test cleanup and expire

sqin2019 · Sep 11, 2023 · f3cbf52 · f3cbf52
1 parent ae46281
commit f3cbf52
Show file tree

Hide file tree

Showing 2 changed files with 44 additions and 40 deletions.
diff --git a/.github/workflows/cleanup.yml b/.github/workflows/cleanup.yml
@@ -37,15 +37,13 @@ on:
         default: '1.21'
         required: false
       pr_number:
-        description: "The number of the pull request that contains the AOD requests."
+        description: 'The number of the pull request that contains the AOD requests.'
         type: 'number'
-        # default: ${{ github.event.pull_request.number }}
-        required: false
+        required: true
       branch:
-        description: "The branch of the pull request."
+        description: 'The branch of the pull request.'
         type: 'string'
-        # default: ${{ github.event.pull_request.head.ref }}
-        required: false
+        required: true
 
 env:
   IAM_ERROR_FILENAME: 'iam_error.txt'
@@ -55,36 +53,36 @@ env:
 
 jobs:
   # Check the current status of this pull request with respect to code review.
-  # review_status:
-  #   runs-on: 'ubuntu-latest'
-  #   permissions:
-  #     pull-requests: 'read'
-  #   outputs:
-  #     REVIEW_DECISION: '${{ steps.get_review_decision.outputs.REVIEW_DECISION }}'
-  #   steps:
-  #     - id: 'get_review_decision'
-  #       env:
-  #         # Set the GH_TOKEN environment variable to use GitHub CLI in a GitHub Actions workflow.
-  #         # See ref: https://docs.github.com/en/actions/using-workflows/using-github-cli-in-workflows
-  #         GH_TOKEN: '${{ github.token }}'
-  #       run: |
-  #         repo=${{ github.repository }}
-  #         reviewDecision="$(gh api graphql -F owner=${{ github.repository_owner }} -F name=${repo##*/} -F pr_number=${{ inputs.pr_number }} -f query='
-  #           query($name: String!, $owner: String!, $pr_number: Int!) {
-  #             repository(owner: $owner, name: $name) {
-  #               pullRequest(number: $pr_number) {
-  #                 reviewDecision
-  #               }
-  #             }
-  #           }
-  #         ' --jq '.data.repository.pullRequest.reviewDecision')"
-
-  #         echo REVIEW_DECISION=$reviewDecision >> $GITHUB_OUTPUT
+  review_status:
+    runs-on: 'ubuntu-latest'
+    permissions:
+      pull-requests: 'read'
+    outputs:
+      REVIEW_DECISION: '${{ steps.get_review_decision.outputs.REVIEW_DECISION }}'
+    steps:
+      - id: 'get_review_decision'
+        env:
+          # Set the GH_TOKEN environment variable to use GitHub CLI in a GitHub Actions workflow.
+          # See ref: https://docs.github.com/en/actions/using-workflows/using-github-cli-in-workflows
+          GH_TOKEN: '${{ github.token }}'
+        run: |
+          repo=${{ github.repository }}
+          reviewDecision="$(gh api graphql -F owner=${{ github.repository_owner }} -F name=${repo##*/} -F pr_number=${{ inputs.pr_number }} -f query='
+            query($name: String!, $owner: String!, $pr_number: Int!) {
+              repository(owner: $owner, name: $name) {
+                pullRequest(number: $pr_number) {
+                  reviewDecision
+                }
+              }
+            }
+          ' --jq '.data.repository.pullRequest.reviewDecision')"
+
+          echo REVIEW_DECISION=$reviewDecision >> $GITHUB_OUTPUT
 
   # Only run Tool request cleanup when the pull request is approved.
   cleanup:
-    # needs: 'review_status'
-    # if: '${{ needs.review_status.outputs.REVIEW_DECISION == ''APPROVED'' }}'
+    needs: 'review_status'
+    if: '${{ needs.review_status.outputs.REVIEW_DECISION == ''APPROVED'' }}'
     runs-on: 'ubuntu-latest'
     permissions:
       # Required for closing a branch, see ref: https://docs.github.com/en/rest/overview/permissions-required-for-github-apps?apiVersion=2022-11-28#repository-permissions-for-contents
@@ -293,10 +291,19 @@ jobs:
               issue_number: ${{ inputs.pr_number }},
               body: `**\`Access on Demand\`** - 🟦 **\`IAM\`** request not found, skip cleanup.`,
             });
-      - name: 'Delete Branch'
-        # Only delete branch when cleanups are skipped or successfully handled.
-        if: '${{ steps.cleanup_iam.outcome != ''failure'' && steps.cleanup_tool.outcome != ''failure'' }}'
-        uses: 'actions/github-script@98814c53be79b1d30f795b907e553d8679345975' # ratchet:actions/github-script@v6
+
+  delete_branch:
+    needs: 'cleanup'
+    # Delete branch after cleanup no matter if cleanup was skipped, succeeded or failed.
+    if: '${{ always() }}'
+    runs-on: 'ubuntu-latest'
+    permissions:
+      # Required for closing a branch, see ref: https://docs.github.com/en/rest/overview/permissions-required-for-github-apps?apiVersion=2022-11-28#repository-permissions-for-contents
+      contents: 'write'
+      # id-token: 'write'
+    name: 'Delete Branch'
+    steps:
+      - uses: 'actions/github-script@98814c53be79b1d30f795b907e553d8679345975' # ratchet:actions/github-script@v6
         with:
           github-token: '${{ github.token }}'
           retries: '3'

diff --git a/.github/workflows/expire.yml b/.github/workflows/expire.yml
@@ -120,6 +120,3 @@ jobs:
 
             core.info(`outter expiredPull ${expiredPulls}`);
             return expiredPulls;
-
-      - name: Get result
-        run: echo "${{ fromJson(steps.close_pr.outputs.result) }}"