website icon indicating copy to clipboard operation
website copied to clipboard
verified publisher icon hackforla

Verify that PR creator is a member of the website-write team

Open ajb176 opened this issue 1 year ago • 8 comments

Fixes #3906

What changes did you make?

  • Added a new workflow which makes up to three API calls to verify team membership, close the pull request, and add the requested comment (the latter two if necessary).
  • The octokit membership API call returns a 404 error if the member is not found on the website-write team, in which case the catch block makes the API calls to close the PR and add the comment.
  • If the PR author is found on the website-write team (the expected case), nothing will happen except a comment logged that the author was successfully verified.

Why did you make the changes (we will use this info to test)?

  • To ensure only members of the website-write team can create pull requests.

Instructions for Reviewers:

  • [ ] 1. Add - 'verify-pr-creator-3906' on line 7 aligned with and under the 'gh-pages' branch
  • [ ] 2. Replace the current token value on line 14 with a user-generated token with the same permissions as the HACKFORLA_ADMIN_TOKEN (Instructions here)
  • [ ] 3. Change the owner assignment on lines 28 and 34 from 'hackforla' to your own github handle
  • [ ] 4. Save, commit and push the changes to your local verify-pr-creator-3906 branch
  • [ ] 5. Checkout a new branch from this one (testcase1, for example), make any minor change (add a comment for example), then commit and push it
  • [ ] 6. Go to your github website fork and try to merge testcase1 into the verify-pr-creator-3906 branch
  • [ ] 7. The github actions should start running (assuming the base is the verify-pr-creator-3906 branch edited from steps 1-4)
  • [ ] 8. There should be a checkmark if the action was successful, click details, dropdown the RunActions/GithubScript and it should say 'Successfully verified!'
  • [ ] 9. For testing the fail condition, navigate back to the verify-pr-creator branch and change the username assignment from prAuthor in line 22 to a random string or github handle of someone not on the website-write team.
  • [ ] 10. Repeat steps 4-8 (for step 5 you can call the new branch testcase2), this time the pull request should automatically close and post a comment from your handle

Make sure to push the necessary changes to the verify-pr-creator branch before using checkout to create the testcase branches. The testcase branches should be one commit past the verify-pr branch to avoid headaches when trying to merge the testcase branch into the base branch. If you'd rather not mess with the original branch, you can also checkout a new branch immediately after pulling the verify-pr-creator-3906 branch, and follow the instructions while using the new branch name in steps 1, 4, 6, 7 and 9.

ajb176 avatar Jun 07 '24 05:06 ajb176