feat: add pr-auto-comments, written with Claude 3.7 Sonnet

MantisClone · MantisClone · commit 230463eadfb1 · 2025-03-17T22:30:57.000-04:00
diff --git a/.github/workflows/pr-auto-comments.yml b/.github/workflows/pr-auto-comments.yml
@@ -0,0 +1,173 @@
+name: PR Automated Comments
+
+on:
+  workflow_call:
+    inputs:
+      org_name:
+        description: 'GitHub organization name to identify internal team members'
+        required: true
+        type: string
+      additional_internal_users:
+        description: 'Additional comma-separated list of usernames to consider as internal'
+        required: false
+        type: string
+        default: ''
+      first_pr_comment:
+        description: 'Message for first PR comments (leave empty to disable first PR comments)'
+        required: false
+        type: string
+        default: ''
+      ready_for_review_comment:
+        description: 'Message for PR ready for review comments (leave empty to disable ready for review comments)'
+        required: false
+        type: string
+        default: ''
+      merged_pr_comment:
+        description: 'Message for merged PR comments (leave empty to disable merged PR comments)'
+        required: false
+        type: string
+        default: ''
+    secrets:
+      token:
+        description: 'GitHub token with org:read permission'
+        required: false
+
+jobs:
+  # Central job to check if contributor is external and determine PR status
+  check-contributor:
+    name: Check Contributor Status
+    runs-on: ubuntu-latest
+    outputs:
+      is_external: ${{ steps.check.outputs.is_external }}
+      is_first_pr: ${{ steps.check.outputs.is_first_pr }}
+      event_type: ${{ steps.event.outputs.type }}
+    steps:
+      - name: Determine event type
+        id: event
+        run: |
+          if [[ "${{ github.event_name }}" == "pull_request_target" ]]; then
+            if [[ "${{ github.event.action }}" == "opened" ]]; then
+              echo "type=opened" >> $GITHUB_OUTPUT
+            elif [[ "${{ github.event.action }}" == "ready_for_review" ]]; then
+              echo "type=ready_for_review" >> $GITHUB_OUTPUT
+            elif [[ "${{ github.event.action }}" == "closed" && "${{ github.event.pull_request.merged }}" == "true" ]]; then
+              echo "type=merged" >> $GITHUB_OUTPUT
+            else
+              echo "type=other" >> $GITHUB_OUTPUT
+            fi
+          else
+            echo "type=other" >> $GITHUB_OUTPUT
+          fi
+
+      - name: Check if external contributor
+        id: check
+        run: |
+          # Get the PR author
+          PR_AUTHOR="${{ github.event.pull_request.user.login }}"
+          ORG_NAME="${{ inputs.org_name }}"
+          ADDITIONAL_USERS="${{ inputs.additional_internal_users }}"
+
+          # First check if user is in the additional internal users list
+          if [[ "$ADDITIONAL_USERS" == *"$PR_AUTHOR"* ]]; then
+            echo "User is in additional internal users list, skipping comment"
+            echo "is_external=false" >> $GITHUB_OUTPUT
+            echo "is_first_pr=false" >> $GITHUB_OUTPUT
+            exit 0
+          fi
+
+          # Check if user is an org member
+          echo "Checking if user is a member of organization $ORG_NAME"
+          ORG_MEMBER=$(gh api -H "Accept: application/vnd.github+json" \
+            "/orgs/$ORG_NAME/members/$PR_AUTHOR" --silent || echo "not_found")
+
+          if [[ "$ORG_MEMBER" != "not_found" ]]; then
+            echo "User is an organization member, skipping comment"
+            echo "is_external=false" >> $GITHUB_OUTPUT
+            echo "is_first_pr=false" >> $GITHUB_OUTPUT
+            exit 0
+          fi
+
+          # User is external
+          echo "is_external=true" >> $GITHUB_OUTPUT
+
+          # Only check if this is their first PR if needed
+          if [[ "${{ steps.event.outputs.type }}" == "opened" ]]; then
+            # Check if this is their first PR to the repo
+            PR_COUNT=$(gh api graphql -f query='
+              query($owner:String!, $repo:String!, $author:String!) {
+                repository(owner:$owner, name:$repo) {
+                  pullRequests(first:100, states:[OPEN, CLOSED, MERGED], author:$author) {
+                    totalCount
+                  }
+                }
+              }' -f owner=${{ github.repository_owner }} -f repo=${{ github.event.repository.name }} -f author=$PR_AUTHOR | jq '.data.repository.pullRequests.totalCount')
+
+            if [ "$PR_COUNT" -eq 1 ]; then
+              echo "First PR from this contributor"
+              echo "is_first_pr=true" >> $GITHUB_OUTPUT
+            else
+              echo "Not the first PR from this contributor"
+              echo "is_first_pr=false" >> $GITHUB_OUTPUT
+            fi
+          else
+            echo "is_first_pr=false" >> $GITHUB_OUTPUT
+          fi
+        env:
+          GH_TOKEN: ${{ secrets.token || github.token }}
+
+  # Leave a comment on first PRs
+  first-pr-comment:
+    name: First PR Comment
+    needs: check-contributor
+    if: needs.check-contributor.outputs.event_type == 'opened' && needs.check-contributor.outputs.is_external == 'true' && needs.check-contributor.outputs.is_first_pr == 'true' && inputs.first_pr_comment != ''
+    runs-on: ubuntu-latest
+    steps:
+      - name: Leave first PR comment
+        uses: actions/github-script@v6
+        with:
+          github-token: ${{ github.token }}
+          script: |
+            github.rest.issues.createComment({
+              issue_number: context.issue.number,
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              body: `${{ inputs.first_pr_comment }}`
+            });
+
+  # Leave a comment when PR is marked ready for review
+  ready-for-review-comment:
+    name: Ready for Review Comment
+    needs: check-contributor
+    if: needs.check-contributor.outputs.event_type == 'ready_for_review' && needs.check-contributor.outputs.is_external == 'true' && inputs.ready_for_review_comment != ''
+    runs-on: ubuntu-latest
+    steps:
+      - name: Leave ready for review comment
+        uses: actions/github-script@v6
+        with:
+          github-token: ${{ github.token }}
+          script: |
+            github.rest.issues.createComment({
+              issue_number: context.issue.number,
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              body: `${{ inputs.ready_for_review_comment }}`
+            });
+
+  # Leave a comment when PR is merged
+  merged-pr-comment:
+    name: Merged PR Comment
+    needs: check-contributor
+    if: needs.check-contributor.outputs.event_type == 'merged' && needs.check-contributor.outputs.is_external == 'true' && inputs.merged_pr_comment != ''
+    runs-on: ubuntu-latest
+    steps:
+      - name: Leave merged PR comment
+        uses: actions/github-script@v6
+        with:
+          github-token: ${{ github.token }}
+          script: |
+            github.rest.issues.createComment({
+              issue_number: context.issue.number,
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              body: `${{ inputs.merged_pr_comment }}`
+            });
diff --git a/README.md b/README.md
@@ -1,2 +1,120 @@
-# auto-comments
-Reusable workflow for automated comments on Pull Requests in Github
+# Automated PR Comments for GitHub Actions
+
+This reusable workflow adds automated comments on Pull Requests from external contributors. It identifies external contributors as users who are not members of your GitHub organization.
+
+## Features
+
+The workflow can leave comments in these situations:
+
+- On a contributor's **first** Pull Request to your repository
+- When a Pull Request is marked as **ready for review**
+- When a Pull Request is **merged**
+
+Each comment type can be individually enabled or disabled.
+
+## Setup
+
+To use this workflow in your repository, create a new workflow file in your `.github/workflows` directory:
+
+```yaml
+name: PR Comments
+
+on:
+  pull_request_target:
+    types: [opened, ready_for_review, closed]
+
+jobs:
+  pr-comments:
+    uses: your-org/auto-comments/.github/workflows/pr-auto-comments.yml@main
+    with:
+      org_name: "your-organization-name"
+      # Enable only the comment types you want by providing content
+      first_pr_comment: |
+        # Welcome to our project!
+
+        Thanks for your first contribution. We're glad you're here.
+      # To disable a comment type, either remove it or leave it empty
+      merged_pr_comment: |
+        # PR Merged
+
+        Thank you for your contribution!
+    secrets:
+      token: ${{ secrets.GITHUB_TOKEN }}
+```
+
+## Configuration
+
+### Required Inputs
+
+| Input | Description |
+|-------|-------------|
+| `org_name` | GitHub organization name to identify internal team members |
+
+### Optional Inputs
+
+| Input | Description | Default | Behavior if not provided |
+|-------|-------------|---------|--------------------------|
+| `additional_internal_users` | Additional comma-separated list of usernames to consider as internal | `''` | No additional users excluded |
+| `first_pr_comment` | Message for first PR comments | `''` | First PR comments disabled |
+| `ready_for_review_comment` | Message for ready for review comments | `''` | Ready for review comments disabled |
+| `merged_pr_comment` | Message for merged PR comments | `''` | Merged PR comments disabled |
+
+### Secrets
+
+| Secret | Description | Required | Default |
+|--------|-------------|----------|---------|
+| `token` | GitHub token with org:read permission | No | `github.token` |
+
+## Enabling and Disabling Comment Types
+
+You can selectively enable comment types by providing content for the corresponding input:
+
+- To **enable** a comment type: provide the message text
+- To **disable** a comment type: omit the input or provide an empty string
+
+For example, to enable only first PR and merged PR comments:
+
+```yaml
+first_pr_comment: |
+  # Welcome!
+  Thanks for your contribution.
+# ready_for_review_comment is omitted to disable it
+merged_pr_comment: |
+  # Merged
+  Your PR has been merged.
+```
+
+## Comment Formatting
+
+You can use full Markdown syntax in your comment messages, including:
+
+- Headings (`# Heading`)
+- Lists (`- Item`)
+- Formatting (**bold**, *italic*)
+- Links (`[text](url)`)
+- Code blocks
+- Emojis (`:tada:`)
+
+## How It Works
+
+1. The workflow first checks the PR author in a central job:
+   - Determines if they are an external contributor (not in your org or additional users list)
+   - For first PR comments, checks if this is their first contribution
+
+2. Based on the event type (opened/ready for review/merged) and author status:
+   - Runs only the appropriate comment job
+   - Only if the corresponding comment text is provided
+
+3. Each enabled job posts its specific comment to the PR
+
+This architecture ensures contributor checks run only once per workflow execution, making the process more efficient.
+
+## Security Considerations
+
+This workflow uses `pull_request_target` to ensure it has the necessary permissions to comment on PRs. Since this event has access to secrets, the workflow is designed to only perform safe operations (commenting) and does not check out code from external PRs.
+
+The workflow requires a token with `org:read` permission to check organization membership.
+
+## License
+
+MIT
diff --git a/example-usage.yml b/example-usage.yml
@@ -0,0 +1,63 @@
+name: PR Comments
+
+on:
+  pull_request_target:
+    types: [opened, ready_for_review, closed]
+
+jobs:
+  # Example 1: All comment types enabled
+  pr-comments-all:
+    uses: your-org/auto-comments/.github/workflows/pr-auto-comments.yml@main
+    with:
+      org_name: "your-organization-name"
+      additional_internal_users: "external-consultant,bot-account"
+
+      # First PR comment
+      first_pr_comment: |
+        # 🌟 Welcome to your first contribution!
+
+        We're thrilled to see your first PR to our project. Here at [Organization], we value every contribution.
+
+        ## Next steps
+        - Our team will review your changes soon
+        - You might get some feedback or requests for changes
+        - Feel free to ask questions if anything is unclear
+
+        Thank you for taking the time to contribute to our project!
+
+      # Ready for review comment
+      ready_for_review_comment: |
+        # Ready for review - thank you!
+
+        Your PR has been marked as ready for review and will be reviewed by our team soon.
+
+        Please allow 2-3 business days for the review process.
+
+      # Merged PR comment
+      merged_pr_comment: |
+        # Congratulations! 🎉
+
+        Your PR has been merged successfully. Thank you for your valuable contribution!
+
+        Your changes will be included in the next release of our software.
+    secrets:
+      token: ${{ secrets.GITHUB_TOKEN }}
+
+  # Example 2: Only specific comment types enabled
+  pr-comments-selective:
+    uses: your-org/auto-comments/.github/workflows/pr-auto-comments.yml@main
+    with:
+      org_name: "your-organization-name"
+
+      # Only enable first PR and merged PR comments
+      first_pr_comment: |
+        # Welcome to our project!
+        Thank you for your first contribution!
+
+      # Ready for review comments disabled by not providing this input
+
+      merged_pr_comment: |
+        # PR Merged
+        Thank you for your contribution!
+    secrets:
+      token: ${{ secrets.GITHUB_TOKEN }}
