From ae721ff1254e345e8646941e1061f616361f121a Mon Sep 17 00:00:00 2001 From: IsraelleHub <145595240+IsraelleHub@users.noreply.github.com> Date: Mon, 29 Apr 2024 15:56:32 -0500 Subject: [PATCH 01/17] QA Approval workflow --- .../workflows/pr_checks_for_qa_approvals.yml | 67 +++++++++++++++++++ 1 file changed, 67 insertions(+) create mode 100644 .github/workflows/pr_checks_for_qa_approvals.yml diff --git a/.github/workflows/pr_checks_for_qa_approvals.yml b/.github/workflows/pr_checks_for_qa_approvals.yml new file mode 100644 index 00000000000..ee3750df988 --- /dev/null +++ b/.github/workflows/pr_checks_for_qa_approvals.yml @@ -0,0 +1,67 @@ + +# +# Checks if QA approvals are necessary, and if so runs the associated action when a new review is added +# + +name: '[Utils] QA required approval' + +on: + pull_request: + types: [opened, edited] + pull_request_review: + types: [submitted, dismissed] + push: + +jobs: + check_for_qa_required: + if: github.event.review.state == 'APPROVED' + runs-on: ubuntu-latest + outputs: + requires_qa: ${{ steps.qa_required.outputs.requires_qa}} + steps: + - uses: dorny/paths-filter@v2 + id: qa_required + with: + filters: | + requires_qa: + - 'VAMobile/src' + - 'VAMobile/package.json' + - '!VAMobile/src/*.test.*' + check_for_qa_approval: + runs-on: ubuntu-latest + needs: check_for_qa_required + outputs: + has_qa_approval: ${{ steps.check-qa-approval.outputs.has_qa_approval }} + steps: + - name: Check QA approval + id: check-qa-approval + shell: bash + if: ${{ needs.check_for_qa_required.outputs.requires_qa }} == 'true' + run: | + token=${{ secrets.GITHUB_TOKEN }} + base64AuthInfo='$token | base64 -e' + response=$(curl --request GET \ + --url https://api.github.com/repos/${{ github.repository }}/pulls/${{ github.event.pull_request.number }}/reviews \ + --header 'Authorization: $base64AuthInfo' \ + --header 'Content-Type: application/json') + approvals = $response | jq '.[] | select(.state=="APPROVED")' + echo $approvals + if $aprovals.length > 2 + qa_approvals = $approvals | jq '.[] | select(.user.login | IN("rbontrager","DJUltraTom","TKDickson"))' + if $qa_approvals.length > 0 + echo 'This PR has QA approval to merge' + echo ::set-output name=has_qa_approval::'true' + else + echo 'This PR requires QA approval to merge' + echo ::set-output name=has_qa_approval::'false' + fi + else + echo 'This PR requires 3 approvals, including one QA approval, before merging.' + echo ::set-output name=has_qa_approval::'false' + fi + add_or_remove_qa_required_label: + name: Add or Remove label + needs: check_for_qa_approval + runs-on: ubuntu-latest + env: + LABEL: qa-review-required \ No newline at end of file From 560e169516a73e0d68fc61a9055adbf2928856ab Mon Sep 17 00:00:00 2001 From: IsraelleHub <145595240+IsraelleHub@users.noreply.github.com> Date: Mon, 6 May 2024 11:46:54 -0500 Subject: [PATCH 02/17] Updated approver# --- .github/workflows/pr_checks_for_qa_approvals.yml | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/.github/workflows/pr_checks_for_qa_approvals.yml b/.github/workflows/pr_checks_for_qa_approvals.yml index ee3750df988..6dc06436afe 100644 --- a/.github/workflows/pr_checks_for_qa_approvals.yml +++ b/.github/workflows/pr_checks_for_qa_approvals.yml @@ -1,7 +1,5 @@ - # # Checks if QA approvals are necessary, and if so runs the associated action when a new review is added -# name: '[Utils] QA required approval' @@ -10,7 +8,6 @@ on: types: [opened, edited] pull_request_review: types: [submitted, dismissed] - push: jobs: check_for_qa_required: @@ -46,7 +43,7 @@ jobs: --header 'Content-Type: application/json') approvals = $response | jq '.[] | select(.state=="APPROVED")' echo $approvals - if $aprovals.length > 2 + if $aprovals.length > 1 qa_approvals = $approvals | jq '.[] | select(.user.login | IN("rbontrager","DJUltraTom","TKDickson"))' if $qa_approvals.length > 0 echo 'This PR has QA approval to merge' @@ -56,7 +53,7 @@ jobs: echo ::set-output name=has_qa_approval::'false' fi else - echo 'This PR requires 3 approvals, including one QA approval, before merging.' + echo 'This PR requires 2 approvals, including one QA and one engineer approval, before merging.' echo ::set-output name=has_qa_approval::'false' fi add_or_remove_qa_required_label: From 00d68494662f5b80ed6b4d6f7a836bde222b96eb Mon Sep 17 00:00:00 2001 From: IsraelleHub <145595240+IsraelleHub@users.noreply.github.com> Date: Mon, 6 May 2024 12:59:46 -0500 Subject: [PATCH 03/17] Updated workflow --- .../workflows/pr_checks_for_qa_approvals.yml | 86 ++++++++++--------- 1 file changed, 44 insertions(+), 42 deletions(-) diff --git a/.github/workflows/pr_checks_for_qa_approvals.yml b/.github/workflows/pr_checks_for_qa_approvals.yml index 6dc06436afe..1bdcdc4f906 100644 --- a/.github/workflows/pr_checks_for_qa_approvals.yml +++ b/.github/workflows/pr_checks_for_qa_approvals.yml @@ -1,64 +1,66 @@ # # Checks if QA approvals are necessary, and if so runs the associated action when a new review is added +# name: '[Utils] QA required approval' on: pull_request: - types: [opened, edited] + types: [opened, edited, converted_to_draft, ready_for_review, reopened] + paths: + - 'VAMobile/src/**' + - 'VAMobile/package.json' + - '!VAMobile/src/**.test.*' + pull_request_review: types: [submitted, dismissed] + pull_request_target: + branches: + - 'develop' + jobs: - check_for_qa_required: - if: github.event.review.state == 'APPROVED' - runs-on: ubuntu-latest - outputs: - requires_qa: ${{ steps.qa_required.outputs.requires_qa}} - steps: - - uses: dorny/paths-filter@v2 - id: qa_required - with: - filters: | - requires_qa: - - 'VAMobile/src' - - 'VAMobile/package.json' - - '!VAMobile/src/*.test.*' check_for_qa_approval: + name: Requires QA approval runs-on: ubuntu-latest - needs: check_for_qa_required - outputs: - has_qa_approval: ${{ steps.check-qa-approval.outputs.has_qa_approval }} steps: - name: Check QA approval - id: check-qa-approval shell: bash - if: ${{ needs.check_for_qa_required.outputs.requires_qa }} == 'true' run: | - token=${{ secrets.GITHUB_TOKEN }} - base64AuthInfo='$token | base64 -e' - response=$(curl --request GET \ - --url https://api.github.com/repos/${{ github.repository }}/pulls/${{ github.event.pull_request.number }}/reviews \ - --header 'Authorization: $base64AuthInfo' \ - --header 'Content-Type: application/json') - approvals = $response | jq '.[] | select(.state=="APPROVED")' - echo $approvals - if $aprovals.length > 1 - qa_approvals = $approvals | jq '.[] | select(.user.login | IN("rbontrager","DJUltraTom","TKDickson"))' - if $qa_approvals.length > 0 + approvals=$(curl --request GET \ + --url https://api.github.com/repos/${{ github.repository }}/pulls/${{ github.event.pull_request.number }}/reviews?per_page=100 \ + --header 'Authorization: ${{ secrets.GITHUB_TOKEN }}' \ + --header 'Content-Type: application/json' | + jq -c '[map(select(.state == "APPROVED")) | .[] .user.login]') + echo "${{secrets.GH_ACTIONS_PAT}}" >> token.txt + gh auth login --with-token < token.txt + required_approval_count=$(gh api \ + -H "Accept: application/vnd.github+json" \ + -H "X-GitHub-Api-Version: 2022-11-28" \ + /repos/department-of-veterans-affairs/va-mobile-app/branches/develop/protection | + jq -c '.required_pull_request_reviews.required_approving_review_count') + echo "Approvers: $approvals" + + qa_team_members=$( + gh api \ + -H "Accept: application/vnd.github+json" \ + -H "X-GitHub-Api-Version: 2022-11-28" \ + /orgs/department-of-veterans-affairs/teams/flagship-mobile-qa/members | + jq -c '[.[] | .login]' + ) + echo "required approval count: $required_approval_count" + echo "QA team: $qa_team_members" + if [[ $(jq '. | length' <<< "$approvals") -gt $required_approval_count ]] + then + if [[ $(jq '[.[] | select(. | IN("timwright12", "rbontrager", "DJUltraTom", "TKDickson"))] | length' <<< "$approvals") -gt 0 ]] + then echo 'This PR has QA approval to merge' - echo ::set-output name=has_qa_approval::'true' + exit 0 else echo 'This PR requires QA approval to merge' - echo ::set-output name=has_qa_approval::'false' + exit 1 fi else - echo 'This PR requires 2 approvals, including one QA and one engineer approval, before merging.' - echo ::set-output name=has_qa_approval::'false' - fi - add_or_remove_qa_required_label: - name: Add or Remove label - needs: check_for_qa_approval - runs-on: ubuntu-latest - env: - LABEL: qa-review-required \ No newline at end of file + echo 'This PR requires 2 approvals, including one QA and one engineerapprovals, before merging.' + exit 1 + fi \ No newline at end of file From 1ea1e48eb616467015d3f1d32a729ba893f1a39e Mon Sep 17 00:00:00 2001 From: IsraelleHub <145595240+IsraelleHub@users.noreply.github.com> Date: Mon, 6 May 2024 13:05:33 -0500 Subject: [PATCH 04/17] added 'on push' --- .github/workflows/pr_checks_for_qa_approvals.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/pr_checks_for_qa_approvals.yml b/.github/workflows/pr_checks_for_qa_approvals.yml index 1bdcdc4f906..66b63735abf 100644 --- a/.github/workflows/pr_checks_for_qa_approvals.yml +++ b/.github/workflows/pr_checks_for_qa_approvals.yml @@ -18,6 +18,9 @@ on: pull_request_target: branches: - 'develop' + push: + branches: + - 'Automation/6261-Chanel-Reuire-QA-Approval' jobs: check_for_qa_approval: From 56a263279bc287b94632fb8a8e15c5ca81ce9e5f Mon Sep 17 00:00:00 2001 From: IsraelleHub <145595240+IsraelleHub@users.noreply.github.com> Date: Tue, 7 May 2024 12:57:08 -0500 Subject: [PATCH 05/17] Check PR --- .github/workflows/pr_checks_for_qa_approvals.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pr_checks_for_qa_approvals.yml b/.github/workflows/pr_checks_for_qa_approvals.yml index 66b63735abf..3b779b35af5 100644 --- a/.github/workflows/pr_checks_for_qa_approvals.yml +++ b/.github/workflows/pr_checks_for_qa_approvals.yml @@ -20,7 +20,7 @@ on: - 'develop' push: branches: - - 'Automation/6261-Chanel-Reuire-QA-Approval' + - 'Automation/6261-Chanel-Require-QA-Approval' jobs: check_for_qa_approval: From 19ab83471f6df3e1d5b0b2a9d1b5a1f5c57b256c Mon Sep 17 00:00:00 2001 From: IsraelleHub <145595240+IsraelleHub@users.noreply.github.com> Date: Tue, 7 May 2024 13:22:10 -0500 Subject: [PATCH 06/17] Removed path --- .github/workflows/pr_checks_for_qa_approvals.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/pr_checks_for_qa_approvals.yml b/.github/workflows/pr_checks_for_qa_approvals.yml index 3b779b35af5..5a245a3cd22 100644 --- a/.github/workflows/pr_checks_for_qa_approvals.yml +++ b/.github/workflows/pr_checks_for_qa_approvals.yml @@ -7,10 +7,10 @@ name: '[Utils] QA required approval' on: pull_request: types: [opened, edited, converted_to_draft, ready_for_review, reopened] - paths: - - 'VAMobile/src/**' - - 'VAMobile/package.json' - - '!VAMobile/src/**.test.*' + #paths: + #- 'VAMobile/src/**' + #- 'VAMobile/package.json' + #- '!VAMobile/src/**.test.*' pull_request_review: types: [submitted, dismissed] From 3de6aaffb6cf79210a238ccdbd234e4617e68fef Mon Sep 17 00:00:00 2001 From: IsraelleHub <145595240+IsraelleHub@users.noreply.github.com> Date: Tue, 7 May 2024 13:23:36 -0500 Subject: [PATCH 07/17] removed 'on push' --- .github/workflows/pr_checks_for_qa_approvals.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/pr_checks_for_qa_approvals.yml b/.github/workflows/pr_checks_for_qa_approvals.yml index 5a245a3cd22..58c9ffd0e71 100644 --- a/.github/workflows/pr_checks_for_qa_approvals.yml +++ b/.github/workflows/pr_checks_for_qa_approvals.yml @@ -18,9 +18,9 @@ on: pull_request_target: branches: - 'develop' - push: - branches: - - 'Automation/6261-Chanel-Require-QA-Approval' + #push: + # branches: + # - 'Automation/6261-Chanel-Require-QA-Approval' jobs: check_for_qa_approval: From 3e5cea0a39d34183932328913e20f5d72dc9b0ac Mon Sep 17 00:00:00 2001 From: IsraelleHub <145595240+IsraelleHub@users.noreply.github.com> Date: Tue, 7 May 2024 13:24:51 -0500 Subject: [PATCH 08/17] Removed pr target branch --- .github/workflows/pr_checks_for_qa_approvals.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/pr_checks_for_qa_approvals.yml b/.github/workflows/pr_checks_for_qa_approvals.yml index 58c9ffd0e71..7534cb072c3 100644 --- a/.github/workflows/pr_checks_for_qa_approvals.yml +++ b/.github/workflows/pr_checks_for_qa_approvals.yml @@ -15,9 +15,9 @@ on: pull_request_review: types: [submitted, dismissed] - pull_request_target: - branches: - - 'develop' + #pull_request_target: + #branches: + #- 'develop' #push: # branches: # - 'Automation/6261-Chanel-Require-QA-Approval' From d1f62801995a3c0d20476ebd084e98559980e437 Mon Sep 17 00:00:00 2001 From: IsraelleHub <145595240+IsraelleHub@users.noreply.github.com> Date: Tue, 7 May 2024 13:30:32 -0500 Subject: [PATCH 09/17] on push only --- .github/workflows/pr_checks_for_qa_approvals.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/pr_checks_for_qa_approvals.yml b/.github/workflows/pr_checks_for_qa_approvals.yml index 7534cb072c3..439480c4e27 100644 --- a/.github/workflows/pr_checks_for_qa_approvals.yml +++ b/.github/workflows/pr_checks_for_qa_approvals.yml @@ -5,22 +5,22 @@ name: '[Utils] QA required approval' on: - pull_request: - types: [opened, edited, converted_to_draft, ready_for_review, reopened] + #pull_request: + #types: [opened, edited, converted_to_draft, ready_for_review, reopened] #paths: #- 'VAMobile/src/**' #- 'VAMobile/package.json' #- '!VAMobile/src/**.test.*' - pull_request_review: - types: [submitted, dismissed] + #pull_request_review: + #types: [submitted, dismissed] #pull_request_target: #branches: #- 'develop' - #push: - # branches: - # - 'Automation/6261-Chanel-Require-QA-Approval' + push: + branches: + - 'Automation/6261-Chanel-Require-QA-Approval' jobs: check_for_qa_approval: From dde6b235d80d32035077d547dc7db688081ce1fb Mon Sep 17 00:00:00 2001 From: Narin Ratana Date: Tue, 7 May 2024 13:36:39 -0700 Subject: [PATCH 10/17] Try lowercase branch name --- .github/workflows/pr_checks_for_qa_approvals.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pr_checks_for_qa_approvals.yml b/.github/workflows/pr_checks_for_qa_approvals.yml index 439480c4e27..260e1e32c8d 100644 --- a/.github/workflows/pr_checks_for_qa_approvals.yml +++ b/.github/workflows/pr_checks_for_qa_approvals.yml @@ -20,7 +20,7 @@ on: #- 'develop' push: branches: - - 'Automation/6261-Chanel-Require-QA-Approval' + - automation/62621-chanel-qa-approval-workflow jobs: check_for_qa_approval: From 2183450ab46a9383d76020af68ea7dd09101d27f Mon Sep 17 00:00:00 2001 From: Narin Ratana Date: Tue, 7 May 2024 13:37:34 -0700 Subject: [PATCH 11/17] Try lowercase branch name --- .github/workflows/pr_checks_for_qa_approvals.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pr_checks_for_qa_approvals.yml b/.github/workflows/pr_checks_for_qa_approvals.yml index 260e1e32c8d..a545f011fa4 100644 --- a/.github/workflows/pr_checks_for_qa_approvals.yml +++ b/.github/workflows/pr_checks_for_qa_approvals.yml @@ -20,7 +20,7 @@ on: #- 'develop' push: branches: - - automation/62621-chanel-qa-approval-workflow + - automation/6261-chanel-qa-approval-workflow jobs: check_for_qa_approval: From 470a295d85761622fdfb601661d10c69c197791d Mon Sep 17 00:00:00 2001 From: Narin Ratana Date: Tue, 7 May 2024 13:38:40 -0700 Subject: [PATCH 12/17] Surround with single quote --- .github/workflows/pr_checks_for_qa_approvals.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pr_checks_for_qa_approvals.yml b/.github/workflows/pr_checks_for_qa_approvals.yml index a545f011fa4..2a6632a4f0a 100644 --- a/.github/workflows/pr_checks_for_qa_approvals.yml +++ b/.github/workflows/pr_checks_for_qa_approvals.yml @@ -20,7 +20,7 @@ on: #- 'develop' push: branches: - - automation/6261-chanel-qa-approval-workflow + - 'automation/6261-chanel-qa-approval-workflow' jobs: check_for_qa_approval: From a2224aaeb32dd92b374e1b9dcfa9b1b8dd3ecc0d Mon Sep 17 00:00:00 2001 From: Charnelle <145595240+IsraelleHub@users.noreply.github.com> Date: Tue, 7 May 2024 22:25:53 -0500 Subject: [PATCH 13/17] Update workflow --- .github/workflows/pr_checks_for_qa_approvals.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/pr_checks_for_qa_approvals.yml b/.github/workflows/pr_checks_for_qa_approvals.yml index 2a6632a4f0a..3051950d410 100644 --- a/.github/workflows/pr_checks_for_qa_approvals.yml +++ b/.github/workflows/pr_checks_for_qa_approvals.yml @@ -5,15 +5,15 @@ name: '[Utils] QA required approval' on: - #pull_request: - #types: [opened, edited, converted_to_draft, ready_for_review, reopened] + pull_request: + types: [opened, edited, converted_to_draft, ready_for_review, reopened] #paths: #- 'VAMobile/src/**' #- 'VAMobile/package.json' #- '!VAMobile/src/**.test.*' - #pull_request_review: - #types: [submitted, dismissed] + pull_request_review: + types: [submitted, dismissed] #pull_request_target: #branches: @@ -66,4 +66,4 @@ jobs: else echo 'This PR requires 2 approvals, including one QA and one engineerapprovals, before merging.' exit 1 - fi \ No newline at end of file + fi From 0a7c64737666f4d43c7aeee622f6e7a9980ce28e Mon Sep 17 00:00:00 2001 From: Charnelle <145595240+IsraelleHub@users.noreply.github.com> Date: Tue, 7 May 2024 22:47:11 -0500 Subject: [PATCH 14/17] Uncommented out --- .github/workflows/pr_checks_for_qa_approvals.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/pr_checks_for_qa_approvals.yml b/.github/workflows/pr_checks_for_qa_approvals.yml index 3051950d410..49e707e574b 100644 --- a/.github/workflows/pr_checks_for_qa_approvals.yml +++ b/.github/workflows/pr_checks_for_qa_approvals.yml @@ -7,17 +7,17 @@ name: '[Utils] QA required approval' on: pull_request: types: [opened, edited, converted_to_draft, ready_for_review, reopened] - #paths: - #- 'VAMobile/src/**' - #- 'VAMobile/package.json' - #- '!VAMobile/src/**.test.*' + paths: + - 'VAMobile/src/**' + - 'VAMobile/package.json' + - '!VAMobile/src/**.test.*' pull_request_review: types: [submitted, dismissed] - #pull_request_target: - #branches: - #- 'develop' + pull_request_target: + branches: + - 'develop' push: branches: - 'automation/6261-chanel-qa-approval-workflow' From e592d1e03a449a12981d67baa827186ba2df7cfa Mon Sep 17 00:00:00 2001 From: Charnelle <145595240+IsraelleHub@users.noreply.github.com> Date: Tue, 7 May 2024 22:49:35 -0500 Subject: [PATCH 15/17] Updatejq line4 --- .github/workflows/pr_checks_for_qa_approvals.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pr_checks_for_qa_approvals.yml b/.github/workflows/pr_checks_for_qa_approvals.yml index 49e707e574b..2a3c1c58f4c 100644 --- a/.github/workflows/pr_checks_for_qa_approvals.yml +++ b/.github/workflows/pr_checks_for_qa_approvals.yml @@ -34,7 +34,7 @@ jobs: --url https://api.github.com/repos/${{ github.repository }}/pulls/${{ github.event.pull_request.number }}/reviews?per_page=100 \ --header 'Authorization: ${{ secrets.GITHUB_TOKEN }}' \ --header 'Content-Type: application/json' | - jq -c '[map(select(.state == "APPROVED")) | .[] .user.login]') + jq -c '[.[] | select(.state == "APPROVED") | .user.login]' echo "${{secrets.GH_ACTIONS_PAT}}" >> token.txt gh auth login --with-token < token.txt required_approval_count=$(gh api \ From 730917c2b098786b0c22e73aca0a43c53afe9cda Mon Sep 17 00:00:00 2001 From: Charnelle <145595240+IsraelleHub@users.noreply.github.com> Date: Tue, 7 May 2024 22:55:37 -0500 Subject: [PATCH 16/17] Enclosed url in double quotes --- .github/workflows/pr_checks_for_qa_approvals.yml | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/.github/workflows/pr_checks_for_qa_approvals.yml b/.github/workflows/pr_checks_for_qa_approvals.yml index 2a3c1c58f4c..096da43dfbf 100644 --- a/.github/workflows/pr_checks_for_qa_approvals.yml +++ b/.github/workflows/pr_checks_for_qa_approvals.yml @@ -31,10 +31,11 @@ jobs: shell: bash run: | approvals=$(curl --request GET \ - --url https://api.github.com/repos/${{ github.repository }}/pulls/${{ github.event.pull_request.number }}/reviews?per_page=100 \ - --header 'Authorization: ${{ secrets.GITHUB_TOKEN }}' \ - --header 'Content-Type: application/json' | - jq -c '[.[] | select(.state == "APPROVED") | .user.login]' + --url "https://api.github.com/repos/${{ github.repository }}/pulls/${{ github.event.pull_request.number }}/reviews?per_page=100" \ + --header "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \ + --header "Content-Type: application/json" | \ + jq -c '[.[] | select(.state == "APPROVED") | .user.login]') + echo "${{secrets.GH_ACTIONS_PAT}}" >> token.txt gh auth login --with-token < token.txt required_approval_count=$(gh api \ From d0fe2eca84ea726db2c166bf73094bf4b705446c Mon Sep 17 00:00:00 2001 From: Charnelle <145595240+IsraelleHub@users.noreply.github.com> Date: Wed, 8 May 2024 09:05:45 -0500 Subject: [PATCH 17/17] Update pr_checks_for_qa_approvals.yml --- .../workflows/pr_checks_for_qa_approvals.yml | 89 +++++++++---------- 1 file changed, 43 insertions(+), 46 deletions(-) diff --git a/.github/workflows/pr_checks_for_qa_approvals.yml b/.github/workflows/pr_checks_for_qa_approvals.yml index 096da43dfbf..38bf25923a7 100644 --- a/.github/workflows/pr_checks_for_qa_approvals.yml +++ b/.github/workflows/pr_checks_for_qa_approvals.yml @@ -1,3 +1,4 @@ + # # Checks if QA approvals are necessary, and if so runs the associated action when a new review is added # @@ -6,65 +7,61 @@ name: '[Utils] QA required approval' on: pull_request: - types: [opened, edited, converted_to_draft, ready_for_review, reopened] - paths: - - 'VAMobile/src/**' - - 'VAMobile/package.json' - - '!VAMobile/src/**.test.*' - + types: [opened, edited] pull_request_review: types: [submitted, dismissed] - - pull_request_target: - branches: - - 'develop' - push: - branches: - - 'automation/6261-chanel-qa-approval-workflow' + push: jobs: + check_for_qa_required: + if: github.event.review.state == 'APPROVED' + runs-on: ubuntu-latest + outputs: + requires_qa: ${{ steps.qa_required.outputs.requires_qa}} + steps: + - uses: dorny/paths-filter@v2 + id: qa_required + with: + filters: | + requires_qa: + - 'VAMobile/src' + - 'VAMobile/package.json' + - '!VAMobile/src/*.test.*' check_for_qa_approval: - name: Requires QA approval runs-on: ubuntu-latest + needs: check_for_qa_required + outputs: + has_qa_approval: ${{ steps.check-qa-approval.outputs.has_qa_approval }} steps: - name: Check QA approval + id: check-qa-approval shell: bash + if: ${{ needs.check_for_qa_required.outputs.requires_qa }} == 'true' run: | - approvals=$(curl --request GET \ - --url "https://api.github.com/repos/${{ github.repository }}/pulls/${{ github.event.pull_request.number }}/reviews?per_page=100" \ - --header "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \ - --header "Content-Type: application/json" | \ - jq -c '[.[] | select(.state == "APPROVED") | .user.login]') - - echo "${{secrets.GH_ACTIONS_PAT}}" >> token.txt - gh auth login --with-token < token.txt - required_approval_count=$(gh api \ - -H "Accept: application/vnd.github+json" \ - -H "X-GitHub-Api-Version: 2022-11-28" \ - /repos/department-of-veterans-affairs/va-mobile-app/branches/develop/protection | - jq -c '.required_pull_request_reviews.required_approving_review_count') - echo "Approvers: $approvals" - - qa_team_members=$( - gh api \ - -H "Accept: application/vnd.github+json" \ - -H "X-GitHub-Api-Version: 2022-11-28" \ - /orgs/department-of-veterans-affairs/teams/flagship-mobile-qa/members | - jq -c '[.[] | .login]' - ) - echo "required approval count: $required_approval_count" - echo "QA team: $qa_team_members" - if [[ $(jq '. | length' <<< "$approvals") -gt $required_approval_count ]] - then - if [[ $(jq '[.[] | select(. | IN("timwright12", "rbontrager", "DJUltraTom", "TKDickson"))] | length' <<< "$approvals") -gt 0 ]] - then + token=${{ secrets.GITHUB_TOKEN }} + base64AuthInfo='$token | base64 -e' + response=$(curl --request GET \ + --url https://api.github.com/repos/${{ github.repository }}/pulls/${{ github.event.pull_request.number }}/reviews \ + --header 'Authorization: $base64AuthInfo' \ + --header 'Content-Type: application/json') + approvals = $response | jq '.[] | select(.state=="APPROVED")' + echo $approvals + if $aprovals.length > 1 + qa_approvals = $approvals | jq '.[] | select(.user.login | IN("rbontrager","DJUltraTom","TKDickson"))' + if $qa_approvals.length > 0 echo 'This PR has QA approval to merge' - exit 0 + echo ::set-output name=has_qa_approval::'true' else echo 'This PR requires QA approval to merge' - exit 1 + echo ::set-output name=has_qa_approval::'false' fi else - echo 'This PR requires 2 approvals, including one QA and one engineerapprovals, before merging.' - exit 1 + echo 'This PR requires 2 approvals, including one QA approval, before merging.' + echo ::set-output name=has_qa_approval::'false' fi + add_or_remove_qa_required_label: + name: Add or Remove label + needs: check_for_qa_approval + runs-on: ubuntu-latest + env: + LABEL: qa-review-required