Add Node.js setup support #540
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
# ack workflow runs on any change made to a pull-request and aims to verify | |
# that is following our practices. Initial version is checking correct label | |
# presence. | |
name: ack | |
on: | |
issues: | |
types: [opened, reopened] | |
pull_request_target: | |
types: [opened, labeled, unlabeled, synchronize] | |
workflow_call: # allows reuse of this workflow from other devtools repos | |
secrets: | |
BOT_PAT: | |
required: false | |
jobs: | |
ack: | |
runs-on: ubuntu-24.04 | |
environment: ack | |
env: | |
BOT_PAT: ${{ secrets.BOT_PAT || secrets.ANSIBUDDY_BOT_PAT }} | |
permissions: | |
checks: write | |
contents: write # needed to update release | |
pull-requests: write # pr approval and merge | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
# Use of release drafter action for adding semantic labels based on | |
# either title, body or source branch name. We ignore potential failure | |
# of this step. | |
- name: Auto-add labels | |
if: github.event.action == 'opened' && github.event.issue.labels.length == 0 | |
uses: release-drafter/release-drafter@v6 | |
with: | |
# we only want to use the auto-labeler bits: | |
disable-autolabeler: false | |
disable-releaser: true | |
# config from .github/release-drafter.yml | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
continue-on-error: true | |
- name: Verify PR label action | |
uses: mheap/github-action-required-labels@v5 | |
with: | |
mode: exactly | |
count: 1 | |
add_comment: true | |
exit_type: failure | |
labels: | | |
bug | |
enhancement | |
major | |
minor | |
patch | |
skip-changelog | |
- name: Update release notes if this is already merged | |
if: github.event.pull_request.merged == true | |
uses: release-drafter/release-drafter@v6 | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- name: Add issue or pull-request to 'devtools' project | |
# Workaround for running this step only if BOT_PAT secret is found | |
if: env.BOT_PAT != null | |
uses: actions/add-to-project@main | |
with: | |
project-url: https://github.com/orgs/ansible/projects/86 | |
# Do not use secrets.GITHUB_TOKEN here because it does not have | |
# access to projects. Only personal access tokens (PAT) can be used. | |
github-token: ${{ env.BOT_PAT }} | |
# labeled: skip-changelog | |
# label-operator: NOT | |
- name: Dump GitHub context | |
env: | |
GITHUB_CONTEXT: ${{ toJson(github) }} | |
run: echo "$GITHUB_CONTEXT" | |
# https://docs.github.com/en/code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions#approve-a-pull-request | |
- name: Enable auto-merge for safe bots PRs | |
if: env.BOT_PAT != null && contains(fromJson('["dependabot[bot]", "pre-commit-ci[bot]"]'), github.event.pull_request.user.login) | |
run: gh pr merge --auto --squash "$PR_URL" | |
env: | |
PR_URL: ${{ github.event.pull_request.html_url }} | |
GH_TOKEN: ${{ env.BOT_PAT }} | |
- name: Approve a PR | |
if: env.BOT_PAT != null && contains(fromJson('["dependabot[bot]", "pre-commit-ci[bot]"]'), github.event.pull_request.user.login) | |
run: gh pr review --approve "$PR_URL" | |
env: | |
PR_URL: ${{github.event.pull_request.html_url}} | |
GH_TOKEN: ${{ env.BOT_PAT }} |