Skip to content

Enforce Required Reviewers #6

Enforce Required Reviewers

Enforce Required Reviewers #6

name: Enforce Required Reviewers
on:
pull_request:
pull_request_review:
jobs:
enforce_required_reviewers:
runs-on: ubuntu-latest
steps:
- name: Print Env Variables
shell: pwsh
env:
PR_NO: ${{github.event.number}}
run: |
dir env:
Write-Host "---------------------------------"
Write-Host "PR_NO" $env:PR_NO
- name: Dump GitHub context
env:
GITHUB_CONTEXT: ${{ toJson(github) }}
run: echo "$GITHUB_CONTEXT"
- name: Dump job context
env:
JOB_CONTEXT: ${{ toJson(job) }}
run: echo "$JOB_CONTEXT"
- name: Dump steps context
env:
STEPS_CONTEXT: ${{ toJson(steps) }}
run: echo "$STEPS_CONTEXT"
- name: Dump runner context
env:
RUNNER_CONTEXT: ${{ toJson(runner) }}
run: echo "$RUNNER_CONTEXT"
- name: Dump strategy context
env:
STRATEGY_CONTEXT: ${{ toJson(strategy) }}
run: echo "$STRATEGY_CONTEXT"
- name: Dump matrix context
env:
MATRIX_CONTEXT: ${{ toJson(matrix) }}
run: echo "$MATRIX_CONTEXT"
- name: Checkout repository
uses: actions/checkout@v2
with:
ref: ${{ github.head_ref }}
fetch-depth: 0
- name: Check for changes in /test1/
id: check_changes
run: |
git fetch origin ${{ github.base_ref }}
git diff --name-only --diff-filter=d FETCH_HEAD..HEAD | grep '^test1/' > /dev/null && echo "::set-output name=compute_changed::true" || echo "::set-output name=compute_changed::false"
- name: Get required reviewers from CODEOWNERS file
id: get_reviewers
run: |
REQUIRED_REVIEWERS=$(grep '/test1/' .github/CODEOWNERS | awk -F' ' '{for (i=3; i<=NF; i++) printf "%s ", substr($i, 2)}')
echo "::set-output name=required_reviewers::$REQUIRED_REVIEWERS"
- name: Enforce required reviewers approval
if: steps.check_changes.outputs.compute_changed == 'true'
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
PR_NUMBER=$(echo $GITHUB_REF | awk 'BEGIN { FS = "/" } ; { print $3 }')
REQUIRED_REVIEWERS="${{ steps.get_reviewers.outputs.required_reviewers }}"
APPROVED_REVIEWERS=$(gh pr view $PR_NUMBER --json reviews --jq '.reviews[].author.login')
REQUIRED_REVIEWERS_ARRAY=(${REQUIRED_REVIEWERS//,/ })
APPROVAL_FOUND=false
for reviewer in "${REQUIRED_REVIEWERS_ARRAY[@]}"; do
if [[ $APPROVED_REVIEWERS == *"$reviewer"* ]]; then
APPROVAL_FOUND=true
break
fi
done
if [ "$APPROVAL_FOUND" = false ]; then
echo "error: At least one of the required reviewers ($REQUIRED_REVIEWERS) must approve the PR" >&2
exit 1
fi