From d0b2915c888c1ddf38f4cc7792d22c60db7000c3 Mon Sep 17 00:00:00 2001
From: Vito Albano <vito.albano@alfresco.com>
Date: Tue, 22 Apr 2025 10:33:09 +0100
Subject: [PATCH] Revert "AAE-29010 GH actions rerun after approval (#10772)
 (#10774)" (#10809)

This reverts commit f6c446498a79aa25981525e3f87ef50f78e120c7.
---
 .github/actions/before-install/action.yml | 32 ++++++---------
 .github/workflows/pull-request.yml        | 48 +++++++++--------------
 2 files changed, 29 insertions(+), 51 deletions(-)

diff --git a/.github/actions/before-install/action.yml b/.github/actions/before-install/action.yml
index 4c517c2cf2..c2197103b4 100644
--- a/.github/actions/before-install/action.yml
+++ b/.github/actions/before-install/action.yml
@@ -18,15 +18,11 @@ runs:
     - name: base vars
       shell: bash
       run: |
-        if [[ "${{ github.event_name }}" == "pull_request_review" ]]; then
-          echo "BASE_HASH=$(git merge-base origin/${{ env.BASE_PR_REF }} HEAD) >> $GITHUB_ENV";
-        else
-          echo "BASE_HASH=$(git merge-base origin/${{ env.BASE_REF }} HEAD) >> $GITHUB_ENV";
-        fi
         {
           echo "GIT_HASH=$(git rev-parse HEAD)";
+          echo "BASE_HASH=$(git merge-base origin/${GITHUB_BASE_REF} HEAD)";
           echo "HEAD_HASH=HEAD";
-          echo "HEAD_COMMIT_HASH=${{ env.GH_COMMIT }}";
+          echo "HEAD_COMMIT_HASH=${GH_COMMIT}";
           echo "NX_CALCULATION_FLAGS=--all";
           echo "BUILD_OPTS=--configuration production";
           echo CI_FORCE_RUN=false;
@@ -41,21 +37,15 @@ runs:
         echo "BREAK_ACTION=true" >> $GITHUB_ENV
 
     - name: PULL_REQUEST event
-      if: ${{ env.BREAK_ACTION == false && (github.event_name == 'pull_request' || github.event_name == 'pull_request_review') && !github.event.pull_request.merged }}
+      if: ${{ env.BREAK_ACTION == false && github.event_name == 'pull_request' && !github.event.pull_request.merged }}
       shell: bash
       run: |
         echo "Setting up CI flags for Pull Request event"
-        if [[ "${{ github.event_name }}" == "pull_request_review" ]]; then
-            NX_CALCULATION_FLAGS="--base=origin/${{ env.BASE_PR_REF }} --head=$HEAD_HASH"
-            BASE_HASH="origin/${{ env.BASE_PR_REF }}"
-        else
-            NX_CALCULATION_FLAGS="--base=origin/${{ env.BASE_REF }} --head=$HEAD_HASH"
-            BASE_HASH="origin/${{ env.BASE_REF }}"
-        fi
+        NX_CALCULATION_FLAGS="--base=origin/${GITHUB_BASE_REF} --head=$HEAD_HASH"
         {
-            echo "NX_CALCULATION_FLAGS=$NX_CALCULATION_FLAGS";
-            echo "BASE_HASH=$BASE_HASH";
-            echo "BREAK_ACTION=true";
+          echo "NX_CALCULATION_FLAGS=$NX_CALCULATION_FLAGS";
+          echo "BASE_HASH=origin/${GITHUB_BASE_REF}";
+          echo "BREAK_ACTION=true";
         } >> $GITHUB_ENV
 
     - name: RELEASE on master/develop patch branch
@@ -69,10 +59,10 @@ runs:
             # into develop-patch*
             echo "Setting up CI flags for Push develop patch"
         else
-            echo "Setting up CI flags for Push on develop branch"
-            # base=$(git describe --tags $(git rev-list --tags --max-count=1))
-            # we publish always all the libs until we don't handle partial release
-            echo "NX_CALCULATION_FLAGS=--all" >> $GITHUB_ENV
+          echo "Setting up CI flags for Push on develop branch"
+          # base=$(git describe --tags $(git rev-list --tags --max-count=1))
+          # we publish always all the libs until we don't handle partial release
+          echo "NX_CALCULATION_FLAGS=--all" >> $GITHUB_ENV
         fi
         echo "BREAK_ACTION=true" >> $GITHUB_ENV
 
diff --git a/.github/workflows/pull-request.yml b/.github/workflows/pull-request.yml
index 28d0754319..dba5154e47 100644
--- a/.github/workflows/pull-request.yml
+++ b/.github/workflows/pull-request.yml
@@ -25,8 +25,6 @@ on:
       - master
       - develop-patch*
       - master-patch*
-  pull_request_review:
-    types: [submitted, dismissed]
 
 concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}
@@ -34,9 +32,7 @@ concurrency:
 
 env:
   BASE_REF: ${{ github.base_ref }}
-  BASE_PR_REF: ${{ github.event.pull_request.base.ref }}
   HEAD_REF: ${{ github.head_ref }}
-  HEAD_PR_REF: ${{ github.event.pull_request.head.ref }}
   AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
   AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
   GITHUB_BRANCH: ${{ github.ref_name }}
@@ -45,7 +41,6 @@ env:
   BUILD_ID: ${{ github.run_id }}
   GH_RUN_NUMBER: ${{ github.run_attempt }}
   GH_BUILD_NUMBER: ${{ github.run_id }}
-  GH_PR_NUMBER: ${{github.event.pull_request.number}}
   JOB_ID: ${{ github.run_id }}
   LOG_LEVEL: "ERROR"
   S3_BUILD_BUCKET_SHORT_NAME: ${{ secrets.S3_BUILD_BUCKET_SHORT_NAME }}
@@ -82,9 +77,6 @@ jobs:
 
   check-if-pr-is-approved:
     runs-on: ubuntu-latest
-    outputs:
-      isLabeledWithDoNotMerge: ${{ steps.check-label.outputs.isLabeledWithDoNotMerge }}
-      pr_approved: ${{ steps.check-approval.outputs.pr_approved }}
     steps:
       - name: Checkout repository
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
@@ -108,22 +100,19 @@ jobs:
               skip_check="true"
           fi
 
-      - name: Check if PR is labeled
-        id: check-label
-        run: |
-          if echo '${{ toJson(github.event.pull_request.labels) }}' | jq -e '.[] | select(.name | contains("do not merge"))'; then
-            echo "::warning::PR is labeled as 'do not merge'"
-            echo "isLabeledWithDoNotMerge=true" >> $GITHUB_ENV
-            echo "isLabeledWithDoNotMerge=true" >> $GITHUB_OUTPUT
-          else
-            echo "PR is not labeled as 'do not merge'"
-            echo "isLabeledWithDoNotMerge=false" >> $GITHUB_ENV
-            echo "isLabeledWithDoNotMerge=false" >> $GITHUB_OUTPUT
-          fi
+      - name: Get PR number
+        if: ${{ github.event_name != 'schedule' && github.event_name != 'workflow_dispatch' }}
+        uses: kamatama41/get-pr-number-action@0bcaab5752c0b699149e74667c8ce2f764cbb7fa # v0.9.1
+        id: action
+        with:
+          github_token: ${{ secrets.GITHUB_TOKEN }}
 
-      - name: Check if PR is approved
-        id: check-approval
-        if: env.isLabeledWithDoNotMerge == 'false'
+      - name: show pr number
+        shell: bash
+        run: |
+          echo "PR: ${{ steps.action.outputs.number }}"
+
+      - name: check if pr is approved
         env:
           DEVEL_FLAG: ${{ inputs.devel }}
           GH_TOKEN: ${{ github.token }}
@@ -150,17 +139,17 @@ jobs:
             echo -e "\033[32mDevel flag\033[0m"
             skip_check="true"
           fi
+
           if [ "$skip_check" == "false" ]; then
             echo "Checking PR approval"
-            echo "PR: $GH_PR_NUMBER"
-
-            if gh pr view $GH_PR_NUMBER --json reviews | jq -e '.reviews[] | select(.state == "APPROVED")'; then
+            prNumber=${{ steps.action.outputs.number }}
+            echo "PR: $prNumber"
+            checkApproval=$(gh api /repos/$GITHUB_REPOSITORY/pulls/$prNumber/reviews | jq '.[] | select(.state == "APPROVED") | .user.login')
+            if [[ $checkApproval ]]; then
               echo -e "\033[32mPR approved\033[0m"
-              echo "pr_approved=true" >> $GITHUB_OUTPUT
             else
-              echo "::error::PR NOT approved"
               echo -e "\033[31mPR NOT approved\033[0m"
-              echo "pr_approved=false" >> $GITHUB_OUTPUT
+              exit 1
             fi
           fi
 
@@ -170,7 +159,6 @@ jobs:
     name: "Setup"
     runs-on: ubuntu-latest
     needs: [check-if-pr-is-approved, pre-checks]
-    if: ${{ needs.check-if-pr-is-approved.outputs.isLabeledWithDoNotMerge == 'false' && needs.check-if-pr-is-approved.outputs.pr_approved == 'true' }}
     steps:
       - name: Checkout repository
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2