From 6468808ccd9023ea5565ffffc99dec52db05428f Mon Sep 17 00:00:00 2001 From: David Arthur Date: Wed, 11 Dec 2024 10:44:19 -0500 Subject: [PATCH 01/20] Auto approve Pull Request Review workflow based on label --- .github/workflows/README.md | 2 +- .../{ci-requested.yml => workflow-requested.yml} | 9 ++++++--- 2 files changed, 7 insertions(+), 4 deletions(-) rename .github/workflows/{ci-requested.yml => workflow-requested.yml} (90%) diff --git a/.github/workflows/README.md b/.github/workflows/README.md index 24116f32dd630..ec320987286a9 100644 --- a/.github/workflows/README.md +++ b/.github/workflows/README.md @@ -100,7 +100,7 @@ There are two files related to this workflow: * [pr-labeled.yml](pr-labeled.yml) approves a pending approval for PRs that have been labeled with `ci-approved` -* [ci-requested.yml](ci-requested.yml) approves future CI requests automatically +* [workflow-requested.yml](workflow-requested.yml) approves future workflow requests automatically if the PR has the `ci-approved` label _The pr-labeled.yml workflow includes pull_request_target!_ diff --git a/.github/workflows/ci-requested.yml b/.github/workflows/workflow-requested.yml similarity index 90% rename from .github/workflows/ci-requested.yml rename to .github/workflows/workflow-requested.yml index a1da6fa34a1f8..326e8848d8eb5 100644 --- a/.github/workflows/ci-requested.yml +++ b/.github/workflows/workflow-requested.yml @@ -13,15 +13,18 @@ # See the License for the specific language governing permissions and # limitations under the License. -name: CI Requested +name: Workflow Requested +# For pull_request and pull_request_review workflows, non-committers must have an explicit +# ci-approved label on their PR before a workflow will run. This workflow is responsible for +# automatically approving pending workflow requests. on: workflow_run: - workflows: [CI] + workflows: [CI, Pull Request Reviewed] types: - requested -run-name: CI Requested for ${{ github.event.workflow_run.display_title}} +run-name: Workflow requested for ${{ github.event.workflow_run.display_title}} jobs: check-pr-labels: From fd1f715ffce2a1f8f6e3b8f056c643e57d4fe11d Mon Sep 17 00:00:00 2001 From: David Arthur Date: Wed, 11 Dec 2024 11:10:30 -0500 Subject: [PATCH 02/20] include pull_request_review --- .github/workflows/workflow-requested.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/workflow-requested.yml b/.github/workflows/workflow-requested.yml index 326e8848d8eb5..9d53bbb0c551a 100644 --- a/.github/workflows/workflow-requested.yml +++ b/.github/workflows/workflow-requested.yml @@ -31,7 +31,7 @@ jobs: # Even though job conditionals are difficult to debug, this will reduce the number of unnecessary runs if: | github.event_name == 'workflow_run' && - github.event.workflow_run.event == 'pull_request' && + (github.event.workflow_run.event == 'pull_request' || github.event.workflow_run.event == 'pull_request_review') && github.event.workflow_run.status == 'completed' && github.event.workflow_run.conclusion == 'action_required' runs-on: ubuntu-latest From 24e55a938569575670cb86d97d60401cabc8c6e2 Mon Sep 17 00:00:00 2001 From: David Arthur Date: Wed, 11 Dec 2024 11:23:17 -0500 Subject: [PATCH 03/20] only check for ci-approved label in PRs --- .github/workflows/workflow-requested.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/workflow-requested.yml b/.github/workflows/workflow-requested.yml index 9d53bbb0c551a..7eeba9e69ff2e 100644 --- a/.github/workflows/workflow-requested.yml +++ b/.github/workflows/workflow-requested.yml @@ -46,6 +46,7 @@ jobs: persist-credentials: false - name: Check PR Labels + if: github.event.workflow_run.event == 'pull_request' env: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} REPO: ${{ github.repository }} From b554029b3577f0a3a6974757ed7850cb6eec0790 Mon Sep 17 00:00:00 2001 From: David Arthur Date: Wed, 11 Dec 2024 11:37:38 -0500 Subject: [PATCH 04/20] wip --- .github/workflows/workflow-requested.yml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/.github/workflows/workflow-requested.yml b/.github/workflows/workflow-requested.yml index 7eeba9e69ff2e..d65316c6ae594 100644 --- a/.github/workflows/workflow-requested.yml +++ b/.github/workflows/workflow-requested.yml @@ -45,6 +45,13 @@ jobs: with: persist-credentials: false + - name: Auto-approve PR Review + if: github.event.workflow_run.event == 'pull_request_review' + env: + RUN_ID: ${{ github.event.workflow_run.id }} + run: | + echo "PR_NUMBER=" >> "$GITHUB_ENV" + echo "RUN_ID=$RUN_ID" >> "$GITHUB_ENV" - name: Check PR Labels if: github.event.workflow_run.event == 'pull_request' env: From 7089307da957377d608c26c093777d32085185cd Mon Sep 17 00:00:00 2001 From: David Arthur Date: Mon, 16 Dec 2024 11:46:00 -0500 Subject: [PATCH 05/20] different approach --- .github/workflows/pr-reviewed.yml | 29 +++++++++-------------------- 1 file changed, 9 insertions(+), 20 deletions(-) diff --git a/.github/workflows/pr-reviewed.yml b/.github/workflows/pr-reviewed.yml index ea2a35f58e8c4..3d4716fcb9c5b 100644 --- a/.github/workflows/pr-reviewed.yml +++ b/.github/workflows/pr-reviewed.yml @@ -16,39 +16,28 @@ name: Remove Triage Label on: - workflow_run: - workflows: [Pull Request Reviewed] - types: - - completed + pull_request: + branches: + - trunk jobs: - # This job runs with elevated permissions and the ability to modify pull requests. The steps taken here - # should be limited to updating labels and adding comments to PRs. This approach is taken from - # https://securitylab.github.com/resources/github-actions-preventing-pwn-requests/. remove-triage: - if: ${{ github.event.workflow_run.conclusion == 'success' }} runs-on: ubuntu-latest steps: - name: Env run: printenv env: GITHUB_CONTEXT: ${{ toJson(github) }} - - uses: actions/download-artifact@v4 - with: - github-token: ${{ github.token }} - run-id: ${{ github.event.workflow_run.id }} - name: pr-number.txt - name: Remove label uses: actions/github-script@v7 continue-on-error: true with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | - var fs = require('fs'); - var pr_number = Number(fs.readFileSync('./pr-number.txt')); - await github.rest.issues.removeLabel({ - owner: context.repo.owner, - repo: context.repo.repo, - issue_number: pr_number, - name: 'triage' + github.paginate("GET /repos/{owner}/{repo}/issues", { + owner: "octokit", + repo: "rest.js", + }) + .then((issues) => { + console.log(issues); }); From 3a028f5214aa7e806180c8864e995f3c66fe6312 Mon Sep 17 00:00:00 2001 From: David Arthur Date: Mon, 16 Dec 2024 11:49:47 -0500 Subject: [PATCH 06/20] wip --- .github/workflows/pr-reviewed.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/pr-reviewed.yml b/.github/workflows/pr-reviewed.yml index 3d4716fcb9c5b..0edf704bc876b 100644 --- a/.github/workflows/pr-reviewed.yml +++ b/.github/workflows/pr-reviewed.yml @@ -34,9 +34,9 @@ jobs: with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | - github.paginate("GET /repos/{owner}/{repo}/issues", { - owner: "octokit", - repo: "rest.js", + github.paginate("GET /search/issues{?repo,label}", { + repo: "apache/kafka", + label: "triage" }) .then((issues) => { console.log(issues); From f592493ea5679c9437dece7bd02a14b2c9c482b4 Mon Sep 17 00:00:00 2001 From: David Arthur Date: Mon, 16 Dec 2024 11:51:34 -0500 Subject: [PATCH 07/20] wip --- .github/workflows/pr-reviewed.yml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/.github/workflows/pr-reviewed.yml b/.github/workflows/pr-reviewed.yml index 0edf704bc876b..bab37f381b5a6 100644 --- a/.github/workflows/pr-reviewed.yml +++ b/.github/workflows/pr-reviewed.yml @@ -34,9 +34,8 @@ jobs: with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | - github.paginate("GET /search/issues{?repo,label}", { - repo: "apache/kafka", - label: "triage" + github.paginate("GET /search/issues{?q}", { + q: "repo:apache/kafka label:triage" }) .then((issues) => { console.log(issues); From b08adb8b042ed9733cdb35f7c6123da4f50b650f Mon Sep 17 00:00:00 2001 From: David Arthur Date: Mon, 16 Dec 2024 11:59:04 -0500 Subject: [PATCH 08/20] wip --- .github/workflows/pr-reviewed.yml | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/.github/workflows/pr-reviewed.yml b/.github/workflows/pr-reviewed.yml index bab37f381b5a6..85dd3c8e9e7f4 100644 --- a/.github/workflows/pr-reviewed.yml +++ b/.github/workflows/pr-reviewed.yml @@ -35,8 +35,15 @@ jobs: github-token: ${{ secrets.GITHUB_TOKEN }} script: | github.paginate("GET /search/issues{?q}", { - q: "repo:apache/kafka label:triage" + q: "repo:apache/kafka label:triage is:pull-request" }) - .then((issues) => { - console.log(issues); + .then((pulls) => { + pulls.forEach(pull => { + val reviews = octokit.rest.pulls.listReviews({ + 'apache', + 'kafka', + pull.number, + }); + console.log("Pull " + pull.number + ": " + reviews); + }); }); From 33af7fd114cba501dc2f638dfe33ae7465ebff35 Mon Sep 17 00:00:00 2001 From: David Arthur Date: Mon, 16 Dec 2024 12:00:20 -0500 Subject: [PATCH 09/20] wip --- .github/workflows/pr-reviewed.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/pr-reviewed.yml b/.github/workflows/pr-reviewed.yml index 85dd3c8e9e7f4..9ed79ac5e3285 100644 --- a/.github/workflows/pr-reviewed.yml +++ b/.github/workflows/pr-reviewed.yml @@ -39,7 +39,7 @@ jobs: }) .then((pulls) => { pulls.forEach(pull => { - val reviews = octokit.rest.pulls.listReviews({ + val reviews = await octokit.rest.pulls.listReviews({ 'apache', 'kafka', pull.number, @@ -47,3 +47,4 @@ jobs: console.log("Pull " + pull.number + ": " + reviews); }); }); + \ No newline at end of file From 37d33b890bc295528c4fe29155d751d5ba0cf612 Mon Sep 17 00:00:00 2001 From: David Arthur Date: Mon, 16 Dec 2024 12:01:24 -0500 Subject: [PATCH 10/20] wip --- .github/workflows/pr-reviewed.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/pr-reviewed.yml b/.github/workflows/pr-reviewed.yml index 9ed79ac5e3285..81ce1fd019530 100644 --- a/.github/workflows/pr-reviewed.yml +++ b/.github/workflows/pr-reviewed.yml @@ -39,7 +39,7 @@ jobs: }) .then((pulls) => { pulls.forEach(pull => { - val reviews = await octokit.rest.pulls.listReviews({ + const reviews = await octokit.rest.pulls.listReviews({ 'apache', 'kafka', pull.number, @@ -47,4 +47,3 @@ jobs: console.log("Pull " + pull.number + ": " + reviews); }); }); - \ No newline at end of file From a94c14e6f2d59be695b378718366a59c24820bd8 Mon Sep 17 00:00:00 2001 From: David Arthur Date: Mon, 16 Dec 2024 12:01:53 -0500 Subject: [PATCH 11/20] wip --- .github/workflows/pr-reviewed.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pr-reviewed.yml b/.github/workflows/pr-reviewed.yml index 81ce1fd019530..b001fd34f4440 100644 --- a/.github/workflows/pr-reviewed.yml +++ b/.github/workflows/pr-reviewed.yml @@ -39,7 +39,7 @@ jobs: }) .then((pulls) => { pulls.forEach(pull => { - const reviews = await octokit.rest.pulls.listReviews({ + const reviews = octokit.rest.pulls.listReviews({ 'apache', 'kafka', pull.number, From d0c1cee84fe201565f2f9ae48ac42780af512663 Mon Sep 17 00:00:00 2001 From: David Arthur Date: Mon, 16 Dec 2024 12:03:29 -0500 Subject: [PATCH 12/20] wip --- .github/workflows/pr-reviewed.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pr-reviewed.yml b/.github/workflows/pr-reviewed.yml index b001fd34f4440..29e051b058dde 100644 --- a/.github/workflows/pr-reviewed.yml +++ b/.github/workflows/pr-reviewed.yml @@ -44,6 +44,6 @@ jobs: 'kafka', pull.number, }); - console.log("Pull " + pull.number + ": " + reviews); + console.log(reviews); }); }); From a6e62d362c70914d87db7c4022d63bef04e08bad Mon Sep 17 00:00:00 2001 From: David Arthur Date: Mon, 16 Dec 2024 12:05:51 -0500 Subject: [PATCH 13/20] wip --- .github/workflows/pr-reviewed.yml | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/.github/workflows/pr-reviewed.yml b/.github/workflows/pr-reviewed.yml index 29e051b058dde..cb8c254f02b35 100644 --- a/.github/workflows/pr-reviewed.yml +++ b/.github/workflows/pr-reviewed.yml @@ -39,10 +39,13 @@ jobs: }) .then((pulls) => { pulls.forEach(pull => { - const reviews = octokit.rest.pulls.listReviews({ - 'apache', - 'kafka', - pull.number, + await github.request('GET /repos/{owner}/{repo}/pulls/{pull_number}/reviews', { + owner: 'apache', + repo: 'kafka', + pull_number: pull.number, + headers: { + 'X-GitHub-Api-Version': '2022-11-28' + } }); console.log(reviews); }); From ed6421e6b2c45a5d85ac7692fddbe5b0dfafdec6 Mon Sep 17 00:00:00 2001 From: David Arthur Date: Mon, 16 Dec 2024 12:06:23 -0500 Subject: [PATCH 14/20] wip --- .github/workflows/pr-reviewed.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pr-reviewed.yml b/.github/workflows/pr-reviewed.yml index cb8c254f02b35..b459274c8c17e 100644 --- a/.github/workflows/pr-reviewed.yml +++ b/.github/workflows/pr-reviewed.yml @@ -39,7 +39,7 @@ jobs: }) .then((pulls) => { pulls.forEach(pull => { - await github.request('GET /repos/{owner}/{repo}/pulls/{pull_number}/reviews', { + github.request('GET /repos/{owner}/{repo}/pulls/{pull_number}/reviews', { owner: 'apache', repo: 'kafka', pull_number: pull.number, From 6efcebc5131ef4b926833eccd8339921e34286bd Mon Sep 17 00:00:00 2001 From: David Arthur Date: Mon, 16 Dec 2024 12:06:52 -0500 Subject: [PATCH 15/20] wip --- .github/workflows/pr-reviewed.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pr-reviewed.yml b/.github/workflows/pr-reviewed.yml index b459274c8c17e..f35b5b6a3c10d 100644 --- a/.github/workflows/pr-reviewed.yml +++ b/.github/workflows/pr-reviewed.yml @@ -39,7 +39,7 @@ jobs: }) .then((pulls) => { pulls.forEach(pull => { - github.request('GET /repos/{owner}/{repo}/pulls/{pull_number}/reviews', { + reviews = github.request('GET /repos/{owner}/{repo}/pulls/{pull_number}/reviews', { owner: 'apache', repo: 'kafka', pull_number: pull.number, From 48906b56b4a42ed1c026e2784b6c594dd7d3bfba Mon Sep 17 00:00:00 2001 From: David Arthur Date: Mon, 16 Dec 2024 12:09:08 -0500 Subject: [PATCH 16/20] wip --- .github/workflows/pr-reviewed.yml | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/.github/workflows/pr-reviewed.yml b/.github/workflows/pr-reviewed.yml index f35b5b6a3c10d..851f641775195 100644 --- a/.github/workflows/pr-reviewed.yml +++ b/.github/workflows/pr-reviewed.yml @@ -39,14 +39,15 @@ jobs: }) .then((pulls) => { pulls.forEach(pull => { - reviews = github.request('GET /repos/{owner}/{repo}/pulls/{pull_number}/reviews', { - owner: 'apache', - repo: 'kafka', + github.request("GET /repos/{owner}/{repo}/pulls/{pull_number}/reviews", { + owner: "apache", + repo: "kafka", pull_number: pull.number, headers: { - 'X-GitHub-Api-Version': '2022-11-28' + "X-GitHub-Api-Version": "2022-11-28" } + }).then((resp) => { + console.log(resp); }); - console.log(reviews); }); }); From 833efed1869e0ebd919d1d577d4af54325bb98f3 Mon Sep 17 00:00:00 2001 From: David Arthur Date: Mon, 16 Dec 2024 12:20:08 -0500 Subject: [PATCH 17/20] wip --- .github/workflows/pr-reviewed.yml | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/.github/workflows/pr-reviewed.yml b/.github/workflows/pr-reviewed.yml index 851f641775195..97bf01fd695f8 100644 --- a/.github/workflows/pr-reviewed.yml +++ b/.github/workflows/pr-reviewed.yml @@ -47,7 +47,16 @@ jobs: "X-GitHub-Api-Version": "2022-11-28" } }).then((resp) => { - console.log(resp); + console.log("Found ${resp.data.length} reviews."); + if (resp.data.length > 0) { + console.log("Removing 'triage' label from PR ${pull.number}"); + await github.rest.issues.removeLabel({ + owner: "apache", + repo: "kafka", + issue_number: pull.number, + name: "triage" + }); + } }); - }); + }); }); From 468851f9f796b54cc1a1bb9064dfdece4747d956 Mon Sep 17 00:00:00 2001 From: David Arthur Date: Mon, 16 Dec 2024 12:23:18 -0500 Subject: [PATCH 18/20] wip --- .github/workflows/pr-reviewed.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pr-reviewed.yml b/.github/workflows/pr-reviewed.yml index 97bf01fd695f8..26e8ae469826a 100644 --- a/.github/workflows/pr-reviewed.yml +++ b/.github/workflows/pr-reviewed.yml @@ -50,7 +50,7 @@ jobs: console.log("Found ${resp.data.length} reviews."); if (resp.data.length > 0) { console.log("Removing 'triage' label from PR ${pull.number}"); - await github.rest.issues.removeLabel({ + github.rest.issues.removeLabel({ owner: "apache", repo: "kafka", issue_number: pull.number, From 99cfcddaf84b7179350dd7833a6445d8e7a46289 Mon Sep 17 00:00:00 2001 From: David Arthur Date: Mon, 16 Dec 2024 12:41:51 -0500 Subject: [PATCH 19/20] wip --- .github/workflows/pr-reviewed.yml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/.github/workflows/pr-reviewed.yml b/.github/workflows/pr-reviewed.yml index 26e8ae469826a..52856927f04cc 100644 --- a/.github/workflows/pr-reviewed.yml +++ b/.github/workflows/pr-reviewed.yml @@ -39,6 +39,7 @@ jobs: }) .then((pulls) => { pulls.forEach(pull => { + console.log(pull); github.request("GET /repos/{owner}/{repo}/pulls/{pull_number}/reviews", { owner: "apache", repo: "kafka", @@ -47,9 +48,10 @@ jobs: "X-GitHub-Api-Version": "2022-11-28" } }).then((resp) => { - console.log("Found ${resp.data.length} reviews."); + console.log(resp); + console.log("Found " + resp.data.length + " reviews."); if (resp.data.length > 0) { - console.log("Removing 'triage' label from PR ${pull.number}"); + console.log("Removing 'triage' label from PR " + pull.number); github.rest.issues.removeLabel({ owner: "apache", repo: "kafka", From ca0bb39f67ea90b13f002b87aefa66503f1b17b8 Mon Sep 17 00:00:00 2001 From: David Arthur Date: Mon, 16 Dec 2024 13:00:47 -0500 Subject: [PATCH 20/20] fixup --- .github/workflows/README.md | 10 ++--- ...orkflow-requested.yml => ci-requested.yml} | 19 ++------- .github/workflows/pr-reviewed-trigger.yml | 42 ------------------- .github/workflows/pr-reviewed.yml | 13 +++--- 4 files changed, 14 insertions(+), 70 deletions(-) rename .github/workflows/{workflow-requested.yml => ci-requested.yml} (80%) delete mode 100644 .github/workflows/pr-reviewed-trigger.yml diff --git a/.github/workflows/README.md b/.github/workflows/README.md index ec320987286a9..29a72b188c05b 100644 --- a/.github/workflows/README.md +++ b/.github/workflows/README.md @@ -67,13 +67,11 @@ Unlike trunk, the PR builds _will_ utilize the Gradle cache. ### PR Triage In order to get the attention of committers, we have a triage workflow for Pull Requests -opened by non-committers. This workflow consists of three files: +opened by non-committers. This workflow consists of two files: -* [pr-update.yml](pr-update.yml) When a PR is created add the `triage` label if the PR +* [pr-update.yml](pr-update.yml) When a PR is created, add the `triage` label if the PR was opened by a non-committer. -* [pr-reviewed-trigger.yml](pr-reviewed-trigger.yml) Runs when any PR is reviewed. - Used as a trigger for the next workflow -* [pr-reviewed.yml](pr-reviewed.yml) Remove the `triage` label after a PR has been reviewed +* [pr-reviewed.yml](pr-reviewed.yml) Cron job to remove the `triage` label from PRs which have been reviewed _The pr-update.yml workflow includes pull_request_target!_ @@ -100,7 +98,7 @@ There are two files related to this workflow: * [pr-labeled.yml](pr-labeled.yml) approves a pending approval for PRs that have been labeled with `ci-approved` -* [workflow-requested.yml](workflow-requested.yml) approves future workflow requests automatically +* [ci-requested.yml](ci-requested.yml) approves future workflow requests automatically if the PR has the `ci-approved` label _The pr-labeled.yml workflow includes pull_request_target!_ diff --git a/.github/workflows/workflow-requested.yml b/.github/workflows/ci-requested.yml similarity index 80% rename from .github/workflows/workflow-requested.yml rename to .github/workflows/ci-requested.yml index d65316c6ae594..a1da6fa34a1f8 100644 --- a/.github/workflows/workflow-requested.yml +++ b/.github/workflows/ci-requested.yml @@ -13,25 +13,22 @@ # See the License for the specific language governing permissions and # limitations under the License. -name: Workflow Requested -# For pull_request and pull_request_review workflows, non-committers must have an explicit -# ci-approved label on their PR before a workflow will run. This workflow is responsible for -# automatically approving pending workflow requests. +name: CI Requested on: workflow_run: - workflows: [CI, Pull Request Reviewed] + workflows: [CI] types: - requested -run-name: Workflow requested for ${{ github.event.workflow_run.display_title}} +run-name: CI Requested for ${{ github.event.workflow_run.display_title}} jobs: check-pr-labels: # Even though job conditionals are difficult to debug, this will reduce the number of unnecessary runs if: | github.event_name == 'workflow_run' && - (github.event.workflow_run.event == 'pull_request' || github.event.workflow_run.event == 'pull_request_review') && + github.event.workflow_run.event == 'pull_request' && github.event.workflow_run.status == 'completed' && github.event.workflow_run.conclusion == 'action_required' runs-on: ubuntu-latest @@ -45,15 +42,7 @@ jobs: with: persist-credentials: false - - name: Auto-approve PR Review - if: github.event.workflow_run.event == 'pull_request_review' - env: - RUN_ID: ${{ github.event.workflow_run.id }} - run: | - echo "PR_NUMBER=" >> "$GITHUB_ENV" - echo "RUN_ID=$RUN_ID" >> "$GITHUB_ENV" - name: Check PR Labels - if: github.event.workflow_run.event == 'pull_request' env: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} REPO: ${{ github.repository }} diff --git a/.github/workflows/pr-reviewed-trigger.yml b/.github/workflows/pr-reviewed-trigger.yml deleted file mode 100644 index f089176ff4b23..0000000000000 --- a/.github/workflows/pr-reviewed-trigger.yml +++ /dev/null @@ -1,42 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one or more -# contributor license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright ownership. -# The ASF licenses this file to You under the Apache License, Version 2.0 -# (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -name: Pull Request Reviewed - -on: - pull_request_review: - types: - - submitted - -jobs: - # This job is a workaround for the fact that pull_request_review lacks necessary permissions to modify PRs. - # Also, there is no pull_request_target analog to pull_request_review. The approach taken here is taken from - # https://securitylab.github.com/resources/github-actions-preventing-pwn-requests/. - pr-review-trigger: - name: Reviewed - runs-on: ubuntu-latest - steps: - - name: Env - run: printenv - env: - GITHUB_CONTEXT: ${{ toJson(github) }} - - name: Capture PR Number - run: - echo ${{ github.event.pull_request.number }} >> pr-number.txt - - name: Archive Event - uses: actions/upload-artifact@v4 - with: - name: pr-number.txt - path: pr-number.txt diff --git a/.github/workflows/pr-reviewed.yml b/.github/workflows/pr-reviewed.yml index 52856927f04cc..d39a7abf0a0c5 100644 --- a/.github/workflows/pr-reviewed.yml +++ b/.github/workflows/pr-reviewed.yml @@ -16,9 +16,10 @@ name: Remove Triage Label on: - pull_request: - branches: - - trunk + workflow_dispatch: # Let us run manually + + schedule: + - cron: '0 3 * * *' # Run at 3:00 UTC nightly -- just before the "stale.yml" workflow jobs: remove-triage: @@ -39,7 +40,6 @@ jobs: }) .then((pulls) => { pulls.forEach(pull => { - console.log(pull); github.request("GET /repos/{owner}/{repo}/pulls/{pull_number}/reviews", { owner: "apache", repo: "kafka", @@ -48,10 +48,9 @@ jobs: "X-GitHub-Api-Version": "2022-11-28" } }).then((resp) => { - console.log(resp); - console.log("Found " + resp.data.length + " reviews."); + console.log("Found " + resp.data.length + " reviews for PR " + pull.number); if (resp.data.length > 0) { - console.log("Removing 'triage' label from PR " + pull.number); + console.log("Removing 'triage' label from PR " + pull.number + " : " + pull.title); github.rest.issues.removeLabel({ owner: "apache", repo: "kafka",