Generalize asynchronous events #255
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#Due to GitHub awkwardness, it's not easy to reduce the review requirement for collaborators. | |
#Our policy is that 2 collaborators should be aware of every change. | |
#For outside PRs, this means 2 collaborator reviews. | |
#For PRs made by collaborators, this means 1 reviewer + the author. | |
#We trust that collaborators don't need as much oversight. | |
name: Auto approve collaborator PRs | |
on: | |
pull_request_target: | |
types: | |
- opened | |
- synchronize | |
- reopened | |
- ready_for_review | |
permissions: | |
pull-requests: write | |
jobs: | |
approve: | |
name: Auto approve | |
runs-on: ubuntu-latest | |
steps: | |
- name: Check if PR author has write access | |
id: check-permission | |
uses: actions-cool/check-user-permission@v2 | |
with: | |
token: ${{ secrets.GITHUB_TOKEN }} | |
require: write | |
username: ${{ github.event.pull_request.user.login }} | |
#technically this would be fine for dependabot but generally bots don't count as team members | |
check-bot: true | |
#TODO: Some way to avoid unnecessary repeated reviews would be nice here | |
- name: Approve PR if authorized | |
if: steps.check-permission.outputs.require-result == 'true' && steps.check-permission.outputs.check-result == 'false' | |
uses: juliangruber/approve-pull-request-action@v2 | |
with: | |
github-token: ${{ secrets.GITHUB_TOKEN }} | |
number: ${{ github.event.pull_request.number }} |