Auto approve #6449
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Auto approve | |
on: | |
workflow_run: | |
workflows: ["test"] | |
types: | |
- completed | |
jobs: | |
approve: | |
name: "Approve PR" | |
runs-on: ubuntu-20.04 | |
if: > | |
github.event.workflow_run.event == 'pull_request' && | |
github.event.workflow_run.conclusion == 'success' | |
permissions: | |
# Needed by gh workflow run | |
actions: write | |
# Needed by hmarr/auto-approve-action@v3 | |
pull-requests: write | |
steps: | |
# Currently there is no way to get the pull request number from the event payload in a workflow_run event. | |
# We save it in the 'test' workflow. | |
# This first step extracts it. | |
# More information about it: | |
# https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#using-data-from-the-triggering-workflow | |
# https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ | |
# Current limitation: | |
# As of 2023-05-18, https://github.com/actions/download-artifact cannot download artifacts across workflows. | |
# As a result, have to use the script GitHub provides to download the artifact. | |
- name: 'Download PR number' | |
uses: actions/[email protected] | |
with: | |
script: | | |
console.log("Starting to list artifacts"); | |
var artifacts = await github.actions.listWorkflowRunArtifacts({ | |
owner: context.repo.owner, | |
repo: context.repo.repo, | |
run_id: context.payload.workflow_run.id, | |
}); | |
console.log("Filtering artifacts"); | |
var matchArtifact = artifacts.data.artifacts.filter((artifact) => { | |
return artifact.name == "pr_number" | |
})[0]; | |
console.log("Downloading artifacts"); | |
var download = await github.actions.downloadArtifact({ | |
owner: context.repo.owner, | |
repo: context.repo.repo, | |
artifact_id: matchArtifact.id, | |
archive_format: 'zip', | |
}); | |
console.log("Writing artifacts to disk"); | |
var fs = require('fs'); | |
fs.writeFileSync('${{github.workspace}}/pr.zip', Buffer.from(download.data)); | |
- run: unzip pr.zip | |
- name: Get the PR value and set it in the environment | |
run: | | |
echo "PR_NUMBER=$(<pr_number.txt)" >> "$GITHUB_ENV" | |
echo "Set PR_NUMBER to $PR_NUMBER" | |
- uses: hmarr/auto-approve-action@v3 | |
with: | |
pull-request-number: ${{ env.PR_NUMBER }} | |
- run: gh workflow run "automerge" -f prNumber=${{ env.PR_NUMBER }} --repo ${GITHUB_REPOSITORY} | |
env: | |
GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" |