From abff7ae7cd093f4e5d69b07cc08193e87a5be82f Mon Sep 17 00:00:00 2001 From: Antoine du Hamel Date: Mon, 14 Jun 2021 01:02:26 +0200 Subject: [PATCH 1/2] tools: restrict commit-queue usage to collaborators --- .github/workflows/comment-labeled.yml | 20 ++++++++++++++++++++ tools/get-collaborators.mjs | 17 +++++++++++++++++ 2 files changed, 37 insertions(+) create mode 100755 tools/get-collaborators.mjs diff --git a/.github/workflows/comment-labeled.yml b/.github/workflows/comment-labeled.yml index 14e48ea8dd3..9c8590c37bc 100644 --- a/.github/workflows/comment-labeled.yml +++ b/.github/workflows/comment-labeled.yml @@ -27,3 +27,23 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: gh pr comment ${{ github.event.pull_request.number }} --repo ${{ github.repository }} --body "Fast-track has been requested by @${{ github.actor }}. Please 👍 to approve." + + commit-queue: + if: github.repository == 'nodejs/node' && github.event_name == 'pull_request_target' && github.event.label.name == 'commit-queue' + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - name: Restrict Commit-Queue to collaborators + run: ./tools/get-collaborators.mjs | grep -q "${{ github.actor }}" + - name: Remove label if necessary + if: {{ failure() }} + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + ISSUE_URL: ${{ github.event.pull_request.issue_url }} + COMMIT_QUEUE_LABEL: ${{ github.event.label.name }} + run: | + gh pr comment ${{ github.event.pull_request.number }} --repo ${{ github.repository }} \ + --body "Only collaborators can use the commit queue." && + curl -X DELETE "$ISSUE_URL/labels/$COMMIT_QUEUE_LABEL" \ + -H "Content-Type: application/json" \ + -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" diff --git a/tools/get-collaborators.mjs b/tools/get-collaborators.mjs new file mode 100755 index 00000000000..7abdce895ff --- /dev/null +++ b/tools/get-collaborators.mjs @@ -0,0 +1,17 @@ +#!/usr/bin/env node +import { createInterface } from 'node:readline'; +import fs from 'node:fs'; + +const README = new URL('../README.md', import.meta.url); +const input = fs.createReadStream(README); + +let COLLABORATOR_LIST_START = '### Collaborators'; +let COLLABORATOR_LIST_END = '### Collaborator emeriti'; + +let collaboratorListStarted = false; +for await (const line of createInterface({ input, crlfDelay: Infinity })) { + if (line === COLLABORATOR_LIST_END) break; + else if (collaboratorListStarted) console.log(line); + else if (line === COLLABORATOR_LIST_START) + collaboratorListStarted = true; +} From d06d03229a5ec615d62b19f543fb7eb5ad9c4197 Mon Sep 17 00:00:00 2001 From: Antoine du Hamel Date: Mon, 14 Jun 2021 01:20:49 +0200 Subject: [PATCH 2/2] drop! enable action for all repos --- .github/workflows/comment-labeled.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/comment-labeled.yml b/.github/workflows/comment-labeled.yml index 9c8590c37bc..1cacb7fe3eb 100644 --- a/.github/workflows/comment-labeled.yml +++ b/.github/workflows/comment-labeled.yml @@ -29,7 +29,7 @@ jobs: run: gh pr comment ${{ github.event.pull_request.number }} --repo ${{ github.repository }} --body "Fast-track has been requested by @${{ github.actor }}. Please 👍 to approve." commit-queue: - if: github.repository == 'nodejs/node' && github.event_name == 'pull_request_target' && github.event.label.name == 'commit-queue' + if: github.event_name == 'pull_request_target' && github.event.label.name == 'commit-queue' runs-on: ubuntu-latest steps: - uses: actions/checkout@v2