[Dev] Pull request review bot seems confused about who is a committer

[nealrichardson]

Describe the bug, including details regarding any error messages, version, and platform.

Yet I am a committer.

RTFSing, I see that the job pulls https://raw.githubusercontent.com/apache/arrow-site/main/_data/committers.yml and then checks whether the current user is in the alias list there. But those aliases are apache IDs (historically, at least, and that's what mine is), not github usernames. They may be the same for some but not all.

Component(s)

Continuous Integration, Developer Tools

[raulcd]

The bot checks the membership to the apache arrow organisation: https://github.com/orgs/apache/people
The problem is that if the membership is set to private (which is the default when being added to the org) it cannot identify the user as a committer. We could try to extract this data automatically. There was an issue opened with some discussion in the past on the arrow-site repo here: apache/arrow-site#338

[nealrichardson]

Huh, then what am I seeing here? https://github.com/apache/arrow/blob/main/.github/workflows/pr_bot.yml#L72 downloads the list from arrow-site and passes it to archery, which appears to pull out the "alias" field here: https://github.com/apache/arrow/blob/main/dev/archery/archery/cli.py#L825-L827 and then compares it to the current user here https://github.com/apache/arrow/blob/main/dev/archery/archery/bot.py#L136-L137

[raulcd]

Sorry, you are correct, the mechanism I was sharing was the originally implemented one, we did add the check for the committers.yml afterwards. It is explained on the PR that implemented it: #34557
It is even worst, because I forgot I myself did that :P

[nealrichardson]

It's a bigger issue than I thought: I can't trigger crossbow jobs anymore: #41451 (comment)

[kou]

Could you change your visibility of https://github.com/orgs/apache/people?query=nealrichardson to "Public" from "Private"?

[nealrichardson]

Done. But it sounds like from the PR that @raulcd mentioned, that's not what's being checked anymore?

[kou]

I think that @github-actions crossbow uses the visibility:

arrow/dev/archery/archery/bot.py

Lines 279 to 284 in 7aea8bf

	# Only allow users of apache org to submit commands, for more see
	# https://developer.github.com/v4/enum/commentauthorassociation/
	# Checking privileges here enables the bot to respond
	# without relying on the handler.
	allowed_roles = {'OWNER', 'MEMBER', 'COLLABORATOR'}
	if payload['comment']['author_association'] not in allowed_roles:

Could you try again?

[nealrichardson]

Ah, thanks, of course you are correct :) Yes, I can now (again) use the comment bot.

We should make sure to mention the need to make your membership in the apache github org public in our invitation emails to new committers, I was not aware of this.

[kou]

I agree with you.