Test enforcing required reviewers with github action #3
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Enforce Required Reviewers | |
on: | |
pull_request: | |
types: | |
- opened | |
pull_request_review: | |
types: | |
- submitted | |
- dismissed | |
jobs: | |
enforce_required_reviewers: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v2 | |
with: | |
ref: ${{ github.head_ref }} | |
fetch-depth: 0 | |
- name: Check for changes in /src/Compute/ | |
id: check_changes | |
run: | | |
git fetch origin ${{ github.base_ref }} | |
git diff --name-only --diff-filter=d FETCH_HEAD..HEAD | grep '^src/Compute/' > /dev/null && echo "::set-output name=compute_changed::true" || echo "::set-output name=compute_changed::false" | |
- name: Enforce required reviewers approval | |
id: enforce_approval | |
if: steps.check_changes.outputs.compute_changed == 'true' | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
REQUIRED_REVIEWERS: 'Sandido,user2,user3' # Replace with the GitHub usernames of the required reviewers, separated by commas | |
run: | | |
PR_NUMBER=$(echo $GITHUB_REF | awk 'BEGIN { FS = "/" } ; { print $3 }') | |
APPROVED_REVIEWERS=$(gh pr view $PR_NUMBER --json reviews --jq '.reviews[].author.login') | |
REQUIRED_REVIEWERS_ARRAY=(${REQUIRED_REVIEWERS//,/ }) | |
APPROVAL_FOUND=false | |
for reviewer in "${REQUIRED_REVIEWERS_ARRAY[@]}"; do | |
if [[ $APPROVED_REVIEWERS == *"$reviewer"* ]]; then | |
APPROVAL_FOUND=true | |
break | |
fi | |
done | |
echo "::set-output name=approval_found::$APPROVAL_FOUND" | |
if [ "$APPROVAL_FOUND" = false ]; then | |
echo "error: At least one of the required reviewers ($REQUIRED_REVIEWERS) must approve the PR" >&2 | |
exit 1 | |
fi | |
- name: Post a comment when approval not found | |
if: steps.check_changes.outputs.compute_changed == 'true' && steps.enforce_approval.outputs.approval_found == 'false' | |
uses: actions/github-script@v5 | |
with: | |
script: | | |
const issue_number = context.issue.number; | |
const comment_body = "⚠️ The PR cannot be merged until at least one of the required reviewers (" + process.env.REQUIRED_REVIEWERS + ") approves the PR. Please wait for their approval."; | |
await github.rest.issues.createComment({ | |
owner: context.repo.owner, | |
repo: context.repo.repo, | |
issue_number: issue_number, | |
body: comment_body | |
}); |