pezkuwichain/pezkuwi-subxt
1
0
Fork 0
mirror of https://github.com/pezkuwichain/pezkuwi-subxt.git synced 2026-04-27 05:47:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

Added review-bot to fine tune review requirements (#1673)

Browse Source 
Created a Github Action that uses the [Review-Bot
app](https://github.com/paritytech/review-bot) to require more fine
tuned requirements to review pull requests before allowing the PR to be
merged.

This uses
[`pull_request_target`](https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#pull_request_target)
for the event, not `pull_request`. This is a security measure so that an
attacker doesn’t have access to the secrets.

All the rules have been copied from the original
`.github/pr-custom-review.yml` file.

I want to clarify, this particular commit is **not intended to replace
PRCR yet**.

# Advantages it brings over `PRCR`

Most of the features available in `PRCR` have been duplicated and
enhanced. For a complete detailed write up, please see:
- paritytech/pr-custom-review#114 -> Proposal for the rewrite
- [Review Bot
Documentation](https://github.com/paritytech/review-bot/blob/main/README.md)

The most important features are:
- `include` and `exclude` fields now accept an array, making it easier
to read the regular expressions.
- Ability to skip a rule
- We can set that PRs coming from a particular user or team will cause
the rule to be skipped.
- This is used in the `Audit rule`, which was requested by
@the-right-joyce.
  - This resolves paritytech/pr-custom-review#136
- Ability to request fellows instead of teams
- As requested in polkadot-fellows/runtimes#7, this bot has the ability
to request fellows by rank instead of users.
- We currently have polkadot-fellows/runtimes#31 which is using that
feature.

Aside from all the rules available in `PRCR` I have added a particular
rule to lock the review-bot files and require a review from the
`locks-review` team, the @paritytech/ci team and the
@paritytech/opstooling team to ensure that the file has been written
correctly.

## Next steps

The next steps will consist on paritytech/review-bot#53, once this issue
has been resolved, and `review-bot` has worked without any issues on
this repository for a while, we will upgrade it to be able to fully
replace `PRCR`.
This commit is contained in:
Javier Bullrich
2023-09-28 12:59:35 +02:00
committed by GitHub
parent 4bc97e481f
commit 4384c613af
2 changed files with 152 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.github/workflows/review-bot.yml
+31
View File
@@ -0,0 +1,31 @@
name: Review PR
on:
pull_request_target:
types:
- opened
- reopened
- synchronize
- review_requested
- review_request_removed
- ready_for_review
pull_request_review:
permissions:
contents: read
jobs:
review-approvals:
runs-on: ubuntu-latest
steps:
- name: Generate token
id: team_token
uses: tibdex/github-app-token@v1
with:
app_id: ${{ secrets.REVIEW_APP_ID }}
private_key: ${{ secrets.REVIEW_APP_KEY }}
- name: "Evaluates PR reviews and assigns reviewers"
uses: paritytech/review-bot@v1.1.0
with:
repo-token: ${{ secrets.GITHUB_TOKEN }}
team-token: ${{ steps.team_token.outputs.token }}
checks-token: ${{ steps.team_token.outputs.token }}