feat: various checks before packing

didinele · didinele · commit 9f9fd69832ba · 2025-07-20T15:29:03.000+03:00
diff --git a/src/app.ts b/src/app.ts
@@ -0,0 +1,92 @@
+import type { Octokit } from 'octokit';
+import { App } from 'octokit';
+import { logger, type Env } from './util.js';
+
+async function isPRGreen(octokit: Octokit, owner: string, repo: string, pullNumber: number): Promise<boolean> {
+	// First, get the PR data to get the head SHA
+	const { data: pullRequest } = await octokit.rest.pulls.get({
+		owner,
+		repo,
+		pull_number: pullNumber,
+	});
+
+	// Get the status of the head commit
+	const { data: statusData } = await octokit.rest.repos.getCombinedStatusForRef({
+		owner,
+		repo,
+		ref: pullRequest.head.sha,
+	});
+
+	// Get the check runs for the head commit
+	const { data: checkRunsData } = await octokit.rest.checks.listForRef({
+		owner,
+		repo,
+		ref: pullRequest.head.sha,
+	});
+
+	const failedChecks = checkRunsData.check_runs
+		.filter((run) => run.status === 'completed' && run.conclusion !== 'success')
+		.map((run) => run.name);
+
+	return statusData.state === 'success' && failedChecks.length === 0;
+}
+
+export function getApp(env: Env) {
+	const app = new App({
+		appId: env.APP_ID,
+		privateKey: env.PRIVATE_KEY.replaceAll('\\n', '\n'),
+		webhooks: {
+			secret: env.WEBHOOK_SECRET,
+		},
+	});
+
+	app.webhooks.on('issue_comment.created', async (data) => {
+		logger.debug('in comment create');
+
+		if (!data.payload.comment.body.startsWith('pack this')) {
+			logger.debug(`Comment does not start with 'pack this': ${data.payload.comment.body}`);
+			return;
+		}
+
+		if (!data.payload.comment.user) {
+			logger.debug('Comment does not have a user associated with it');
+			return;
+		}
+
+		if (!data.payload.issue.pull_request || data.payload.issue.state !== 'open') {
+			logger.debug('Comment is not on a pull request or pull request is not open');
+			return;
+		}
+
+		const {
+			data: { permission },
+		} = await data.octokit.rest.repos.getCollaboratorPermissionLevel({
+			owner: data.payload.repository.owner.login,
+			repo: data.payload.repository.name,
+			username: data.payload.comment.user.login,
+		});
+
+		if (permission !== 'admin' && permission !== 'write') {
+			logger.debug(`User ${data.payload.comment.user.login} does not have sufficient permissions to pack.`);
+			return;
+		}
+
+		if (
+			!(await isPRGreen(
+				data.octokit,
+				data.payload.repository.owner.login,
+				data.payload.repository.name,
+				data.payload.issue.number,
+			))
+		) {
+			logger.debug('Pull request is not green');
+			return;
+		}
+
+		logger.debug('Beginning the pack process...');
+
+		// TODO: Invoke workflow
+	});
+
+	return app;
+}
diff --git a/src/index.ts b/src/index.ts
@@ -1,4 +1,4 @@
-import { App } from 'octokit';
+import { getApp } from './app.js';
 import { logger, type Env } from './util.js';
 import { verifyWebhookSignature } from './verify.js';
 
@@ -13,14 +13,6 @@ const server = {
 			});
 		}
 
-		const app = new App({
-			appId: env.APP_ID,
-			privateKey: env.PRIVATE_KEY.replaceAll('\\n', '\n'),
-			webhooks: {
-				secret: env.WEBHOOK_SECRET,
-			},
-		});
-
 		const id = request.headers.get('x-github-delivery')!;
 		const name = request.headers.get('x-github-event')!;
 		const signature = request.headers.get('x-hub-signature-256') ?? '';
@@ -37,6 +29,9 @@ const server = {
 			});
 		}
 
+		logger.info('signature verified, processing webhook');
+		const app = getApp(env);
+
 		try {
 			await app.webhooks.receive({
 				id,
