https://github.com/garretpatten/codeowner-verifier

A GitHub Action to verify CODEOWNERS files -- both that all files included in a PR or push are owned and (if an apiToken is passed) that all owners in the CODEOWNERS file are valid Teams within the GitHub organization in context.
https://github.com/garretpatten/codeowner-verifier

Last synced: about 5 hours ago
JSON representation

A GitHub Action to verify CODEOWNERS files -- both that all files included in a PR or push are owned and (if an apiToken is passed) that all owners in the CODEOWNERS file are valid Teams within the GitHub organization in context.

• Host: GitHub
• URL: https://github.com/garretpatten/codeowner-verifier
• Owner: garretpatten
• License: mit
• Created: 2022-07-27T15:35:25.000Z (over 2 years ago)
• Default Branch: main
• Last Pushed: 2023-12-17T19:32:37.000Z (11 months ago)
• Last Synced: 2023-12-18T20:59:00.328Z (11 months ago)
• Language: JavaScript
• Homepage:
• Size: 51.5 MB
• Stars: 0
• Watchers: 1
• Forks: 0
• Open Issues: 1
• Metadata Files:
  • Readme: README.md
  • Contributing: CONTRIBUTING.md
  • License: LICENSE
  • Codeowners: .github/CODEOWNERS

Awesome Lists containing this project

README

        
[![code style: prettier](https://img.shields.io/badge/code_style-prettier-ff69b4.svg?style=flat-square)](https://github.com/prettier/prettier)

[![Issues](https://img.shields.io/github/issues/garretpatten/codeowner-verifier)](https://github.com/garretpatten/codeowner-verifier/issues)

[![License MIT](https://img.shields.io/github/license/garretpatten/codeowner-verifier)](https://github.com/garretpatten/codeowner-verifier/blob/master/LICENSE)

[![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/garretpatten/codeowner-verifier/badge)](https://securityscorecards.dev/viewer/?uri=github.com/garretpatten/codeowner-verifier)

[![Release](https://img.shields.io/github/v/release/garretpatten/codeowner-verifier)](https://github.com/garretpatten/codeowner-verifier/releases)

# codeowner-verifier

A GitHub Action that verifies that modified files are owned by codeowners. This Action is intended to run on pull requests to enforce code ownership defined in a repository's CODEOWNERS file.

## Table of Contents

- [Usage](#usage)

	- [Action Parameters](#action-parameters)

		- [changedFiles](#changedFiles)

		- [deletedFiles](#deletedFiles)

	- [Environment Variables](#environment-variables)

		- [GITHUB_TOKEN](#GITHUB_TOKEN)

	- [Files](#files)

		- [.codeownersignore](#.codeownersignore)

- [Maintainers](#maintainers)

- [Contributing](#contributing)

## Usage

This GitHub Action has been built to be consumed by organizations and individual projects. In order to incorporate this Action into a repository's build process, a workflow file must be added to that respository's `.github/workflows` directory. The workflow file can be named as needed and should mirror the `codeowner-verifier.yml` file in this repository.

### Action Parameters

#### changedFiles

`changedFiles` is a required parameter that facilitates the processing of updated files in the context of the CODEOWNERS file. `changedFiles` expects to receive a space-delimited list of the filepaths that have been updated in a given PR or push operation. The example workflow in this repository uses the GitHub CLI to generate the list for this parameter.

#### deletedFiles

`deletedFiles` is a required parameter that facilitates the processing of moved and deleted files in the context of the CODEOWNERS file. `deletedFiles` expects to receive a space-delimited list of the filepaths that have been moved or deleted in a given PR or push operation. The example workflow in this repository uses the GitHub CLI to generate the list for this parameter.

### Environment Variables

#### GITHUB_TOKEN

The `GITHUB_TOKEN` is a required environment variable that is needed for the Action to work in the context of a private GitHub organization. A token should be provided that is connected to a user who has requisite access to the repository in context. The codeowner-verifier workflow in this repository uses the shared `CODEOWNER_VERIFIER_TOKEN` for this parameter.

### Files

#### .codeownersignore

The `.codeownersignore` is an optional file at the root directory that allows a repository to dictate certain filepaths to ignore when validating the CODEOWNERS file. This ignore file is meant to be used for filepaths like `node_modules`, `.gitignore`, `README.md`, and any other files where it may not make sense to require an explicit owner in the CODEOWNERS file. It should be used like a `.gitignore` file with one filepath pattern per line that gets ignored.

### Environment Variables

#### GITHUB_TOKEN

The `GITHUB_TOKEN` is a required environment variable that is needed for the Action to work as intended in the context of a private GitHub organization. A token should be provided that is connected to a user who has requisite access to the organization and repository in context.

## Maintainers

[@GarretPatten](https://github.com/garretpatten)