add review-bot to require fellows as reviewers (#31)

* add review-bot to require fellows as reviewers Created a Github Action that uses the [Review-Bot app](https://github.com/paritytech/review-bot) to require fellows to review pull requests before allowing the PR to be merged. The user's information is fetched always from the chain after every event. It looks in the fellows data for a field named GitHub and it extracts the handle from there. This resolves #7 (you can find more information about the request there) This uses [`pull_request_target`](https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#pull_request_target) for the event, not `pull_request`. This is a security measure so that an attacker doesn’t have access to the secrets. * removed non existent directory * Apply suggestions for required rankings Co-authored-by: Bastian Köcher <git@kchr.de> Co-authored-by: joe petrowski <25483142+joepetrowski@users.noreply.github.com> * merged system parachains with relay files * updated minFellowsRank for .github files Co-authored-by: Bastian Köcher <git@kchr.de> * updated file to new version Version 2.0.0 requires new types and fields. This will help us so we can develop custom rules in the future. * added CHANGELOG to 'Relay and System files' rule --------- Co-authored-by: Bastian Köcher <git@kchr.de> Co-authored-by: joe petrowski <25483142+joepetrowski@users.noreply.github.com>
polkadot-fellows · Sep 24, 2023 · ca29673 · ca29673
1 parent bf6da3c
commit ca29673
Show file tree

Hide file tree

Showing 2 changed files with 64 additions and 0 deletions.
diff --git a/.github/review-bot.yml b/.github/review-bot.yml
@@ -0,0 +1,32 @@
+rules:
+  - name: CI Files
+    condition:
+      include:
+        - ^\.github/.*
+    type: fellows
+    minRank: 4
+    minApprovals: 2
+  - name: Relay and system files
+    condition:
+      include:
+        - ^relay\/kusama\/.*
+        - ^relay\/polkadot\/.*
+        - ^system-parachains\/.*
+        - ^CHANGELOG$
+      exclude: 
+        - ^relay\/.+\.adoc$
+    type: fellows
+    minRank: 3
+    minApprovals: 4
+  - name: General Files
+    condition:
+      include:
+        - '.*'
+      exclude: 
+        - ^relay\/kusama\/.*
+        - ^relay\/polkadot\/.*
+        - ^\.github/.*
+        - ^system-parachains\/.*
+        - ^target\/.*
+    type: fellows
+    minRank: 2
diff --git a/.github/workflows/review-bot.yml b/.github/workflows/review-bot.yml
@@ -0,0 +1,32 @@
+name: Review PR
+on:
+  pull_request_target:
+    types:
+      - opened
+      - reopened
+      - synchronize
+      - review_requested
+      - review_request_removed
+      - ready_for_review
+  pull_request_review:
+
+permissions:
+  contents: read
+  checks: write
+
+jobs:
+  review-approvals:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Generate token
+        id: team_token
+        uses: tibdex/github-app-token@v1
+        with:
+          app_id: ${{ secrets.REVIEW_APP_ID }}
+          private_key: ${{ secrets.REVIEW_APP_KEY }}
+      - name: "Evaluates PR reviews and assigns reviewers"
+        uses: paritytech/review-bot@v2.0.0
+        with:
+          repo-token: ${{ secrets.GITHUB_TOKEN }}
+          team-token: ${{ steps.team_token.outputs.token }}
+          checks-token: ${{ steps.team_token.outputs.token }}