-
Notifications
You must be signed in to change notification settings - Fork 64
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge branch 'master' into 91501-add-swagger-documentation-for-repres…
…entationmanagementv0pdfgenerator2122acontroller
- Loading branch information
Showing
855 changed files
with
34,426 additions
and
12,338 deletions.
There are no files selected for viewing
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
name: Backend PR Approver | ||
on: | ||
workflow_run: | ||
workflows: | ||
- "Backend PR Labeler" | ||
types: [completed] | ||
jobs: | ||
say-hi: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: Say Hi | ||
run: | | ||
echo "Hi" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,206 @@ | ||
name: Backend PR Labeler | ||
on: | ||
pull_request: | ||
types: [opened, reopened, review_requested, review_request_removed, ready_for_review, converted_to_draft, labeled, unlabeled] | ||
pull_request_review: | ||
types: [submitted] | ||
workflow_run: | ||
workflows: | ||
- "Code Checks" | ||
types: [completed] | ||
jobs: | ||
get-pr-data: | ||
runs-on: ubuntu-latest | ||
env: | ||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
outputs: | ||
pr_number: ${{ steps.get_pr_data.outputs.pr_number }} | ||
pr_draft: ${{ steps.get_pr_data.outputs.pr_draft }} | ||
pr_labels: ${{ steps.get_pr_data.outputs.pr_labels }} | ||
pr_requested_teams: ${{ steps.get_pr_data.outputs.pr_requested_teams }} | ||
steps: | ||
- name: Get pull_request data | ||
id: get_pr_data | ||
run: | | ||
if ${{ github.event_name == 'pull_request' || github.event_name == 'pull_request_review'}}; then | ||
echo "pr_number=${{ github.event.pull_request.number }}" >> $GITHUB_OUTPUT | ||
echo "pr_draft=${{ github.event.pull_request.draft }}" >> $GITHUB_OUTPUT | ||
echo "pr_labels=$(echo '${{ toJSON(github.event.pull_request.labels.*.name) }}' | jq -c '.')" >> $GITHUB_OUTPUT | ||
echo "pr_requested_teams=$(echo '${{ toJSON(github.event.pull_request.requested_teams.*.name) }}' | jq -c '.')" >> $GITHUB_OUTPUT | ||
elif ${{ github.event_name == 'workflow_run' }}; then | ||
if ${{ github.event.workflow_run.event == 'push' }}; then | ||
echo "Workflow was triggered by push to ${{ github.event.workflow_run.head_branch }}. Labeling not required." | ||
exit 0 | ||
elif ${{ toJSON(github.event.workflow_run.pull_requests) != '[]' }}; then | ||
PR_NUMBER="${{ github.event.workflow_run.pull_requests[0].number }}" | ||
echo "pr_number=${PR_NUMBER}" >> $GITHUB_OUTPUT | ||
# Fetch PR details from GitHub API | ||
PR_INFO=$(gh api /repos/${{ github.repository }}/pulls/${PR_NUMBER} --jq '{ | ||
draft: .draft, | ||
labels: [.labels[].name], | ||
requested_teams: [.requested_teams[].slug] | ||
}') | ||
# Extract and store individual fields | ||
echo "pr_draft=$(echo "$PR_INFO" | jq -r '.draft')" >> $GITHUB_OUTPUT | ||
echo "pr_labels=$(echo "$PR_INFO" | jq -c '.labels')" >> $GITHUB_OUTPUT | ||
echo "pr_requested_teams=$(echo "$PR_INFO" | jq -c '.requested_teams')" >> $GITHUB_OUTPUT | ||
else | ||
echo "Workflow run has no associated pull requests. Labeling not performed." | ||
exit 0 | ||
fi | ||
else | ||
echo "event_name: ${{ github.event_name }}" | ||
echo "Pull Request not successfully retrieved." | ||
exit 1 | ||
fi | ||
- name: Echo PR data | ||
if: ${{ steps.get_pr_data.outputs.pr_number != '' }} | ||
run: | | ||
echo "pr_number: ${{ steps.get_pr_data.outputs.pr_number }}" | ||
echo "pr_draft: ${{ steps.get_pr_data.outputs.pr_draft }}" | ||
echo "pr_labels: ${{ steps.get_pr_data.outputs.pr_labels }}" | ||
echo "pr_labels: ${{ fromJson(steps.get_pr_data.outputs.pr_labels)[0] }}" | ||
echo "pr_requested_teams: ${{ steps.get_pr_data.outputs.pr_requested_teams }}" | ||
echo "pr_requested_teams: ${{ fromJSON(steps.get_pr_data.outputs.pr_requested_teams)[0] }}" | ||
check-pr-status: | ||
runs-on: ubuntu-latest | ||
needs: get-pr-data | ||
if: ${{ needs.get-pr-data.outputs.pr_number != '' }} | ||
env: | ||
pr_labels: ${{ needs.get-pr-data.outputs.pr_labels }} | ||
pr_requested_teams: ${{ needs.get-pr-data.outputs.pr_requested_teams }} | ||
outputs: | ||
test_status: ${{ steps.get_code_checks_conclusion.outputs.test_status }} | ||
exempt: ${{ steps.check_exemption.outputs.exempt }} | ||
failures_detected: ${{ steps.audit_pr_labels.outputs.failures_detected }} | ||
steps: | ||
- name: Print vars (DELETE ME) | ||
run: | | ||
echo "pr_labels=${{ needs.get-pr-data.outputs.pr_labels }}" | ||
echo "pr_requested_teams=${{ needs.get-pr-data.outputs.pr_requested_teams }}" | ||
- name: Get Code Checks result | ||
if: github.event_name == 'workflow_run' | ||
run: | | ||
echo "test_status=${{ github.event.workflow_run.conclusion }}" >> $GITHUB_OUTPUT | ||
echo "test_status: ${{ github.event.workflow_run.conclusion }}" | ||
- name: Check for exemption | ||
id: check_exemption | ||
run: | | ||
if ${{ contains(fromJSON(env.pr_requested_teams), 'backend-review-group') }}; then | ||
echo "exempt=false" >> $GITHUB_OUTPUT | ||
echo "PR requires backend approval." | ||
else | ||
echo "exempt=true" >> $GITHUB_OUTPUT | ||
echo "PR is exempt from backend approval." | ||
fi | ||
- name: Check for failure labels | ||
id: audit_pr_labels | ||
run: | | ||
if \ | ||
${{ contains(env.pr_labels, 'code-health-failure') }} || \ | ||
${{ contains(env.pr_labels, 'codeowners-addition-failure') }} || \ | ||
${{ contains(env.pr_labels, 'codeowners-delete-failure') }} || \ | ||
${{ contains(env.pr_labels, 'lint-failure') }} || \ | ||
${{ contains(env.pr_labels, 'test-failure') }} ; then | ||
echo "failures_detected=true" >> $GITHUB_OUTPUT | ||
echo "Failure labels detected." | ||
else | ||
echo "failures_detected=false" >> $GITHUB_OUTPUT | ||
echo "No failure labels detected." | ||
fi | ||
check-approvals: | ||
runs-on: ubuntu-latest | ||
needs: [get-pr-data, check-pr-status] | ||
if: ${{ needs.check-pr-status.outputs.exempt == 'false' && needs.check-pr-status.outputs.pr_draft == 'false' }} | ||
env: | ||
pr_number: ${{ needs.get-pr-data.outputs.pr_number }} | ||
outputs: | ||
approval_status: ${{ steps.verify_approval.outputs.approval_status }} | ||
steps: | ||
- name: Print vars (DELETE ME) | ||
run: | | ||
echo "pr_number=${{ env.pr_number }}" | ||
- name: Configure AWS Credentials | ||
uses: aws-actions/configure-aws-credentials@v4.0.2 | ||
with: | ||
aws-access-key-id: ${{ secrets.aws_access_key_id }} | ||
aws-secret-access-key: ${{ secrets.aws_secret_access_key }} | ||
aws-region: "us-gov-west-1" | ||
|
||
- name: Get bot token from Parameter Store | ||
uses: marvinpinto/action-inject-ssm-secrets@latest | ||
with: | ||
ssm_parameter: /devops/VA_VSP_BOT_GITHUB_TOKEN | ||
env_variable_name: VA_VSP_BOT_GITHUB_TOKEN | ||
|
||
- name: Get PR Reviews | ||
id: get_pr_reviews | ||
uses: octokit/request-action@v2.x | ||
with: | ||
route: GET /repos/${{ github.repository }}/pulls/${{ env.pr_number }}/reviews | ||
env: | ||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
|
||
- name: Get backend-review-group members | ||
id: get_team_members | ||
uses: octokit/request-action@v2.x | ||
with: | ||
route: GET /orgs/department-of-veterans-affairs/teams/backend-review-group/members | ||
env: | ||
GITHUB_TOKEN: ${{ env.VA_VSP_BOT_GITHUB_TOKEN }} | ||
|
||
# Confirm an approval exists from at least one BE team member | ||
- name: Verify backend-review-group approval | ||
id: verify_approval | ||
run: | | ||
BACKEND_REVIEWERS=$(cat <<'EOF' | jq -r '.[].login' | tr '\n' '|' | sed 's/|$//' | ||
${{ steps.get_team_members.outputs.data }} | ||
EOF | ||
) | ||
APPROVALS=$(cat <<'EOF' | jq -r '.[] | select(.state == "APPROVED") | .user.login' | grep -iE "$BACKEND_REVIEWERS" | wc -l | ||
${{ steps.get_pr_reviews.outputs.data }} | ||
EOF | ||
) | ||
echo "Number of backend-review-group approvals: $APPROVALS" | ||
if [ "$APPROVALS" -eq 0 ]; then | ||
echo "approval_status=required" >> $GITHUB_OUTPUT | ||
echo "Backend-review-group approval required." | ||
else | ||
echo "approval_status=confirmed" >> $GITHUB_OUTPUT | ||
echo "Backend-review-group approval confirmed." | ||
fi | ||
apply-labels: | ||
runs-on: ubuntu-latest | ||
needs: [get-pr-data, check-pr-status, check-approvals] | ||
if: ${{ always() }} | ||
env: | ||
exempt: ${{ needs.check-pr-status.outputs.exempt }} | ||
pr_number: ${{ needs.get-pr-data.outputs.pr_number }} | ||
pr_draft: ${{ needs.get-pr-data.outputs.pr_draft }} | ||
pr_labels: ${{ needs.get-pr-data.outputs.pr_labels }} | ||
test_status: ${{ needs.check-pr-status.outputs.test_status }} | ||
failures_detected: ${{ needs.check-pr-status.outputs.failures_detected }} | ||
approval_status: ${{ needs.check-approvals.outputs.approval_status }} | ||
steps: | ||
- name: print vars (DELETE ME) | ||
id: print-vars | ||
run: | | ||
echo ${{ env.exempt }} | ||
echo ${{ env.pr_number }} | ||
echo ${{ env.pr_draft }} | ||
echo ${{ env.pr_labels }} | ||
echo ${{ env.test_status }} | ||
echo ${{ env.failures_detected }} | ||
echo ${{ env.approval_status }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.