Skip to content

Commit 28d5dc9

Browse files
strantalisalkalescent
strantalis
authored and
alkalescent
committed
chore(ci): add label workflow (#2003)
### Proposed Changes Adding label workflow which has one job at this time and that is to label pull requests with `external-contributor` if the user opening the pull request is not a member of the org. This workflow keys off of `author_associations` from the pull request context. Best [link](https://docs.github.com/en/graphql/reference/enums#commentauthorassociation) that I could find to describe each association Also adds the following actions - https://github.com/CodelyTV/pr-size-labeler - https://github.com/actions/labeler ### Checklist - [ ] I have added or updated unit tests - [ ] I have added or updated integration tests (if appropriate) - [ ] I have added or updated documentation ### Testing Instructions
1 parent a17c554 commit 28d5dc9

File tree

2 files changed

+151
-0
lines changed

2 files changed

+151
-0
lines changed

.github/labeler.yml

Lines changed: 48 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,48 @@
1+
docs:
2+
- changed-files:
3+
- any-glob-to-any-file:
4+
- 'docs/**/*'
5+
comp:sdk:
6+
- changed-files:
7+
- any-glob-to-any-file:
8+
- 'sdk/**/*'
9+
comp:ci:
10+
- changed-files:
11+
- any-glob-to-any-file:
12+
- '.github/**/*'
13+
comp:db:
14+
- changed-files:
15+
- any-glob-to-any-file:
16+
- 'service/policy/db/**/*'
17+
comp:kas:
18+
- changed-files:
19+
- any-glob-to-any-file:
20+
- 'service/kas/**'
21+
comp:policy:
22+
- changed-files:
23+
- any-glob-to-any-file:
24+
- 'service/policy/**/*'
25+
comp:authorization:
26+
- changed-files:
27+
- any-glob-to-any-file:
28+
- 'service/authorization/**/*'
29+
comp:examples:
30+
- changed-files:
31+
- any-glob-to-any-file:
32+
- 'examples/**/*'
33+
comp:lib:fixtures:
34+
- changed-files:
35+
- any-glob-to-any-file:
36+
- 'lib/fixtures/**/*'
37+
comp:lib:flattening:
38+
- changed-files:
39+
- any-glob-to-any-file:
40+
- 'lib/flattening/**/*'
41+
comp:lib:ocrypto:
42+
- changed-files:
43+
- any-glob-to-any-file:
44+
- 'lib/ocrypto/**/*'
45+
comp:middleware:auth:
46+
- changed-files:
47+
- any-glob-to-any-file:
48+
- 'service/internal/auth/**/*'

.github/workflows/label.yaml

Lines changed: 103 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,103 @@
1+
name: Label Pull Requests
2+
3+
on:
4+
pull_request_target: # zizmor: ignore[dangerous-triggers] this is needed to label PRs from forks
5+
types:
6+
- opened
7+
- reopened
8+
- unlabeled
9+
10+
permissions: {}
11+
12+
jobs:
13+
labeler:
14+
permissions:
15+
contents: read
16+
pull-requests: write
17+
runs-on: ubuntu-latest
18+
steps:
19+
- uses: actions/labeler@8558fd74291d67161a8a78ce36a881fa63b766a9 # v5.0.0
20+
21+
size-pr:
22+
permissions:
23+
contents: read
24+
pull-requests: write
25+
runs-on: ubuntu-latest
26+
name: Label the PR size
27+
steps:
28+
- uses: codelytv/pr-size-labeler@1c3422395d899286d5ee2c809fd5aed264d5eb9b # v1.10.2
29+
with:
30+
files_to_ignore: |
31+
"protocol/**/*"
32+
"docs/**/*"
33+
34+
external-contributor:
35+
permissions:
36+
pull-requests: write
37+
runs-on: ubuntu-latest
38+
steps:
39+
- name: Check Author Association and Label PR
40+
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea #v7.0.1
41+
with:
42+
github-token: ${{ secrets.GITHUB_TOKEN }}
43+
script: |
44+
const pr = context.payload.pull_request;
45+
if (!pr) {
46+
core.error("Could not get PR from context");
47+
return;
48+
}
49+
50+
// Define associations considered "internal"
51+
const internalAssociations = ["MEMBER"];
52+
53+
// Label to add if the author is external
54+
const externalLabel = "external-contributor";
55+
56+
const authorAssociation = pr.author_association;
57+
const isExternal = !internalAssociations.includes(authorAssociation);
58+
59+
const prLabels = pr.labels.map(label => label.name);
60+
const hasExternalLabel = prLabels.includes(externalLabel);
61+
62+
core.info(`Event: ${context.eventName}, Action: ${context.payload.action}`);
63+
core.info(`Author: ${pr.user.login}, Association: ${authorAssociation}, Is External: ${isExternal}`);
64+
core.info(`Current PR Labels: ${prLabels.join(', ')}`);
65+
66+
// Logic for 'unlabeled' event: only re-add if *our* label was removed and author is still external
67+
if (context.eventName === 'pull_request_target' && context.payload.action === 'unlabeled') {
68+
const removedLabel = context.payload.label.name;
69+
core.info(`Label removed: ${removedLabel}`);
70+
if (removedLabel === externalLabel && isExternal) {
71+
core.info(`External label was removed, author is still external. Re-adding label: ${externalLabel}`);
72+
await github.rest.issues.addLabels({
73+
owner: context.repo.owner,
74+
repo: context.repo.repo,
75+
issue_number: pr.number,
76+
labels: [externalLabel]
77+
});
78+
core.info(`Label "${externalLabel}" re-added successfully.`);
79+
} else {
80+
core.info(`Removed label was not the external label or author is not external. No action needed for unlabeled event.`);
81+
}
82+
}
83+
// Logic for 'opened' or 'reopened' events: add label if external and not already present
84+
else if (['opened', 'reopened'].includes(context.payload.action)) {
85+
if (isExternal && !hasExternalLabel) {
86+
core.info(`Author association "${authorAssociation}" is external and label is missing. Adding label: ${externalLabel}`);
87+
await github.rest.issues.addLabels({
88+
owner: context.repo.owner,
89+
repo: context.repo.repo,
90+
issue_number: pr.number,
91+
labels: [externalLabel]
92+
});
93+
core.info(`Label "${externalLabel}" added successfully.`);
94+
} else if (isExternal && hasExternalLabel) {
95+
core.info(`Author is external, but label "${externalLabel}" is already present.`);
96+
} else {
97+
if (hasExternalLabel) {
98+
core.warning(`Author association "${authorAssociation}" is internal. However, external contributor label is present.`)
99+
} else {
100+
core.info(`Author association "${authorAssociation}" is internal. No label added.`)
101+
}
102+
}
103+
}

0 commit comments

Comments
 (0)