From f6c446498a79aa25981525e3f87ef50f78e120c7 Mon Sep 17 00:00:00 2001
From: Alexander Puschkin <alexander.puschkin@hyland.com>
Date: Wed, 9 Apr 2025 07:16:26 +0200
Subject: [PATCH] AAE-29010 GH actions rerun after approval (#10772) (#10774)
* Add rerun function after first approval is there.
* Adjust pull request with github pr number as var
* Add check label step to check "do not merge" label
* cleanup
---
.github/actions/before-install/action.yml | 32 ++++++++++------
.github/workflows/pull-request.yml | 46 ++++++++++++++---------
2 files changed, 50 insertions(+), 28 deletions(-)
diff --git a/.github/actions/before-install/action.yml b/.github/actions/before-install/action.yml
index c2197103b4..4c517c2cf2 100644
--- a/.github/actions/before-install/action.yml
+++ b/.github/actions/before-install/action.yml
@@ -18,11 +18,15 @@ runs:
- name: base vars
shell: bash
run: |
+ if [[ "${{ github.event_name }}" == "pull_request_review" ]]; then
+ echo "BASE_HASH=$(git merge-base origin/${{ env.BASE_PR_REF }} HEAD) >> $GITHUB_ENV";
+ else
+ echo "BASE_HASH=$(git merge-base origin/${{ env.BASE_REF }} HEAD) >> $GITHUB_ENV";
+ fi
{
echo "GIT_HASH=$(git rev-parse HEAD)";
- echo "BASE_HASH=$(git merge-base origin/${GITHUB_BASE_REF} HEAD)";
echo "HEAD_HASH=HEAD";
- echo "HEAD_COMMIT_HASH=${GH_COMMIT}";
+ echo "HEAD_COMMIT_HASH=${{ env.GH_COMMIT }}";
echo "NX_CALCULATION_FLAGS=--all";
echo "BUILD_OPTS=--configuration production";
echo CI_FORCE_RUN=false;
@@ -37,15 +41,21 @@ runs:
echo "BREAK_ACTION=true" >> $GITHUB_ENV
- name: PULL_REQUEST event
- if: ${{ env.BREAK_ACTION == false && github.event_name == 'pull_request' && !github.event.pull_request.merged }}
+ if: ${{ env.BREAK_ACTION == false && (github.event_name == 'pull_request' || github.event_name == 'pull_request_review') && !github.event.pull_request.merged }}
shell: bash
run: |
echo "Setting up CI flags for Pull Request event"
- NX_CALCULATION_FLAGS="--base=origin/${GITHUB_BASE_REF} --head=$HEAD_HASH"
+ if [[ "${{ github.event_name }}" == "pull_request_review" ]]; then
+ NX_CALCULATION_FLAGS="--base=origin/${{ env.BASE_PR_REF }} --head=$HEAD_HASH"
+ BASE_HASH="origin/${{ env.BASE_PR_REF }}"
+ else
+ NX_CALCULATION_FLAGS="--base=origin/${{ env.BASE_REF }} --head=$HEAD_HASH"
+ BASE_HASH="origin/${{ env.BASE_REF }}"
+ fi
{
- echo "NX_CALCULATION_FLAGS=$NX_CALCULATION_FLAGS";
- echo "BASE_HASH=origin/${GITHUB_BASE_REF}";
- echo "BREAK_ACTION=true";
+ echo "NX_CALCULATION_FLAGS=$NX_CALCULATION_FLAGS";
+ echo "BASE_HASH=$BASE_HASH";
+ echo "BREAK_ACTION=true";
} >> $GITHUB_ENV
- name: RELEASE on master/develop patch branch
@@ -59,10 +69,10 @@ runs:
# into develop-patch*
echo "Setting up CI flags for Push develop patch"
else
- echo "Setting up CI flags for Push on develop branch"
- # base=$(git describe --tags $(git rev-list --tags --max-count=1))
- # we publish always all the libs until we don't handle partial release
- echo "NX_CALCULATION_FLAGS=--all" >> $GITHUB_ENV
+ echo "Setting up CI flags for Push on develop branch"
+ # base=$(git describe --tags $(git rev-list --tags --max-count=1))
+ # we publish always all the libs until we don't handle partial release
+ echo "NX_CALCULATION_FLAGS=--all" >> $GITHUB_ENV
fi
echo "BREAK_ACTION=true" >> $GITHUB_ENV
diff --git a/.github/workflows/pull-request.yml b/.github/workflows/pull-request.yml
index dba5154e47..28d0754319 100644
--- a/.github/workflows/pull-request.yml
+++ b/.github/workflows/pull-request.yml
@@ -25,6 +25,8 @@ on:
- master
- develop-patch*
- master-patch*
+ pull_request_review:
+ types: [submitted, dismissed]
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
@@ -32,7 +34,9 @@ concurrency:
env:
BASE_REF: ${{ github.base_ref }}
+ BASE_PR_REF: ${{ github.event.pull_request.base.ref }}
HEAD_REF: ${{ github.head_ref }}
+ HEAD_PR_REF: ${{ github.event.pull_request.head.ref }}
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
GITHUB_BRANCH: ${{ github.ref_name }}
@@ -41,6 +45,7 @@ env:
BUILD_ID: ${{ github.run_id }}
GH_RUN_NUMBER: ${{ github.run_attempt }}
GH_BUILD_NUMBER: ${{ github.run_id }}
+ GH_PR_NUMBER: ${{github.event.pull_request.number}}
JOB_ID: ${{ github.run_id }}
LOG_LEVEL: "ERROR"
S3_BUILD_BUCKET_SHORT_NAME: ${{ secrets.S3_BUILD_BUCKET_SHORT_NAME }}
@@ -77,6 +82,9 @@ jobs:
check-if-pr-is-approved:
runs-on: ubuntu-latest
+ outputs:
+ isLabeledWithDoNotMerge: ${{ steps.check-label.outputs.isLabeledWithDoNotMerge }}
+ pr_approved: ${{ steps.check-approval.outputs.pr_approved }}
steps:
- name: Checkout repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
@@ -100,19 +108,22 @@ jobs:
skip_check="true"
fi
- - name: Get PR number
- if: ${{ github.event_name != 'schedule' && github.event_name != 'workflow_dispatch' }}
- uses: kamatama41/get-pr-number-action@0bcaab5752c0b699149e74667c8ce2f764cbb7fa # v0.9.1
- id: action
- with:
- github_token: ${{ secrets.GITHUB_TOKEN }}
-
- - name: show pr number
- shell: bash
+ - name: Check if PR is labeled
+ id: check-label
run: |
- echo "PR: ${{ steps.action.outputs.number }}"
+ if echo '${{ toJson(github.event.pull_request.labels) }}' | jq -e '.[] | select(.name | contains("do not merge"))'; then
+ echo "::warning::PR is labeled as 'do not merge'"
+ echo "isLabeledWithDoNotMerge=true" >> $GITHUB_ENV
+ echo "isLabeledWithDoNotMerge=true" >> $GITHUB_OUTPUT
+ else
+ echo "PR is not labeled as 'do not merge'"
+ echo "isLabeledWithDoNotMerge=false" >> $GITHUB_ENV
+ echo "isLabeledWithDoNotMerge=false" >> $GITHUB_OUTPUT
+ fi
- - name: check if pr is approved
+ - name: Check if PR is approved
+ id: check-approval
+ if: env.isLabeledWithDoNotMerge == 'false'
env:
DEVEL_FLAG: ${{ inputs.devel }}
GH_TOKEN: ${{ github.token }}
@@ -139,17 +150,17 @@ jobs:
echo -e "\033[32mDevel flag\033[0m"
skip_check="true"
fi
-
if [ "$skip_check" == "false" ]; then
echo "Checking PR approval"
- prNumber=${{ steps.action.outputs.number }}
- echo "PR: $prNumber"
- checkApproval=$(gh api /repos/$GITHUB_REPOSITORY/pulls/$prNumber/reviews | jq '.[] | select(.state == "APPROVED") | .user.login')
- if [[ $checkApproval ]]; then
+ echo "PR: $GH_PR_NUMBER"
+
+ if gh pr view $GH_PR_NUMBER --json reviews | jq -e '.reviews[] | select(.state == "APPROVED")'; then
echo -e "\033[32mPR approved\033[0m"
+ echo "pr_approved=true" >> $GITHUB_OUTPUT
else
+ echo "::error::PR NOT approved"
echo -e "\033[31mPR NOT approved\033[0m"
- exit 1
+ echo "pr_approved=false" >> $GITHUB_OUTPUT
fi
fi
@@ -159,6 +170,7 @@ jobs:
name: "Setup"
runs-on: ubuntu-latest
needs: [check-if-pr-is-approved, pre-checks]
+ if: ${{ needs.check-if-pr-is-approved.outputs.isLabeledWithDoNotMerge == 'false' && needs.check-if-pr-is-approved.outputs.pr_approved == 'true' }}
steps:
- name: Checkout repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2