Anarchy-Repository/.github/workflows/autolabel.yml at 74519bb522000487fa9a5c09855149ceb6bf76b4 · tj-commits/Anarchy-Repository · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
name: Auto Label and Merge PRs

on:
  pull_request:
    types: [opened, synchronize, reopened]

permissions:
  pull-requests: write
  contents: write

jobs:
  label-and-process:
    runs-on: ubuntu-latest

    steps:
      # ✅ Step 1: Automatically add 'automerge' label
      - name: Add 'automerge' label
        uses: actions-ecosystem/action-add-labels@v1
        with:
          github_token: ${{ secrets.GITHUB_TOKEN }}
          labels: automerge

      # ✅ Step 2: Checkout code
      - name: Checkout code
        uses: actions/checkout@v4
        with:
          fetch-depth: 0  # Needed for full commit history comparison

      # ✅ Step 3: Check if PR touches restricted files
      - name: Check changed files
        id: file-check
        run: |
          echo "Base SHA: ${{ github.event.pull_request.base.sha }}"
          changed_files=$(git diff --name-only "${{ github.event.pull_request.base.sha }}"...HEAD)
          echo "$changed_files"

          if echo "$changed_files" | grep -qE '^\.github/|^README\.md$'; then
            echo "::notice ::Restricted files modified — skipping merge and closing PR."
            echo "skip_merge=true" >> $GITHUB_OUTPUT
          else
            echo "skip_merge=false" >> $GITHUB_OUTPUT
          fi

      # ✅ Step 4: Merge the PR if it's safe
      - name: Merge PR
        if: steps.file-check.outputs.skip_merge == 'false'
        env:
          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        run: |
          gh pr merge ${{ github.event.pull_request.html_url }} --merge --auto

      # ❌ Step 5: Remove label if merge is skipped
      - name: Remove 'automerge' label
        if: steps.file-check.outputs.skip_merge == 'true'
        uses: actions-ecosystem/action-remove-labels@v1
        with:
          github_token: ${{ secrets.GITHUB_TOKEN }}
          labels: automerge

      # 💬 Step 6: Comment reason
      - name: Comment on PR
        if: steps.file-check.outputs.skip_merge == 'true'
        uses: peter-evans/create-or-update-comment@v4
        with:
          token: ${{ secrets.GITHUB_TOKEN }}
          issue-number: ${{ github.event.pull_request.number }}
          body: |
            ⚠️ This pull request was automatically closed because it modifies restricted files.

            You **may not** change `README.md` because people need to know what this repo is alr?

      # 🛑 Step 7: Close PR
      - name: Close PR
        if: steps.file-check.outputs.skip_merge == 'true'
        env:
          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        run: |
          gh pr close ${{ github.event.pull_request.number }}