Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[SL-ONLY] Add require admin check workflow #259

Merged
merged 3 commits into from
Jan 28, 2025
Merged

[SL-ONLY] Add require admin check workflow #259

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
c1d78b1
add require admin check workflow
mkardous-silabs Jan 28, 2025
1a36d61
add label removal check
mkardous-silabs Jan 28, 2025
10f5b1c
only post comment once for the label removal
mkardous-silabs Jan 28, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 2 additions & 1 deletion .github/workflows/silabs-open-csa-pr.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,8 @@ jobs:

**PR MUST BE MERGED WITH MERGE COMMIT - ADMIN MUST ENABLE THE OPTION**
token: ${{secrets.GITHUB_TOKEN}}
labels: changing-submodules-on-purpose
labels:
changing-submodules-on-purpose, sl-require-admin-action

# The next step is necessary to force the CI to be executed when a PR is opened by the github-bot.
# The PR event isn't triggered when the bot opens the PR and as such doesn't trigger the workflows that use the event as their trigger.
Expand Down
58 changes: 58 additions & 0 deletions .github/workflows/silabs-require-admin-action-check.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,58 @@
name: Check for sl-require-admin-action label

on:
pull_request:
branches:
- main
- release_*
types:
- opened
- reopened
- synchronize
- labeled
- unlabeled

permissions:
pull-requests: write

jobs:
check-label:
runs-on: ubuntu-latest
steps:
- name: Check for sl-require-admin-action label
run: |
PR_NUMBER=${{ github.event.pull_request.number }}
LABELS=$(gh pr view $PR_NUMBER --repo ${{ github.repository }} --json labels --jq '.labels[].name')
if echo "$LABELS" | grep -q "sl-require-admin-action"; then
echo "The sl-require-admin-action label is present. Failing the job."
COMMENTS=$(gh pr view $PR_NUMBER --repo ${{ github.repository }} --json comments --jq '.comments[].body')
if ! echo "$COMMENTS" | grep -q "The CI failure for this job is normal. An admin must do the merge."; then
gh pr comment $PR_NUMBER --repo ${{ github.repository }} --body "The CI failure for this job is normal. An admin must do the merge."
fi
exit 1
else
echo "The sl-require-admin-action label is not present. Passing the job."
fi
env:
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}

prevent-label-removal:
runs-on: ubuntu-latest
steps:
- name: Prevent sl-require-admin-action label removal
if: github.event.action == 'unlabeled'
run: |
PR_NUMBER=${{ github.event.pull_request.number }}
REMOVED_LABEL=${{ github.event.label.name }}
if [ "$REMOVED_LABEL" == "sl-require-admin-action" ]; then
echo "The sl-require-admin-action label cannot be removed. Failing the job."
COMMENTS=$(gh pr view $PR_NUMBER --repo ${{ github.repository }} --json comments --jq '.comments[].body')
if ! echo "$COMMENTS" | grep -q "The sl-require-admin-action label cannot be removed once it has been added."; then
gh pr comment $PR_NUMBER --repo ${{ github.repository }} --body "The sl-require-admin-action label cannot be removed once it has been added."
fi
exit 1
else
echo "A different label was removed. Passing the job."
fi
env:
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
Loading