Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

CI: Add workflow for author approved label #98815

Merged
merged 11 commits into from
Jan 29, 2024
Merged

CI: Add workflow for author approved label #98815

Changes from all commits
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
de38cb2
add workflow for author approved label
ericphanson Jan 13, 2024
0339249
add token/repo
ericphanson Jan 13, 2024
144bb85
Update .github/workflows/author_approval.yml
ericphanson Jan 14, 2024
296da4f
fixes from testing in other repo
ericphanson Jan 14, 2024
e73a2c3
rename
ericphanson Jan 14, 2024
4c94f6c
Update .github/workflows/author_approval.yml
ericphanson Jan 16, 2024
2f49d9c
Update author_approval.yml
ericphanson Jan 27, 2024
18ecf40
Apply suggestions from code review
ericphanson Jan 29, 2024
8335718
Apply suggestions from code review
ericphanson Jan 29, 2024
cc43357
Update .github/workflows/author_approval.yml
ericphanson Jan 29, 2024
9d1fd49
Update .github/workflows/author_approval.yml
ericphanson Jan 29, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
49 changes: 49 additions & 0 deletions .github/workflows/author_approval.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,49 @@
name: Author Approval Label
on:
issue_comment:
types: [created]

jobs:
label:
permissions:
# We need `write` permissions on `pull-requests` in order to be able to
# add/remove labels from PRs. As far as we can tell, there is no narrower
# permission that we can use.
pull-requests: write
ericphanson marked this conversation as resolved.
Show resolved Hide resolved
ericphanson marked this conversation as resolved.
Show resolved Hide resolved
runs-on: ubuntu-latest
# Run on comments that are satisfy all of the following:
# 1) on PRs, not issues,
# 2) not from bot users
# 3) include the string "[merge approved]"
# If so, we will do the work to check that the commenter is the package author,
# and conditionally apply the author-approved label.
# note: `[merge approved]` here is NOT case-sensitive, see https://docs.github.com/en/actions/learn-github-actions/expressions#contains
if: ${{ github.event.issue.pull_request && github.event.issue.user.type != 'Bot' && contains(github.event.comment.body, '[merge approved]') }}
steps:
- name: Verify package author
id: verify-author
env:
# We use an env variable, not direct interpolation into the script, for security:
# https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-an-intermediate-environment-variable
PR_BODY: ${{ github.event.issue.body }}
ericphanson marked this conversation as resolved.
Show resolved Hide resolved
COMMENTER: ${{ github.event.comment.user.login }}
shell: julia --compile=min --optimize=0 --color=yes {0}
run: |
m = match(r"Created by: @([A-Za-z0-9]*+)(?:$|\n)", ENV["PR_BODY"])
verified = !isnothing(m) && m[1] == ENV["COMMENTER"]
println("Matched user: ", m === nothing ? nothing : m[1])
println("Commenter: ", ENV["COMMENTER"])
println("Verified: ", verified)
open(ENV["GITHUB_OUTPUT"], "a") do io
println(io, "verified=$verified")
end
- name: Add label
if: ${{ steps.verify-author.outputs.verified == 'true' }}
env:
PR_NUM: ${{ github.event.issue.number }}
# We cannot use `${{ secrets.GITHUB_TOKEN }}` here, because
# if we use `GITHUB_TOKEN` here, then the "label created" event
# will not trigger any further GitHub Actions.
GH_TOKEN: ${{ secrets.TAGBOT_TOKEN }}
GH_REPO: ${{ github.repository }}
run: gh pr edit "${PR_NUM:?}" --add-label "Override AutoMerge: package author approved"
Loading