Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Implement request reviewers on itself #98

Merged
merged 4 commits into from
Oct 31, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 2 additions & 5 deletions .github/workflows/review-bot.yml
Original file line number Diff line number Diff line change
Expand Up @@ -6,10 +6,6 @@ on:
types:
- completed

permissions:
contents: read
checks: write

jobs:
review-approvals:
runs-on: ubuntu-latest
Expand All @@ -30,7 +26,8 @@ jobs:
- name: "Evaluates PR reviews and assigns reviewers"
uses: paritytech/review-bot@main
with:
repo-token: ${{ secrets.GITHUB_TOKEN }}
repo-token: ${{ steps.team_token.outputs.token }}
team-token: ${{ steps.team_token.outputs.token }}
checks-token: ${{ steps.team_token.outputs.token }}
pr-number: ${{ steps.number.outputs.content }}
request-reviewers: true
22 changes: 17 additions & 5 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -138,8 +138,12 @@ You can find all the inputs in [the action file](./action.yml), but let's walk t
- It is already in the installation section, but you need to give the following [permissions](https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs#defining-access-for-the-github_token-scopes) to the action:
- `contents`: read
- `checks`: write
- `pull-requests`: write
- **Imporant**: if `request-reviewers` is enabled and you are using _teams_, this needs to be a [GitHub Personal Access](https://github.com/settings/tokens/new) token with `repo` and `read:org` scopes.
- This is because GitHub actions does not have access to the teams, and it can not assign teams as reviewers.
- `team-token`: Token to read the team members.
- **required**.
- **required** if you are using _teams_.
- If you are only using individual users, you can use `{{ github.token }}` instead.
- This needs to be a [GitHub Personal Access](https://github.com/settings/tokens/new) token with `read:org` permission.
- It is used to extract the members of teams.
- `checks-token`: Token to write the status checks.
Expand All @@ -153,8 +157,8 @@ You can find all the inputs in [the action file](./action.yml), but let's walk t
- **default**: `.github/review-bot.yml`
- `request-reviewers`: If the system should automatically request the required reviewers.
- **default**: false.
- If enabled, when there are missing reviews, the system will request the appropriate users and/or team to review. (Note: It won't assign fellowship members as reviewers)
- If enabled, and using teams, this requires a GitHub action with `write` permission for `pull request`.
- If enabled, when there are missing reviews, the system will request the appropriate users and/or team to review.
- If enabled, and using teams, this requires a GitHub app with `write` permission for `pull request`.

#### Using a GitHub app instead of a PAT
In some cases, specially in big organizations, it is more organized to use a GitHub app to authenticate, as it allows us to give it permissions per repository, and we can fine-grain them even better. If you wish to do that, you need to create a GitHub app with the following permissions:
Expand All @@ -164,6 +168,8 @@ In some cases, specially in big organizations, it is more organized to use a Git
- Repository permissions:
- Checks
- [x] Write
- Pull Request
- [x] Write

Because this project is intended to be used with a token, we need to do an extra step to generate one from the GitHub app:
- After you create the app, copy the *App ID* and the *private key* and set them as secrets.
Expand All @@ -179,9 +185,9 @@ Because this project is intended to be used with a token, we need to do an extra
- name: "Evaluates PR reviews"
uses: paritytech/review-bot@main
with:
repo-token: ${{ github.token }}
# The previous step generates a token which is used as the input for this action
team-token: ${{ steps.generate_token.outputs.token }
repo-token: ${{ steps.generate_token.outputs.token }}
team-token: ${{ steps.generate_token.outputs.token }}
checks-token: ${{ steps.generate_token.outputs.token }}
pr-number: ${{ steps.number.outputs.content }}
```
Expand Down Expand Up @@ -433,6 +439,12 @@ It also has any other field from the [`basic rule`](#basic-rule) (with the excep
- **Optional**: Defaults to `false`.
- **minRank**: Must be a number.
- **Required**

##### Note
The fellows rule will never request reviewers, even if `request-reviewers` rule is enabled.

This is because there are ~50 fellows and GitHub’s PR request limit is 20 users, so, if a low rank is required, the system wouldn’t allow to assign them.

### Evaluating config

If you want to evaluate the config file to find problems before merging it, we have a simple `cli` to do so.
Expand Down
Loading