Skip to content

Allow reopening by codeowners #32

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Sep 6, 2021
Merged

Allow reopening by codeowners #32

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 15 additions & 3 deletions index.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,8 @@ async function run() {
new Actor().mergeIfHasAccess();
} else if (bodyLower.includes("@github-actions close")) {
new Actor().closePROrIssueIfInCodeowners();
} else if (bodyLower.includes("@github-actions reopen")) {
new Actor().reopenPROrIssueIfInCodeowners();
} else {
console.log("Doing nothing because the body does not include a command")
}
Expand Down Expand Up @@ -196,10 +198,10 @@ class Actor {
}
}

async closePROrIssueIfInCodeowners() {
async closePROrIssueIfInCodeowners() {
// Because closing a PR/issue does not mutate the repo, we can use a weaker
// authentication method: basically is the person in the codeowners? Then they can close
// an issue or PR.
// an issue or PR.
if (!githubLoginIsInCodeowners(this.sender, this.cwd)) return

const { octokit, thisRepo, issue, sender } = this;
Expand All @@ -208,6 +210,16 @@ class Actor {
await octokit.issues.update({ ...thisRepo, issue_number: issue.number, state: "closed" });
await octokit.issues.createComment({ ...thisRepo, issue_number: issue.number, body: `Closing because @${sender} is one of the code-owners of this repository.` });
}

async reopenPROrIssueIfInCodeowners() {
if (!githubLoginIsInCodeowners(this.sender, this.cwd)) return

const { octokit, thisRepo, issue, sender } = this;

core.info(`Creating comments and reopening`)
await octokit.issues.update({ ...thisRepo, issue_number: issue.number, state: "open" });
await octokit.issues.createComment({ ...thisRepo, issue_number: issue.number, body: `Reopening because @${sender} is one of the code-owners of this repository.` });
}
}

/**
Expand Down Expand Up @@ -235,7 +247,7 @@ function getFilesNotOwnedByCodeOwner(owner, files, cwd) {
/**
* This is a reasonable security measure for proving an account is specified in the codeowners
* but _SHOULD NOT_ be used for authentication for something which mutates the repo,
*
*
* @param {string} login
* @param {string} cwd
*/
Expand Down