion == 'success')
         uses: rancher-eio/read-vault-secrets@main
         with:
           secrets: |
@@ -130,6 +133,8 @@ jobs:
             secret/data/github/repo/${{ github.repository }}/signing/gpg privateKeyId | GPG_KEY_ID ;
             secret/data/github/repo/${{ github.repository }}/signing/gpg privateKey | GPG_KEY
       - name: import_gpg_key
+        id: import-gpg-key
+        if: steps.release-please.outputs.pr && always() && (steps.run-unit-tests.conclusion == 'success') && (steps.run-acc-tests.conclusion == 'success') && (steps.create-push-rc-tag.conclusion == 'success') && (steps.retrieve-gpg-credentials.conclusion == 'success')
         env:
           GPG_PASSPHRASE: ${{ env.GPG_PASSPHRASE }}
           GPG_KEY_ID: ${{ env.GPG_KEY_ID }}
@@ -149,6 +154,7 @@ jobs:
           echo "Importing gpg key"
           echo "${GPG_KEY}" | gpg --import --batch > /dev/null || { echo "Failed to import GPG key"; exit 1; }
       - name: Run GoReleaser
+        if: steps.release-please.outputs.pr && always() && (steps.run-unit-tests.conclusion == 'success') && (steps.run-acc-tests.conclusion == 'success') && (steps.create-push-rc-tag.conclusion == 'success') && (steps.retrieve-gpg-credentials.conclusion == 'success') && (steps.import-gpg-key.conclusion == 'success')
         uses: goreleaser/goreleaser-action@e435ccd777264be153ace6237001ef4d979d3a7a # v6.4.0 https://github.com/goreleaser/goreleaser-action
         with:
           args: release --clean --config .goreleaser_rc.yml
diff --git a/flake.lock b/flake.lock
index 9d777c6..a874f5a 100644
--- a/flake.lock
+++ b/flake.lock
@@ -20,11 +20,11 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1759070547,
-        "narHash": "sha256-JVZl8NaVRYb0+381nl7LvPE+A774/dRpif01FKLrYFQ=",
+        "lastModified": 1759417375,
+        "narHash": "sha256-O7eHcgkQXJNygY6AypkF9tFhsoDQjpNEojw3eFs73Ow=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "647e5c14cbd5067f44ac86b74f014962df460840",
+        "rev": "dc704e6102e76aad573f63b74c742cd96f8f1e6c",
         "type": "github"
       },
       "original": {