Skip to content

[Snyk] Security upgrade node from 18.19.1-alpine to 18.20.1-alpine #103

[Snyk] Security upgrade node from 18.19.1-alpine to 18.20.1-alpine

[Snyk] Security upgrade node from 18.19.1-alpine to 18.20.1-alpine #103

name: Close bad repo-sync PRs
# **What it does**:
# Closes and PR from `repo-sync` to `main` that wasn't created by a Hubber.
# **Why we have it**:
# Unfortunately, a lot of PRs in github/docs are created by people who
# shouldn't be creating such PRs. We bot our bots to own it.
# **Who does it impact**: Open-source.
on:
pull_request_target:
permissions:
contents: write
pull-requests: write
jobs:
close-invalid-repo-sync-pr:
if: ${{ github.repository == 'github/docs' && github.event.pull_request.base.ref == 'main' && github.event.pull_request.head.ref == 'repo-sync' }}
name: Close if invalid repo-sync PR author
runs-on: ubuntu-latest
steps:
- name: Close pull request if unwanted
uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410
with:
github-token: ${{ secrets.DOCS_BOT_PAT_WRITEORG_PROJECT }}
script: |
const { owner, repo } = context.repo
const prCreator = context.actor
const prNumber = context.issue.number
try {
await github.rest.teams.getMembershipForUserInOrg({
org: 'github',
team_slug: 'employees',
username: prCreator
})
// If the PR creator is a GitHub employee, stop now
console.log("PR creator is a GitHub employee")
return
} catch (err) {
// An error will be thrown if the user is not a GitHub employee.
// That said, we still want to proceed anyway!
}
// Close the PR and add the invalid label
await github.rest.issues.update({
owner,
repo,
issue_number: prNumber,
labels: ['invalid'],
state: 'closed'
})
// Comment on the PR
await github.rest.issues.createComment({
owner,
repo,
issue_number: prNumber,
body: "Please leave this `repo-sync` branch to the robots!\n\nI'm going to close this pull request now, but feel free to open a new issue or ask any questions in [discussions](https://github.com/github/docs/discussions)!"
})
- name: Send Slack notification if workflow fails
uses: someimportantcompany/github-actions-slack-message@1d367080235edfa53df415bd8e0bbab480f29bad
if: failure()
with:
channel: ${{ secrets.DOCS_ALERTS_SLACK_CHANNEL_ID }}
bot-token: ${{ secrets.SLACK_DOCS_BOT_TOKEN }}
color: failure
text: The last close-bad-repo-sync-prs run for ${{github.repository}} failed. See https://github.com/${{github.repository}}/actions?query=Close+bad+repo-sync+PRs