-
Notifications
You must be signed in to change notification settings - Fork 13.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
KAFKA-17628 New workflows for automating run approvals #17290
KAFKA-17628 New workflows for automating run approvals #17290
Conversation
The build error is related to #17165 (comment) |
…-workflow-approvals
Here's a demo from my fork. Thanks to @apoorvmittal10 for testing this out :) PR: mumrah#22 When the PR was updated, the CI workflow run is created but needs approval. The CI Requested workflow the runs, examines the PR for the "ci-approval" label, then approves the run. |
The build error is fixed now, so getting the latest changes here should do. |
@mumrah should we consider dropping approve-workflows.py since this PR offers a better solution? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@mumrah thanks for this great patch!
RUN_ID: ${{ github.event.workflow_run.id }} | ||
HEAD_BRANCH: ${{ github.event.workflow_run.head_branch }} | ||
HEAD_REPO: ${{ github.event.workflow_run.head_repository.owner.login }} | ||
# Caution! This is a bit hacky. The GH documentation shows that the workflow_run event should include a list |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Could we switch to using pull_request_target
along with the synchronize
type to access github.event.number
from the GitHub context?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this might cause a race between the PR getting updated and the CI workflow being requested. By using "workflow_run" action "requested", we ensure the pending workflow exists.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this might cause a race between the PR getting updated and the CI workflow being requested. By using "workflow_run" action "requested", we ensure the pending workflow exists.
you are right
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM, but I left a small question in the comments
run: printenv | ||
env: | ||
GITHUB_CONTEXT: ${{ toJson(github) }} | ||
- name: Checkout code |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Does this job need to check out code?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I did try it without and the gh
command throws an error
run: printenv | ||
env: | ||
GITHUB_CONTEXT: ${{ toJson(github) }} | ||
- name: Checkout code |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ditto
This patch allows workflow runs to be controlled by the ci-approved label on Pull Requests. Rather than manually approving each workflow run explicitly, committers can now add the appropriate label and the new "CI Requested" and "PR Labeled" workflows will auto-approve the requested run. Reviewers: Chia-Ping Tsai <[email protected]>
This patch allows workflow runs to be controlled by the ci-approved label on Pull Requests. Rather than manually approving each workflow run explicitly, committers can now add the appropriate label and the new "CI Requested" and "PR Labeled" workflows will auto-approve the requested run. Reviewers: Chia-Ping Tsai <[email protected]>
This patch allows workflow runs to be controlled by the
ci-approved
label on Pull Requests. Rather than manually approving each workflow run explicitly, committers can now add the appropriate label and the new "CI Requested" and "PR Labeled" workflows will auto-approve the requested run.