Authorize /lgtm and /approve with OWNERS file

[carolynvs]

When an OWNERS file is present, the /lgtm and /approve commands are authorized using the contents of the file instead of org/repo membership. The github action does not checkout the repository itself to locate OWNERS. The workflow is responsible for checking out the repo first before calling the prow action.

The format of the OWNERS file is a subset of prow's OWNERS file. I am only looking for the file at the root of the repository. The format is as follows:

approvers:
- user1
- user2

reviewers:
- user1
- user2
- user3

/lgtm checks if the commenter is in the reviewers section, and /approve checks if the commenter is in the approvers section. Membership in approvers does not authorize the use of /lgtm.

Closes #44

[carolynvs]

If you'd like to see where this was tested, I've been chatting with the prow action on this test PR: ladygogo/test#1

[jpmcb]

Oooo excellent! Thanks for this

Planning to get eyes on this week. Again, thank you so so much for your contribution!

[carolynvs]

I have been a bit stumped by the one test failure. I'm unsure what I changed that is causing it.

FAIL __tests__/main.test.ts
  ● runs with no options

    Command failed: node /home/runner/work/prow-github-actions/prow-github-actions/lib/main.js

      10 |   }
      11 | 
    > 12 |   expect(cp.execSync(`node ${ip}`, options).toString()).toContain(
         |             ^
      13 |     'not yet supported'
      14 |   )
      15 | })

[jpmcb]

This is looking amazing!! 👏🏼

Thank you so so much for this huge feature add.

I'm seeing a few prettier errors being thrown on running npm run all. I think once those are addressed, we can get this in

[jpmcb]

I have been a bit stumped by the one test failure. I'm unsure what I changed that is causing it.

The github actions are actually broken for some reason. That's been a long standing problem that I haven't had a ton of time to look into. For example, it's broken in dependabot bumps. I'll make a new issue.

Running the tests locally look good for me:

npm run test-all

...

Test Suites: 25 passed, 25 total
Tests:       6 skipped, 81 passed, 87 total
Snapshots:   0 total
Time:        7.411 s
Ran all test suites.

[carolynvs]

Alright, prettier has been appeased! Thanks for pointing that out. I'm new to js/ts and am still figuring out what all I should be running locally.

[carolynvs]

I've updated the PR to use "OwnersFile" instead of just "Owners" all by itself, and to retrieve the owners file via the API instead of cloning the repo.

[carolynvs]

@jpmcb When you have time to review, let me know if there are more changes I need to make. I have a patch ready that replies to the PR when you don't have permission to run /lgtm or /approve so that people know when things aren't working.

[jpmcb]

This is great. Let's bring this in!