[GH Request] Admin Access to frontend-components-tinymce-advanced-plugins #735
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This workflow runs when a ticket is created. It checks if the ticket either: | |
| # - title starts with '[GH Request]' | |
| # - body starts with 'Firm Name' (first field on template) | |
| # - label 'github-request' is present | |
| # and if so, adds the github-request label, adds it to the | |
| # axim-engineering board in the "To Do" column, and notifies: A comment is | |
| # added tagging the axim-oncall group and a message posted to the | |
| # #axim-engineering slack channel | |
| # Note: The "github-request" label is NOT auto-applied to all tickets created | |
| # using any `github-request-*` template, because only those with write access | |
| # can add the label. Instead the template inserts [GH Request] at the beginning. | |
| # So, this automation is shakily governed by hoping users do not remove that phrase. | |
| name: Add newly created GitHub Request tickets to the Axim Engineering project board | |
| on: | |
| issues: | |
| types: [opened] | |
| env: | |
| ORGANIZATION: openedx | |
| PROJECT_NUMBER: 8 | |
| jobs: | |
| # First parse issue title and add label, if it doesn't have it already bc only | |
| # repo members can add the label, even tho it's defined in the template >:( | |
| add_label: | |
| runs-on: ubuntu-latest | |
| # This is defined on all 2 jobs - so need to change x2 if changing this. | |
| if: ${{ (contains(github.event.issue.title, '[GH Request]') || startsWith(github.event.issue.body, 'Firm Name')) && !contains(github.event.issue.labels.*.name, 'github-request') }} | |
| steps: | |
| - name: apply github-request label | |
| uses: actions-ecosystem/action-add-labels@v1 | |
| with: | |
| labels: github-request | |
| move_and_notify: | |
| runs-on: ubuntu-latest | |
| if: ${{ contains(github.event.issue.title, '[GH Request]') || startsWith(github.event.issue.body, 'Firm Name') || contains(github.event.issue.labels.*.name, 'github-request')}} | |
| steps: | |
| - name: Generate token | |
| id: generate_token | |
| uses: tibdex/github-app-token@v1 | |
| with: | |
| app_id: ${{ secrets.GRAPHQL_AUTH_APP_ID }} | |
| private_key: ${{ secrets.GRAPHQL_AUTH_APP_PEM }} | |
| - name: Get Axim Engineering project ID | |
| env: | |
| GITHUB_TOKEN: ${{ steps.generate_token.outputs.token }} | |
| run: | | |
| gh api graphql -f query=' | |
| query($org: String!, $number: Int!) { | |
| organization(login: $org) { | |
| projectV2(number: $number) { | |
| id | |
| } | |
| } | |
| }' -f org=$ORGANIZATION -F number=$PROJECT_NUMBER > project_data.json | |
| echo 'PROJECT_ID='$(jq '.data.organization.projectV2.id' project_data.json) >> $GITHUB_ENV | |
| - name: Add github-request labelled issue to project | |
| env: | |
| GITHUB_TOKEN: ${{ steps.generate_token.outputs.token }} | |
| ISSUE_ID: ${{ github.event.issue.node_id }} | |
| run: | | |
| item_id="$( gh api graphql -f query=' | |
| mutation($project:ID!, $issue:ID!) { | |
| addProjectV2ItemById(input: {projectId: $project, contentId: $issue}) { | |
| item { | |
| id | |
| } | |
| } | |
| }' -f project=$PROJECT_ID -f issue=$ISSUE_ID --jq '.data.addProjectV2ItemById.item.id')" | |
| - name: Tag axim on-call | |
| env: | |
| URL: ${{ github.event.issue.comments_url }} | |
| GITHUB_TOKEN: ${{ steps.generate_token.outputs.token }} | |
| run: | | |
| curl \ | |
| -X POST \ | |
| $URL \ | |
| -H "Content-Type: application/json" \ | |
| -H "Authorization: token $GITHUB_TOKEN" \ | |
| --data '{ "body": "Thank you for your report! @openedx/axim-oncall will triage within a business day. Simple requests usually take 2-3 business days to resolve; more complex requests could take longer." }' | |
| - name: Alert in Slack | |
| id: slack | |
| uses: slackapi/[email protected] | |
| with: | |
| channel-id: C02MB2TBKE3 | |
| # In the Slack message, we *could* just use ${{ github.event.issue.html_url }}. | |
| # However, this creates a URL like: | |
| # https://github.com/openedx/axim-engineering/issues/NUMBER | |
| # which Slack will expand into a preview, clogging up our Slack channel. Unfortunately, there is no way | |
| # to disable github.com previews without disabling all GitHub previews in the entire workspace. | |
| # However, if we build the URL like this: | |
| # https://www.github.com/openedx/axim-engineering/issues/NUMBER | |
| # then the "www" trips up Slack enough so that it doesn't render the preview. | |
| slack-message: "Incoming GitHub request: ${{ github.event.issue.title }}\nAuthor: ${{ github.event.issue.user.login }}\nURL: https://www.github.com/openedx/axim-engineering/issues/${{ github.event.issue.number }}" | |
| env: | |
| SLACK_BOT_TOKEN: ${{ secrets.SLACK_ISSUE_BOT_TOKEN }} |