name: Triage on: pull_request_target: types: - opened - synchronize - reopened - labeled - unlabeled permissions: {} concurrency: triage-${{ github.head_ref }} jobs: review: runs-on: ubuntu-22.04 if: startsWith(github.repository, 'Homebrew/') steps: - name: Review pull request if: > (github.event_name == 'pull_request' || github.event_name == 'pull_request_target') && github.event.pull_request.state != 'closed' uses: actions/github-script@v6 with: github-token: ${{ secrets.HOMEBREW_BREW_TRIAGE_PULL_REQUESTS_TOKEN }} script: | async function approvePullRequest(pullRequestNumber) { const reviews = await approvalsByAuthenticatedUser(pullRequestNumber) if (reviews.length > 0) { return } await github.rest.pulls.createReview({ ...context.repo, pull_number: pullRequestNumber, event: 'APPROVE', }) } async function approvalsByAuthenticatedUser(pullRequestNumber) { const { data: user } = await github.rest.users.getAuthenticated() const { data: reviews } = await github.rest.pulls.listReviews({ ...context.repo, pull_number: pullRequestNumber, }) const approvals = reviews.filter(review => review.state == 'APPROVED') return approvals.filter(review => review.user.login == user.login) } async function reviewPullRequest(pullRequestNumber) { const { data: pullRequest } = await github.rest.pulls.get({ owner: context.repo.owner, repo: context.repo.repo, pull_number: pullRequestNumber, }) const { data: user } = await github.rest.users.getAuthenticated() if (pullRequest.user.login == user.login) { core.warning('Pull request author is a bot.') return } if (pullRequest.author_association != 'MEMBER') { core.warning('Pull request author is not a member.') return } const criticalLabel = 'critical' const labels = pullRequest.labels.map(label => label.name) const hasCriticalLabel = labels.includes(criticalLabel) if (hasCriticalLabel) { const message = `Review granted due to \`${criticalLabel}\` label.` core.info(message) await approvePullRequest(pullRequestNumber) } } await reviewPullRequest(context.issue.number)