[Utils] QA required approval #799
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# | |
# Checks if QA approvals are necessary, and if so runs the associated action when a new review is added | |
# | |
name: '[Utils] QA required approval' | |
on: | |
pull_request: | |
types: [opened, edited, converted_to_draft, ready_for_review, reopened] | |
paths: | |
- 'VAMobile/src' | |
- 'VAMobile/e2e' | |
- 'VAMobile/package.json' | |
- 'VAMobile/.detoxrc.json' | |
- '!VAMobile/src/*.test.tsx' | |
- '!.github/**' | |
pull_request_review: | |
types: [submitted, dismissed] | |
jobs: | |
check_for_qa_approval: | |
name: Requires QA approval | |
runs-on: ubuntu-latest | |
steps: | |
- name: Check QA approval | |
shell: bash | |
run: | | |
if [[ "${{ github.event.pull_request.user.login }}" == "dependabot[bot]" ]] | |
then | |
echo "PR opened by Dependabot. Skipping QA approval check." | |
exit 0 | |
fi | |
approvals=$(curl --request GET \ | |
--url https://api.github.com/repos/${{ github.repository }}/pulls/${{ github.event.pull_request.number }}/reviews?per_page=100 \ | |
--header 'Authorization: ${{ secrets.GITHUB_TOKEN }}' \ | |
--header 'Content-Type: application/json' | | |
jq -c '[map(select(.state == "APPROVED")) | .[] .user.login]') | |
echo "${{secrets.GH_ACTIONS_PAT}}" >> token.txt | |
gh auth login --with-token < token.txt | |
required_approval_count=$(gh api \ | |
-H "Accept: application/vnd.github+json" \ | |
-H "X-GitHub-Api-Version: 2022-11-28" \ | |
/repos/department-of-veterans-affairs/va-mobile-app/branches/develop/protection | | |
jq -c '.required_pull_request_reviews.required_approving_review_count') | |
echo "Approvers: $approvals" | |
echo "required approval count: $required_approval_count" | |
if [[ $(jq '. | length' <<< "$approvals") -ge $required_approval_count ]] | |
then | |
if [[ $(jq '[.[] | select(. | IN("timwright12", "alexandec", "theodur", "dumathane", "cadibemma", "Sparowhawk", "narin"))] | length' <<< "$approvals") -gt 0 ]] | |
then | |
echo 'This PR has at least one engineer approval. Now checking for QA approval...' | |
if [[ $(jq '[.[] | select(. | IN("timwright12", "IsraelleHub", "rbontrager", "DJUltraTom", "TKDickson", "brea11y", "narin"))] | length' <<< "$approvals") -gt 0 ]] | |
then | |
echo 'This PR has QA and engineer approval to merge' | |
exit 0 | |
else | |
echo 'This PR requires QA approval to merge' | |
exit 1 | |
fi | |
else | |
echo 'This PR requires Engineer approval before QA review' | |
exit 1 | |
fi | |
else | |
echo 'This PR requires two approvals, including one QA approval, before merging.' | |
exit 1 | |
fi |