Merge pull request #26 from joshjohanning/check-team-exists

Check if team exists

README.md

@@ -18,7 +18,6 @@ jobs:
     if: contains(github.event.comment.body, '/do-stuff')
 
     steps:
-    # get the app's installation token
     - uses: actions/create-github-app-token@v1
       id: app-token
       with:
@@ -29,16 +28,28 @@ jobs:
       uses: joshjohanning/approveops@v2
       id: check-approval
       with:
-        token: ${{ steps.app-token.outputs.token }} # use a github app token or a PAT
-        approve-command: '/approve' # defaults to '/approve', the command to look for in the comments
-        team-name: 'approver-team' # the name of the team in GitHub to check for the approval command; e.g.: approver-team
-        fail-if-approval-not-found: true # defaults to true, fail the action (show the action run as red) if the command is not found in the comments from someone in the approver team"
-        post-successful-approval-comment: false # defaults to true, whether to post successful approval comment
-        successful-approval-comment: ':tada:  You were able to run the workflow because someone left an approval in the comments!! :tada:' # Optional, only if post-successful-approval-comment is true, comment to post if an approval is found
+        token: ${{ steps.app-token.outputs.token }}
+        approve-command: '/approve'
+        team-name: 'approver-team'
+        fail-if-approval-not-found: true
+        post-successful-approval-comment: false
 ```
 
+### Inputs
+
+| Name | Description | Required | Default |
+| --- | --- | --- | --- |
+| `token` | GitHub App installation token or PAT that has access to read+write comments and list the team's membership | `true` | `''` |
+| `approve-command` | The approval command to look for in the comments | `true` | `/approve` |
+| `team-name` | The name of the team in GitHub to check for the approval command, e.g. `approver-team` | `true` | `''` |
+| `fail-if-approval-not-found` | Fail the action (show the action run as red) if the command is not found in the comments from someone in the approver team | `true` | `true` |
+| `post-successful-approval-comment` | Whether to post successful approval comment | `true` | `true` |
+| `successful-approval-comment` | Comment to post if an approval is found | `true` | `':tada:  You were able to run the workflow because someone left an approval in the comments!!'` |
+
 ## Prerequisites
 
+### Team and Authentication
+
 1. Create a GitHub team and add at least one member
 2. Authentication options:
   - GitHub App
@@ -62,6 +73,13 @@ Notes:
 - A Personal Access Token (PAT) is not used since we want the comment to show as from a bot
 - The `github.token` is not used since the token can't provide hyperlinks for @ mentions since it doesn't have the scope for org teams, only repository data
 
+### Runner Software Requirements
+
+Required software installed on runner:
+
+  - [`gh` (GitHub CLI)](https://cli.github.com/)
+  - [`jq`](https://jqlang.github.io/jq/download/)
+
 ## Breaking Changes
 
 ### v1 to v2

action.yml

@@ -15,8 +15,8 @@ inputs:
     required: true
   token:
     description: "GitHub App installation token or PAT that has access to read the comments and check the org team's membership"
-    default: ${{ github.token }} # this doesn't allow tagging of the approval team; better to use GitHub App
     required: true
+    default: ${{ github.token }} # this doesn't allow tagging of the approval team; better to use GitHub App
   fail-if-approval-not-found:
     description: "Fail the action (i.e. show the action run as red) if the command is not found in the comments from someone in the approver team"
     required: true
@@ -28,7 +28,7 @@ inputs:
   successful-approval-comment:
     description: "Comment to post if an approval is found"
     required: true
-    default: ":tada:  You were able to run the workflow because someone left an approval in the comments!! :tada:"
+    default: ":tada:  You were able to run the workflow because someone left an approval in the comments!!"
 
 outputs:
   approved:
@@ -45,10 +45,22 @@ runs:
       shell: bash
       run: |
         # "checking for a ${{ inputs.approve-command }} command in the comments from someone in the ${{ inputs.team-name}} team"
-        users=$(gh api --paginate '/orgs/${{ github.repository_owner }}/teams/${{ inputs.team-name }}/members' | jq -c '.[].login')
+
+        # prerequisite check
+        for cmd in gh jq; do
+          if ! command -v $cmd &> /dev/null; then
+            echo "::error title=${cmd} not installed::Could not find \`${cmd}\` on the runner"
+            exit 1
+          fi
+        done
+
+        # checking team and getting team membership"
+        echo "getting team membership for the team: @${{ github.repository_owner }}/${{ inputs.team-name }} ..."
+        users=$(gh api --paginate '${{ github.event.organization.url }}/teams/${{ inputs.team-name }}/members' --jq '.[].login' 2> /dev/null) || { echo "::error title=Team doesn't exist or token doesn't have access::The ${{ inputs.team-name }} team doesn't exist or the token doesn't have access to it"; exit 1; }
+
         approveCommand="${{ inputs.approve-command }}"
         authorized=false
-        comments=$(gh api --paginate '${{ github.event.comment.issue_url }}/comments')
+        comments=$(gh api --paginate ${{ github.event.issue.comments_url }})
         for comment in $(echo $comments | jq -r '.[] | @base64'); do
             body=$(echo $comment | base64 --decode | jq -r '.body' | tr -d ' ' | tr -d '\r\n')
             actor=$(echo $comment | base64 --decode | jq -r '.user.login')