-
Notifications
You must be signed in to change notification settings - Fork 146
173 lines (164 loc) · 6.22 KB
/
Copy pathnotify-pr-activity.yml
File metadata and controls
173 lines (164 loc) · 6.22 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
# type: Notifications
# owner: @camunda/distribution-team
---
# PR Activity Slack Notifications
#
# Sends a message to #team-distribution-github (via distro-bot) when:
# - A PR is opened or converted from draft to ready for review
# - A PR is merged
#
# Draft PRs and closed-without-merge PRs are skipped entirely.
# Bot-authored PRs are suppressed unless labelled upgrade:major (renovate major bumps).
#
# Can be called from other repos via workflow_call — pass all pr_* inputs explicitly.
#
# Message format:
# ↗ [helm] #123 feat: add support for X — review: @rev1
# ✅ [helm] #123 merged after 1d 4h
#
# Notification logic is implemented in scripts/notify-pr-activity (Go).
#
name: Notify - PR Activity
on:
# pull_request_target ensures secrets are available even for fork PRs.
# Safe here because we never checkout PR code.
pull_request_target:
types: [opened, ready_for_review, closed]
workflow_call:
inputs:
action:
description: 'PR event action: opened, ready_for_review, closed'
type: string
required: true
pr_repo:
description: 'Repository name (e.g. camunda-platform-helm)'
type: string
required: true
pr_number:
description: 'PR number'
type: string
required: true
pr_title:
description: 'PR title'
type: string
required: true
pr_url:
description: 'PR HTML URL'
type: string
required: true
pr_author:
description: 'PR author login'
type: string
required: true
pr_additions:
description: 'Lines added'
type: string
required: false
default: '0'
pr_deletions:
description: 'Lines deleted'
type: string
required: false
default: '0'
pr_merged:
description: 'Whether the PR was merged (true/false)'
type: string
required: false
default: 'false'
pr_merged_by:
description: 'Login of the user who merged the PR'
type: string
required: false
default: ''
pr_created_at:
description: 'PR creation timestamp (2006-01-02T15:04:05Z)'
type: string
required: false
default: ''
pr_merged_at:
description: 'PR merge timestamp (2006-01-02T15:04:05Z)'
type: string
required: false
default: ''
pr_reviewers_json:
description: 'JSON array of requested reviewer objects: [{"login":"user1"},...]'
type: string
required: false
default: '[]'
pr_draft:
description: 'Whether the PR is a draft (true/false)'
type: string
required: false
default: 'false'
pr_labels_json:
description: 'JSON array of label objects: [{"name":"automerge"},...]'
type: string
required: false
default: '[]'
secrets:
VAULT_ADDR:
required: true
VAULT_ROLE_ID:
required: true
VAULT_SECRET_ID:
required: true
jobs:
notify-slack:
# Skip draft PRs; only run for opened, ready_for_review, or closed (merged) events.
# Closed-without-merge suppression and bot filtering are handled in the Go script.
# When called via workflow_call, the caller controls filtering via the pr_draft input.
if: |
(github.event_name == 'workflow_call' && inputs.pr_draft != 'true') ||
(github.event_name == 'pull_request_target' &&
!github.event.pull_request.draft && (
github.event.action == 'opened' ||
github.event.action == 'ready_for_review' ||
github.event.action == 'closed'
))
runs-on: ubuntu-latest
permissions:
contents: read
timeout-minutes: 5
steps:
- name: Checkout
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7
with:
sparse-checkout: scripts/notify-pr-activity
sparse-checkout-cone-mode: true
- name: Set up Go
uses: actions/setup-go@924ae3a1cded613372ab5595356fb5720e22ba16 # v6
with:
go-version-file: scripts/notify-pr-activity/go.mod
- name: Import Vault secrets
uses: hashicorp/vault-action@892a26828f195e65540a40b4768ae4571f51ebfc # v4.0.0
id: vault-secrets
with:
url: ${{ secrets.VAULT_ADDR }}
method: approle
roleId: ${{ secrets.VAULT_ROLE_ID }}
secretId: ${{ secrets.VAULT_SECRET_ID }}
secrets: |
secret/data/products/distribution/ci SLACK_DISTRO_BOT_WEBHOOK_GH;
exportEnv: false
- name: Send Slack notification
continue-on-error: true
env:
SLACK_WEBHOOK: ${{ steps.vault-secrets.outputs.SLACK_DISTRO_BOT_WEBHOOK_GH }}
# Resolve from workflow_call inputs first, fall back to pull_request_target event
GH_ACTION: ${{ inputs.action || github.event.action }}
PR_REPO: ${{ inputs.pr_repo || github.event.repository.name }}
PR_NUMBER: ${{ inputs.pr_number || github.event.pull_request.number }}
PR_TITLE: ${{ inputs.pr_title || github.event.pull_request.title }}
PR_URL: ${{ inputs.pr_url || github.event.pull_request.html_url }}
PR_AUTHOR: ${{ inputs.pr_author || github.event.pull_request.user.login }}
PR_ADDITIONS: ${{ inputs.pr_additions || github.event.pull_request.additions }}
PR_DELETIONS: ${{ inputs.pr_deletions || github.event.pull_request.deletions }}
PR_MERGED: ${{ inputs.pr_merged || github.event.pull_request.merged }}
PR_MERGED_BY: ${{ inputs.pr_merged_by || (github.event.pull_request.merged_by && github.event.pull_request.merged_by.login) || '' }}
PR_CREATED_AT: ${{ inputs.pr_created_at || github.event.pull_request.created_at }}
PR_MERGED_AT: ${{ inputs.pr_merged_at || github.event.pull_request.merged_at }}
PR_REVIEWERS_JSON: ${{ inputs.pr_reviewers_json || toJSON(github.event.pull_request.requested_reviewers) }}
PR_LABELS_JSON: ${{ inputs.pr_labels_json || toJSON(github.event.pull_request.labels) }}
run: |
cd scripts/notify-pr-activity
go run .