-
-
Notifications
You must be signed in to change notification settings - Fork 11
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Authorize /lgtm and /approve with OWNERS file #51
Conversation
07e48d8
to
2e29a8b
Compare
When an OWNERS file is present, the /lgtm and /approve commands are authorized using the contents of the file instead of org/repo membership. The github action does not checkout the repository itself to locate OWNERS. The workflow is responsible for checking out the repo first before calling the prow action. The format of the OWNERS file is a subset of prow's OWNERS file. I am only looking for the file at the root of the repository. The format is as follows: ```yaml approvers: - user1 - user2 reviewers: - user1 - user2 - user3 ``` /lgtm checks if the commentor is in the reviewers section, and /approve checks if the commentor is in the approvers section. Membership in approvers does not authorize the use of /lgtm. Signed-off-by: Carolyn Van Slyck <me@carolynvanslyck.com>
If you'd like to see where this was tested, I've been chatting with the prow action on this test PR: ladygogo/test#1 |
Oooo excellent! Thanks for this Planning to get eyes on this week. Again, thank you so so much for your contribution! |
I have been a bit stumped by the one test failure. I'm unsure what I changed that is causing it.
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is looking amazing!! 👏🏼
Thank you so so much for this huge feature add.
I'm seeing a few prettier
errors being thrown on running npm run all
. I think once those are addressed, we can get this in
The github actions are actually broken for some reason. That's been a long standing problem that I haven't had a ton of time to look into. For example, it's broken in dependabot bumps. I'll make a new issue. Running the tests locally look good for me:
|
Signed-off-by: Carolyn Van Slyck <me@carolynvanslyck.com>
Alright, prettier has been appeased! Thanks for pointing that out. I'm new to js/ts and am still figuring out what all I should be running locally. |
Owners all by itself could mean the repository owners. I've updated the function names that work with the OWNERS file to clarify that they are specifically for the file itself. Signed-off-by: Carolyn Van Slyck <me@carolynvanslyck.com>
Signed-off-by: Carolyn Van Slyck <me@carolynvanslyck.com>
Signed-off-by: Carolyn Van Slyck <me@carolynvanslyck.com>
I've updated the PR to use "OwnersFile" instead of just "Owners" all by itself, and to retrieve the owners file via the API instead of cloning the repo. |
@jpmcb When you have time to review, let me know if there are more changes I need to make. I have a patch ready that replies to the PR when you don't have permission to run /lgtm or /approve so that people know when things aren't working. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is great. Let's bring this in!
When an OWNERS file is present, the /lgtm and /approve commands are authorized using the contents of the file instead of org/repo membership. The github action does not checkout the repository itself to locate OWNERS. The workflow is responsible for checking out the repo first before calling the prow action.
The format of the OWNERS file is a subset of prow's OWNERS file. I am only looking for the file at the root of the repository. The format is as follows:
/lgtm checks if the commenter is in the reviewers section, and /approve checks if the commenter is in the approvers section. Membership in approvers does not authorize the use of /lgtm.
Closes #44