Skip to content

Commit

Permalink
.github/workflows: Use tianocore-assign-reviewers [bot] app
Browse files Browse the repository at this point in the history
Add github actions to assign reviewers to a PR and verify
that any updates to CODEOWNERS, REVIEWERS or Maintainers.txt
are in sync.

Update workflow to generate a token so the assign reviewers
action runs with the name and permissions of the
tianocore-assign-reviewers [bot] application.

Signed-off-by: Michael D Kinney <[email protected]>
  • Loading branch information
mdkinney committed Nov 7, 2023
1 parent 7ec0b93 commit 2798217
Show file tree
Hide file tree
Showing 3 changed files with 192 additions and 0 deletions.
32 changes: 32 additions & 0 deletions .github/workflows/AssignReviewers.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
## @file
# Assign reviewers from a REVIEWERS file using CODEOWNERS syntax
#
# Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
# SPDX-License-Identifier: BSD-2-Clause-Patent
##

name: Assign reviewers from a REVIEWERS file using CODEOWNERS syntax

on:
pull_request_target:
types: [opened, synchronize, reopened, ready_for_review]
branches:
- 'master'

jobs:
assign_reviewers:
if: github.event.pull_request.draft == false
runs-on: ubuntu-latest
steps:
- name: Checkout Pull Request Target
uses: actions/checkout@v2
- name: Get Token
id: get_workflow_token
uses: peter-murray/workflow-application-token-action@v1
with:
application_id: ${{ secrets.APPLICATION_ID }}
application_private_key: ${{ secrets.APPLICATION_PRIVATE_KEY }}
organization: tianocore
- uses: mdkinney/github-action-assign-reviewers@main
with:
token: ${{ steps.get_workflow_token.outputs.token }}
39 changes: 39 additions & 0 deletions .github/workflows/CheckCodeOwnerFiles.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
## @file
# Check CODEOWNERS coverage of all files in PR
#
# Only run this check if one or more files modified in the PR
# are not CODEOWNERS, REVIEWERS, or Maintainers.txt.
#
# Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
# SPDX-License-Identifier: BSD-2-Clause-Patent
##

name: Check CODEOWNERS coverage of all files in PR

on:
pull_request:
types: [opened, synchronize, reopened, ready_for_review]
branches:
- 'master'
paths-ignore:
- 'CODEOWNERS'
- 'docs/CODEOWNERS'
- '.github/CODEOWNERS'
- 'REVIEWERS'
- 'docs/REVIEWERS'
- '.github/REVIEWERS'
- 'Maintainers.txt'

jobs:
codeowners_files_validator:
if: github.event.pull_request.draft == false
runs-on: ubuntu-latest
steps:
- name: Checkout Pull Request
uses: actions/checkout@v2
- name: CODEOWNERS Validator
uses: mszostok/[email protected]
with:
checks: "files"
experimental_checks: "notowned"
github_access_token: ${{secrets.GITHUB_TOKEN}}
121 changes: 121 additions & 0 deletions .github/workflows/CheckCodeOwnerMaintainers.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,121 @@
## @file
# Check CODEOWNERS, REVIEWERS, and Maintainers.txt files.
#
# Only run this check if any of the files modified in the PR
# are CODEOWNERS, REVIEWERS, or Maintainers.txt.
#
# This workflow uses pull_request_target to support passing in
# github_access_token that is not available for pull_request.
# The checkout action checks out the head of the PR. In this
# specific workflow, this is safe because there are no dependencies
# on any files other that this .yml file and known external actions.
#
# Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
# SPDX-License-Identifier: BSD-2-Clause-Patent
##

name: Check CODEOWNERS, REVIEWERS, and Maintainers.txt files

on:
pull_request_target:
types: [opened, synchronize, reopened, ready_for_review]
branches:
- 'master'
paths:
- 'CODEOWNERS'
- 'docs/CODEOWNERS'
- '.github/CODEOWNERS'
- 'REVIEWERS'
- 'docs/REVIEWERS'
- '.github/REVIEWERS'
- 'Maintainers.txt'

jobs:
check_codeowners_maintainers:
if: github.event.pull_request.draft == false
runs-on: ubuntu-latest
steps:
- name: Checkout Pull Request
uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Check CODEOWNERS, REVIEWERS, and Maintainers.txt files
uses: mdkinney/github-action-check-codeowners-maintainers@main
with:
token: ${{secrets.GITHUB_TOKEN}}

codeowners_validator_user:
if: github.event.pull_request.draft == false && github.event.pull_request.base.user.type == 'User'
runs-on: ubuntu-latest
steps:
- name: Checkout Pull Request
uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: CODEOWNERS Validator
uses: mszostok/[email protected]
with:
checks: "files,duppatterns,syntax"
experimental_checks: "notowned,avoid-shadowing"
github_access_token: "${{ secrets.GITHUB_TOKEN }}"

codeowners_validator_organization:
if: github.event.pull_request.draft == false && github.event.pull_request.base.user.type == 'Organization'
runs-on: ubuntu-latest
steps:
- name: Checkout Pull Request
uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: CODEOWNERS Validator
uses: mszostok/[email protected]
with:
checks: "files,owners,duppatterns,syntax"
experimental_checks: "notowned,avoid-shadowing"
github_access_token: "${{ secrets.CODEOWNERS_VALIDATOR_TOKEN }}"

reviewers_validator_user:
if: github.event.pull_request.draft == false && github.event.pull_request.base.user.type == 'User'
runs-on: ubuntu-latest
steps:
- name: Checkout Pull Request
uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Copy REVIEWERS to CODEOWNERS
run: |
[[ -e CODEOWNERS ]] && rm CODEOWNERS
[[ -e docs/CODEOWNERS ]] && rm docs/CODEOWNERS
[[ -e .github/CODEOWNERS ]] && rm .github/CODEOWNERS
[[ -e REVIEWERS ]] && cp REVIEWERS CODEOWNERS
[[ -e docs/REVIEWERS ]] && cp docs/REVIEWERS docs/CODEOWNERS
[[ -e .github/REVIEWERS ]] && cp .github/REVIEWERS .github/CODEOWNERS
- name: REVIEWERS Validator
uses: mszostok/[email protected]
with:
checks: "files,duppatterns,syntax"
experimental_checks: "avoid-shadowing"
github_access_token: "${{ secrets.GITHUB_TOKEN }}"

reviewers_validator_organization:
if: github.event.pull_request.draft == false && github.event.pull_request.base.user.type == 'Organization'
runs-on: ubuntu-latest
steps:
- name: Checkout Pull Request
uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Copy REVIEWERS to CODEOWNERS
run: |
[[ -e CODEOWNERS ]] && rm CODEOWNERS
[[ -e docs/CODEOWNERS ]] && rm docs/CODEOWNERS
[[ -e .github/CODEOWNERS ]] && rm .github/CODEOWNERS
[[ -e REVIEWERS ]] && cp REVIEWERS CODEOWNERS
[[ -e docs/REVIEWERS ]] && cp docs/REVIEWERS docs/CODEOWNERS
[[ -e .github/REVIEWERS ]] && cp .github/REVIEWERS .github/CODEOWNERS
- name: REVIEWERS Validator
uses: mszostok/[email protected]
with:
checks: "files,owners,duppatterns,syntax"
experimental_checks: "avoid-shadowing"
github_access_token: "${{ secrets.CODEOWNERS_VALIDATOR_TOKEN }}"

0 comments on commit 2798217

Please sign in to comment.