Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/OSS-Docs-Tools/code-owner-self-merge

A GitHub Action for letting CODEOWNERS merge PRs via green PR reviews
https://github.com/OSS-Docs-Tools/code-owner-self-merge

actions github-actions javascript

Last synced: about 1 month ago
JSON representation

A GitHub Action for letting CODEOWNERS merge PRs via green PR reviews

Host: GitHub
URL: https://github.com/OSS-Docs-Tools/code-owner-self-merge
Owner: OSS-Docs-Tools
License: mit
Created: 2019-09-29T02:58:01.000Z (about 5 years ago)
Default Branch: master
Last Pushed: 2024-06-08T07:21:33.000Z (7 months ago)
Last Synced: 2024-11-04T14:46:38.275Z (about 2 months ago)
Topics: actions, github-actions, javascript
Language: JavaScript
Homepage:
Size: 2.93 MB
Stars: 53
Watchers: 3
Forks: 16
Open Issues: 11
Metadata Files:
- Readme: README.md
- License: LICENSE
- Codeowners: .github/CODEOWNERS
- Security: SECURITY.md

Awesome Lists containing this project

awesome-list - code-owner-self-merge - Docs-Tools | 35 | (JavaScript)

README

A GitHub action that lets code-owners merge PRs via a comment.

This action uses the standardized structure of [a CODEOWNERS file](https://github.blog/2017-07-06-introducing-code-owners/) to handle the access controls.

## A simple example

So, with this file at: `.github/CODEOWNERS`:

```sh
README.md @orta
```

If a PR contained _only_ a change to the `README.md` - this action would say that "@orta has the ability to merge by commenting 'LGTM'".

Then, when/if this happens the GitHub Action will merge for you.

## A real-world example

`.github/CODEOWNERS`:

```sh
# Collaborators for Japanese Translation of the Website
packages/playground-examples/copy/ja/**/*.md @sasurau4 @Quramy @Naturalclar @Takepepe @orta
packages/tsconfig-reference/copy/ja/**/*.md @sasurau4 @Quramy @Naturalclar @Takepepe @orta
packages/typescriptlang-org/src/copy/ja/**/*.md @sasurau4 @Quramy @Naturalclar @Takepepe @orta
packages/documentation/copy/ja/**/*.ts @sasurau4 @Quramy @Naturalclar @Takepepe @orta
```

This allows any of `@sasurau4`, `@Quramy`, `@Naturalclar`, `@Takepepe` or `@orta` to merge PRs which affect their areas of the translation process in the TypeScript Website repo. Code owners can use a [review](https://github.com/orta/code-owner-self-merge/pull/3), or a [comment](https://github.com/orta/code-owner-self-merge/pull/1) to merge.

## Setting It Up

You want a unique workflow file, e.g. `.github/workflows/codeowners-merge.yml`

```yml
name: Codeowners merging
on:
pull_request_target: { types: [opened] }
issue_comment: { types: [created] }
pull_request_review: { types: [submitted] }

jobs:
build:
runs-on: ubuntu-latest

steps:
- uses: actions/checkout@v1
- name: Run Codeowners merge check
uses: OSS-Docs-Tools/[email protected]
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
```

Then you should be good to go. Note that I might not have bumped the version in `^`, so double [check the releases.](https://github.com/OSS-Docs-Tools/code-owner-self-merge/releases)

### Security

We force the use of [`pull_request_target`](https://github.blog/2020-08-03-github-actions-improvements-for-fork-and-pull-request-workflows/) as a workflow event to ensure that someone cannot change the CODEOWNER files at the same time as having that change be used to validate if they can merge.

### Issue / PR manipulation

Merging a PR has strict security requirements, but closing a PR or Issue can have a weaker one. Anyone with a GitHub login in the CODEOWNER has the ability to close any PR / Issue via a comment/review which includes:

```
@github-actions close
```

A closed PR can be re-opened with:

```
@github-actions reopen
```

### Extras

You can use this label to set labels for specific sections of the codebase, by having square brackets to indicate labels to make: `[label]`

```sh
# Collaborators for Spanish Translation of the Website
packages/playground-examples/copy/es/**/*.md @KingDarBoja [translate] [es]
packages/playground-examples/copy/es/**/*.ts @KingDarBoja [translate] [es]
packages/tsconfig-reference/copy/es/**/*.md @KingDarBoja [translate] [es]
packages/typescriptlang-org/src/copy/es/**/*.ts @KingDarBoja [translate] [es]
packages/documentation/copy/es/**/*.ts @KingDarBoja [translate] [es]
```

## Config

There are six options available at the moment:

- `cwd`, which can be used to determine the root folder to look for CODEOWNER files in.
- `merge_method`, which can be `merge` (default), `squash` or `rebase`, depending on what you want the action to do.
- `quiet` - does not output a message saying who can merge PRs
- `ownerNoPings` - list of usernames to wrap mention in an inline code block to prevent pinging

```yml
- name: Run Codeowners merge check
uses: OSS-Docs-Tools/code-owner-self-merge@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
cwd: './docs'
merge_method: 'squash'
```

Then 2 for handling fallbacks on PRs which aren't able to be maintained by anyone in the CODEOWNERs:

- `if_no_maintainers_add_label` - A label to add which denotes it is a maintainers PR to handle
- `if_no_maintainers_assign` - A string of `@` prefixed GitHub usernames, separated by spaces which denotes who should be assigned to PRs which don't get a CODEOWNER.

```yml
- name: Run Codeowners merge check
uses: OSS-Docs-Tools/code-owner-self-merge@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
merge_method: 'squash'
if_no_maintainers_add_label: 'maintainers'
if_no_maintainers_assign: '@orta @sandersn'
```

### Dev

Use `npx jest --watch` to run tests.

### Deploy

Use the GH UI to make a tag and release.