-
Notifications
You must be signed in to change notification settings - Fork 1
93 lines (83 loc) · 3.07 KB
/
pr-assign.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
# Very Important Note:
# Never, ever, under any circumstances run any commands that take inputs
# from the PR for scripting purposes.
# This is unsafe with pull_request_target trigger.
# See: https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
name: Assign Pull Request to maintainers
on:
workflow_call:
secrets:
robot-token:
description: 'A PAT token used by the app/robot'
required: true
jobs:
matrix:
runs-on: ubuntu-latest
outputs:
matrix: ${{ steps.set-matrix.outputs.matrix }}
steps:
- uses: octokit/[email protected]
name: Get list of assignees
id: assignees
# Allow failures to be ignored.
# We will consider output as empty
continue-on-error: true
with:
owner: ibexa
repo: pr-assignees
route: /repos/{owner}/{repo}/contents/${{ github.repository }}/maintainers
env:
GITHUB_TOKEN: ${{ secrets.robot-token }}
- name: Decode Base64 for output
id: set-matrix
# If previous step failed we assume that we got 404
# and thus there are no maintainers to be assigned
if: ${{ steps.assignees.outputs.data }}
run: |
cat > input.json <<'EOF'
${{ steps.assignees.outputs.data }}
EOF
output=$(jq -r '.["content"]' input.json | base64 --decode | jq -c .)
echo "matrix=$output" >> $GITHUB_OUTPUT
assign:
needs: matrix
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix: ${{fromJson(needs.matrix.outputs.matrix)}}
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0
ref: ${{ github.event.pull_request.head.sha }}
- name: Install pcregrep
run: |
sudo apt-get update
sudo apt-get install -y pcregrep hub
- name: Check PR files against mask
id: changed-files
shell: bash {0} # Disable fail-fast when no match is found
run: |
matches=$(hub api /repos/${REPO}/pulls/${PR}/files | jq -r '.[].filename | split("/") | .[-1]' | pcregrep -c '${{ matrix.params.extension }}')
if [ "${matches}" -ge 1 ]; then
output=1
else
output=0
fi
echo "matches=$output" >> $GITHUB_OUTPUT
env:
GITHUB_TOKEN: ${{ github.token }}
REPO: ${{ github.repository }}
PR: ${{ github.event.number }}
- name: Assign Pull Request maintainers
if: steps.changed-files.outputs.matches == 1
run: |
if [[ "x$CHANGED" == "x0" ]]; then
echo "There are no actual matches and we've just stumbled upon a GitHub Actions type casting bug"
exit 0
fi
assignees=$(echo -n ${{ matrix.params.assignee }} | jq -sRc '{assignees:split(",")}')
echo $assignees | hub api -X POST /repos/${{ github.repository }}/issues/${{ github.event.number }}/assignees --input -
env:
GITHUB_TOKEN: ${{ github.token }}
CHANGED: ${{ steps.changed-files.outputs.matches }}