Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/per1234/workflowsawaiting

Check for workflows awaiting approval
https://github.com/per1234/workflowsawaiting

ci continuous-integration github-actions maintainers

Last synced: about 1 month ago
JSON representation

Check for workflows awaiting approval

Awesome Lists containing this project

README

        

# workflowsawaiting

Check for [GitHub Actions](https://github.com/features/actions) workflow runs which are awaiting approval.

From https://docs.github.com/en/actions/managing-workflow-runs/approving-workflow-runs-from-public-forks

> workflows on pull requests are not run automatically if they are received from first-time contributors, and must be approved first

This policy puts a large burden on repository maintainers. Even with an active maintainer, it can introduce significant delays in the important feedback cycle between contributors and the CI system. The first time PRs targeted by the system are often the very ones that benefit the most from an automated validation system. It can be easy for maintainers to overlook that each push to a PR necessitates another approval.

For this reason, it's useful to have a tool to monitor repositories for unapproved workflows.

## Table of Contents

- [Dependencies](#dependencies)
- [Usage](#usage)
- [Arguments](#arguments)
- [`CONFIG_PATH`](#config_path)
- [Options](#options)
- [`--report-path`](#--report-path)
- [`--verbose`](#--verbose)
- [Environment variables](#environment-variables)
- [`GITHUB_TOKEN`](#github_token)
- [Configuration file](#configuration-file)
- [`owner`](#owner)
- [`repo`](#repo)
- [`action`](#action)
- [`scope`](#scope)

## Dependencies

Required tools:

- [Python](https://www.python.org/) 3.9
- [Poetry](http://python-poetry.org/) - Used for dependency management

Run the following from the project's root folder to install the Python module dependencies:

```
poetry install
```

## Usage

```
poetry run python workflowsawaiting.py [OPTION]... CONFIG_PATH
```

### Arguments

#### `CONFIG_PATH`

**Required**

Path to a [YAML](https://en.wikipedia.org/wiki/YAML) formatted file defining the repositories to monitor workflows in.

See the [Configuration file](#configuration-file) section for details on the file format.

### Options

#### `--report-path`

**Optional**

Path to output a [JSON](https://www.json.org/) format report of the results to.

#### `--verbose`

**Optional**

Output debug information.

### Environment variables

#### `GITHUB_TOKEN`

**Required**

[GitHub access token](https://docs.github.com/en/github/authenticating-to-github/creating-a-personal-access-token) to use for the GitHub API requests.

## Configuration file

The repositories to monitor workflows in are defined by a [YAML](https://en.wikipedia.org/wiki/YAML) formatted file.

It is a list of configuration objects, which support the following keys:

### `owner`

Repository owner. If an owner, the configuration applies to all that owner's repositories, though subsequent configuration objects can modify that list.

### `repo`

Repository name. If no `repo` is specified by a configuration object, the `action` is applied to all the owner's repositories which are in the `scope`, though subsequent configuration objects can modify that list.

### `action`

Supported values:

- **`monitor`** (default)
- **`ignore`**

### `scope`

Supported values:

- **`maintaining`**: (default) monitor only repositories where the owner of [`GITHUB_TOKEN`](#github_token) has permissions.
- **`all`**: monitor all repositories