Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: PR Review | ||
| on: | ||
| pull_request: | ||
| types: [opened, synchronize, reopened, ready_for_review] | ||
| jobs: | ||
| enforce-review: | ||
| runs-on: ubuntu-latest | ||
| permissions: | ||
| pull-requests: read | ||
| contents: read | ||
| organization: read | ||
| steps: | ||
| - uses: actions/checkout@v4 | ||
| - name: Check for correct approval | ||
| env: | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| PR_NUMBER: ${{ github.event.pull_request.number }} | ||
| PR_AUTHOR: ${{ github.event.pull_request.user.login }} | ||
| run: | | ||
| # Step 1: If only markdown or files in 'docs' are changed, no review is needed. | ||
| changed_files=$(gh pr diff "$PR_NUMBER" --name-only) | ||
| needs_review=false | ||
| while IFS= read -r file; do | ||
| if [[ -n "$file" && ! "$file" == *.md && ! "$file" == docs/* ]]; then | ||
| needs_review=true | ||
| break | ||
| fi | ||
| done <<< "$changed_files" | ||
| if [ "$needs_review" = false ]; then | ||
| echo "Only documentation files were changed. No review required." | ||
| exit 0 | ||
| fi | ||
| echo "Code changes detected. Proceeding with approval check." | ||
| # Get all approving users once to minimize API calls | ||
| approvers=$(gh pr review list "$PR_NUMBER" --json author,state | jq -r '.[] | select(.state=="APPROVED") | .author.login') | ||
| echo "Approving users: $approvers" | ||
| # Step 2: Determine which approval rule to apply based on the PR author. | ||
| CORE_TEAM_LOGINS=("skeshive" "chrsthnb") | ||
| is_core_author=false | ||
| for member in "${CORE_TEAM_LOGINS[@]}"; do | ||
| if [ "$PR_AUTHOR" == "$member" ]; then | ||
| is_core_author=true | ||
| break | ||
| fi | ||
| done | ||
| if [ "$is_core_author" = true ]; then | ||
| # Rule for Core Team authors: requires approval from another core team member. | ||
| echo "Author is a core team member. Checking for approval from another core team member." | ||
| approved=false | ||
| for member in "${CORE_TEAM_LOGINS[@]}"; do | ||
| if [ "$member" != "$PR_AUTHOR" ] && echo "$approvers" | grep -q -w "^$member$"; then | ||
| echo "Approval found from core team member: $member" | ||
| approved=true | ||
| break | ||
| fi | ||
| done | ||
| if [ "$approved" = false ]; then | ||
| echo "Missing approval from another core team member." | ||
| exit 1 | ||
| fi | ||
| else | ||
| # Rule for external authors: requires approval from the approvers team. | ||
| echo "Author is not a core team member. Checking for approval from @google-gemini/gemini-cli-askmode-approvers." | ||
| team_members=$(gh api orgs/google-gemini/teams/gemini-cli-askmode-approvers/members --jq '.[].login') | ||
| approved=false | ||
| for approver in $approvers; do | ||
| if echo "$team_members" | grep -q -w "^$approver$"; then | ||
| echo "Approval found from team member: $approver" | ||
| approved=true | ||
| break | ||
| fi | ||
| done | ||
| if [ "$approved" = false ]; then | ||
| echo "Missing approval from a member of @google-gemini/gemini-cli-askmode-approvers." | ||
| exit 1 | ||
| fi | ||
| fi | ||
| echo "All approval checks passed." | ||
