From 62885aaaaef194c4fab9937b5aa38f83b1802634 Mon Sep 17 00:00:00 2001 From: Sayan Mallick Date: Tue, 1 Oct 2024 11:24:58 +0530 Subject: [PATCH 1/2] updated branchtest to skip approval for contibutors and authors --- .github/workflows/branchtest.yml | 39 ++++++++++++++++++++++++++------ 1 file changed, 32 insertions(+), 7 deletions(-) diff --git a/.github/workflows/branchtest.yml b/.github/workflows/branchtest.yml index 998f27919..aaca09caa 100644 --- a/.github/workflows/branchtest.yml +++ b/.github/workflows/branchtest.yml @@ -1,19 +1,41 @@ name: Deploy and Test Branch on: + pull_request_review: + types: [submitted] + pull_request: + types: [opened, synchronize, reopened] + pull_request_target: + types: [opened, synchronize, reopened] workflow_dispatch: inputs: branch: description: 'Branch to deploy and test' required: true default: 'develop' - pull_request: - types: [opened, synchronize, reopened] - branches: [develop] jobs: + check-pr-approval: + runs-on: ubuntu-latest + if: github.event_name == 'pull_request_review' || github.event_name == 'pull_request' || github.event_name == 'pull_request_target' + outputs: + approved: ${{ steps.check.outputs.approved }} + steps: + - name: Check if PR is approved or author is a contributor + id: check + run: | + if [[ "${{ github.event.review.state }}" == "approved" ]] || \ + [[ "${{ github.event_name }}" == "pull_request_target" && "${{ github.event.pull_request.state }}" == "open" ]] || \ + [[ "${{ github.event_name }}" == "pull_request" && "${{ github.event.pull_request.author_association }}" =~ ^(OWNER|MEMBER|COLLABORATOR)$ ]]; then + echo "approved=true" >> $GITHUB_OUTPUT + else + echo "approved=false" >> $GITHUB_OUTPUT + fi + skip-check: runs-on: ubuntu-latest + needs: [check-pr-approval] + if: github.event_name == 'workflow_dispatch' || needs.check-pr-approval.outputs.approved == 'true' outputs: skip: ${{ steps.skip.outputs.skip }} steps: @@ -24,8 +46,8 @@ jobs: getbranch: runs-on: ubuntu-latest - needs: skip-check - if: ${{ needs.skip-check.outputs.skip != 'true' }} + needs: [skip-check, check-pr-approval] + if: (needs.skip-check.outputs.skip != 'true') && (github.event_name == 'workflow_dispatch' || needs.check-pr-approval.outputs.approved == 'true') outputs: netclientbranch: ${{ steps.getbranch.outputs.netclientbranch }} netmakerbranch: ${{ steps.getbranch.outputs.netmakerbranch }} @@ -37,14 +59,16 @@ jobs: echo "NETMAKER_BRANCH=${{ github.event.inputs.branch }}" >> $GITHUB_ENV echo "NETCLIENT_BRANCH=${{ github.event.inputs.branch }}" >> $GITHUB_ENV else - echo "NETMAKER_BRANCH=${{ github.head_ref }}" >> $GITHUB_ENV + echo "NETMAKER_BRANCH=${{ github.event.pull_request.head.ref || github.head_ref }}" >> $GITHUB_ENV echo "NETCLIENT_BRANCH=develop" >> $GITHUB_ENV fi + - name: Checkout netclient repository uses: actions/checkout@v4 with: repository: gravitl/netclient fetch-depth: 0 + - name: Check if netclient branch exists and set output id: getbranch run: | @@ -59,7 +83,8 @@ jobs: branchtest: uses: gravitl/devops/.github/workflows/testdeploybranch.yml@master - needs: [getbranch, skip-check] + needs: [getbranch, skip-check, check-pr-approval] + if: (needs.skip-check.outputs.skip != 'true') && (github.event_name == 'workflow_dispatch' || needs.check-pr-approval.outputs.approved == 'true') with: netclientbranch: ${{ needs.getbranch.outputs.netclientbranch }} netmakerbranch: ${{ needs.getbranch.outputs.netmakerbranch }} From 26763ac56602be9aad49e97a7a0936130aa9039b Mon Sep 17 00:00:00 2001 From: Sayan Mallick Date: Tue, 1 Oct 2024 13:24:00 +0530 Subject: [PATCH 2/2] removed retriggering of workflow from approval for internal prs --- .github/workflows/branchtest.yml | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/.github/workflows/branchtest.yml b/.github/workflows/branchtest.yml index aaca09caa..f279d1b77 100644 --- a/.github/workflows/branchtest.yml +++ b/.github/workflows/branchtest.yml @@ -3,8 +3,6 @@ name: Deploy and Test Branch on: pull_request_review: types: [submitted] - pull_request: - types: [opened, synchronize, reopened] pull_request_target: types: [opened, synchronize, reopened] workflow_dispatch: @@ -17,7 +15,7 @@ on: jobs: check-pr-approval: runs-on: ubuntu-latest - if: github.event_name == 'pull_request_review' || github.event_name == 'pull_request' || github.event_name == 'pull_request_target' + if: github.event_name != 'workflow_dispatch' outputs: approved: ${{ steps.check.outputs.approved }} steps: @@ -25,8 +23,7 @@ jobs: id: check run: | if [[ "${{ github.event.review.state }}" == "approved" ]] || \ - [[ "${{ github.event_name }}" == "pull_request_target" && "${{ github.event.pull_request.state }}" == "open" ]] || \ - [[ "${{ github.event_name }}" == "pull_request" && "${{ github.event.pull_request.author_association }}" =~ ^(OWNER|MEMBER|COLLABORATOR)$ ]]; then + [[ "${{ github.event_name }}" == "pull_request_target" && "${{ github.event.pull_request.author_association }}" =~ ^(OWNER|MEMBER|COLLABORATOR)$ ]]; then echo "approved=true" >> $GITHUB_OUTPUT else echo "approved=false" >> $GITHUB_OUTPUT