Add PR approval check for specific directories #31
Conversation
Add check only for library and challenges folder python error when checking for approvals replace with JS Add script to check for no of approvers Re-trigger same run, instead of creating new run Remove pull_request trigger Add workflow step Test re-trigger when second approval happens Optimize Add committe checking flow add second account to committee for testing Add comma Add try/catch block around the parsing change toml file name Change parsing fix name of toml file
jaisnan
changed the title
jaisnan
changed the title
jaisnan
changed the title
|
Why can we not use a combination of |
From my research into CODEOWNERS, it seems like we can enforce these rules using CODEOWNERS + Branch Protection
But not the union of these 2 rules; so essentially even 1 approval from someone from the CODEOWNERS and someone not from the CODEOWNERS would become allowed; which is not something we want. I could look further into rulesets which might enable us to implement the union of those rules, but at that point imo, using a Lmk if I'm missing a way to implement what you're suggesting. |
Hmm, yes, I think you are right. I don't like to be in a place where we have to maintain such infrastructure, but it seems it's actually unavoidable. |
That's already been merged :D. PR where we merged it. |
…t-dev into pr-approval-workflow
Adds process/CI workflow to check that the approvers for every PR are in a committee of recognized approvers. This is a much simplified version of the r?bot that rust-lang uses. ## Testing Scenarios ### Happy path What happens when 2 of the approvers are in the committee Run: https://github.com/jaisnan/rust-dev/pull/16/checks?check_run_id=26914353663 ## What if someone not in the list approves, and 1 from the committee approves? In this scenario, we have a committee that consists of someone called "jaisu-1". But if the approvals came from one ID that's recognized, and another called "Jaisu-1" (Note to the reader: "jaisu-1" != "Jaisu-1"), then the workflow fails and the PR merge is (rightfully) blocked. Run: https://github.com/jaisnan/rust-dev/pull/15/checks?check_run_id=26914179444 ## Call-Outs 1. We need to add a requirement through settings that at least 2 approvers are required before merging, and allow anyone to approve (if it's not already the setting). 2. Once the first iteration of a committee is finalized, we can merge this workflow to begin the approval checking. By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 and MIT licenses.
Adds process/CI workflow to check that the approvers for every PR are in a committee of recognized approvers. This is a much simplified version of the r?bot that rust-lang uses.
Testing Scenarios
Happy path
What happens when 2 of the approvers are in the committee
Run: https://github.com/jaisnan/rust-dev/pull/16/checks?check_run_id=26914353663
What if someone not in the list approves, and 1 from the committee approves?
In this scenario, we have a committee that consists of someone called "jaisu-1". But if the approvals came from one ID that's recognized, and another called "Jaisu-1" (Note to the reader: "jaisu-1" != "Jaisu-1"), then the workflow fails and the PR merge is (rightfully) blocked.
Run: https://github.com/jaisnan/rust-dev/pull/15/checks?check_run_id=26914179444
Call-Outs
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 and MIT licenses.