ARF-86023: Handle in progress forms for representative users #6192
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Pull Request Ready for Review | |
on: | |
pull_request: | |
types: [labeled, unlabeled, synchronize, ready_for_review, review_requested] | |
workflow_run: | |
workflows: ["Code Checks", "Check CODEOWNERS Entries", "Code Health Report"] | |
types: [completed] | |
jobs: | |
ready_for_review: | |
permissions: write-all | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Configure AWS Credentials | |
uses: aws-actions/[email protected] | |
with: | |
aws-access-key-id: ${{ secrets.aws_access_key_id }} | |
aws-secret-access-key: ${{ secrets.aws_secret_access_key }} | |
aws-region: "us-gov-west-1" | |
- name: Get bot token from Parameter Store | |
uses: marvinpinto/action-inject-ssm-secrets@latest | |
with: | |
ssm_parameter: /devops/VA_VSP_BOT_GITHUB_TOKEN | |
env_variable_name: VA_VSP_BOT_GITHUB_TOKEN | |
- name: Audit PR Labels | |
id: audit_pr_labels | |
if: | | |
!contains(github.event.pull_request.labels.*.name, 'code-health-failure') && | |
!contains(github.event.pull_request.labels.*.name, 'codeowners-addition-failure') && | |
!contains(github.event.pull_request.labels.*.name, 'codeowners-delete-failure') && | |
!contains(github.event.pull_request.labels.*.name, 'lint-failure') && | |
!contains(github.event.pull_request.labels.*.name, 'test-failure') | |
run: | | |
echo "no_failures=true" >> $GITHUB_OUTPUT | |
- name: Audit Test Passing Label | |
id: audit_passing_labels | |
if: | | |
contains(github.event.pull_request.labels.*.name, 'test-passing') | |
run: | | |
echo "ready_for_review=true" >> $GITHUB_OUTPUT | |
- name: Check backend-review-group approval status | |
if: contains(github.event.pull_request.labels.*.name, 'require-backend-approval') | |
id: check_backend_review_group_approval_status | |
uses: octokit/[email protected] | |
with: | |
route: GET /repos/${{ github.repository }}/pulls/${{ github.event.pull_request.number }}/reviews | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- name: Get backend-review-group members | |
if: contains(github.event.pull_request.labels.*.name, 'require-backend-approval') | |
id: get_team_members | |
uses: octokit/[email protected] | |
with: | |
route: GET /orgs/department-of-veterans-affairs/teams/backend-review-group/members | |
env: | |
GITHUB_TOKEN: ${{ env.VA_VSP_BOT_GITHUB_TOKEN }} | |
- name: Verify backend-review-group approval | |
if: contains(github.event.pull_request.labels.*.name, 'require-backend-approval') | |
id: verify_approval | |
run: | | |
BACKEND_REVIEWERS=$(echo '${{ steps.get_team_members.outputs.data }}' | jq -r '.[].login' | tr '\n' '|' | sed 's/|$//') | |
APPROVALS=$(echo '${{ steps.check_backend_review_group_approval_status.outputs.data }}' | jq -r '.[] | select(.state == "APPROVED") | .user.login' | grep -iE "$BACKEND_REVIEWERS" | wc -l) | |
echo "Number of backend-review-group approvals: $APPROVALS" | |
if [ "$APPROVALS" -eq 0 ]; then | |
echo "approval_status=required" >> $GITHUB_OUTPUT | |
else | |
echo "approval_status=confirmed" >> $GITHUB_OUTPUT | |
fi | |
# Add ready-for-backend-review when all checks are passing and approval | |
- name: Add Review label | |
uses: actions-ecosystem/action-add-labels@v1 | |
if: | | |
steps.audit_passing_labels.outputs.ready_for_review == 'true' && | |
steps.audit_pr_labels.outputs.no_failures == 'true' && | |
steps.verify_approval.outputs.approval_status == 'required' | |
with: | |
number: ${{ github.event.pull_request.number }} | |
labels: | | |
ready-for-backend-review | |
- name: Remove Review label | |
uses: actions-ecosystem/action-remove-labels@v1 | |
if: | | |
contains(github.event.pull_request.labels.*.name, 'ready-for-backend-review') && | |
steps.audit_passing_labels.outputs.ready_for_review != 'true' || | |
steps.audit_pr_labels.outputs.no_failures != 'true' || | |
steps.verify_approval.outputs.approval_status == 'confirmed' | |
with: | |
number: ${{ github.event.pull_request.number }} | |
labels: | | |
ready-for-backend-review |