-
Notifications
You must be signed in to change notification settings - Fork 74
40 lines (37 loc) · 1.59 KB
/
pr-labeler.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
name: PR Test Label Manager
on:
pull_request_target:
branches: [ main ]
types: [ opened, synchronize, reopened ]
jobs:
pr_test_label_manager:
# note: this doesn't gate on 'safe to test' label because it doesn't check out code
name: PR Test Label Manager
runs-on: ubuntu-latest
steps:
- name: "Check Membership and Label PR"
uses: actions/github-script@v6
id: check-membership
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
script: |
let prNumber = context.payload.pull_request?.number;
const ownerAndRepo = {
// note: this is hardcoded because I'm not sure how it will vary in fork PRs
owner: "viamrobotics",
repo: "${{ github.event.repository.name }}",
};
let orgResp = await github.rest.orgs.checkMembershipForUser({org: ownerAndRepo.owner, username: context.payload.sender.login});
if (orgResp.status === 204) {
await github.rest.issues.addLabels({...ownerAndRepo, issue_number: prNumber, labels: ["safe to test"]});
return true;
} else {
await github.rest.issues.removeLabel({...ownerAndRepo, issue_number: prNumber, name: "safe to test"});
}
return false;
- name: Add Unsafe PR Comment
if: steps.check-membership.outputs.result != 'true'
uses: marocchino/sticky-pull-request-comment@v2
with:
recreate: true
message: For security reasons, this PR must be labeled with `safe to test` in order for tests to run.