Skip to content
Community Review Labeler

Add Bazel support for --rewind_lost_inputs #40

Sign in to view logs

Add Bazel support for --rewind_lost_inputs

Add Bazel support for --rewind_lost_inputs #40

Workflow file for this run

.github/workflows/community-review-labeler.yml at 6eaed0f
name: Community Review Labeler
on:
pull_request_review:
types: [submitted, dismissed]
permissions:
contents: read
pull-requests: write
jobs:
label_community_reviewed:
# Trigger if the review is an approval, changes requested, or if a review was dismissed
if: github.event.review.state == 'approved' || github.event.action == 'dismissed' || github.event.review.state == 'changes_requested'
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@a90bcbc6539c36a85cdfeb73f7e2f433735f215b # v2.15.0
with:
egress-policy: audit
- name: Checkout master branch
# We checkout master to ensure we use the authoritative list of trusted contributors,
# preventing PR authors from adding themselves to the list in their own branch.
uses: actions/checkout@v6
with:
ref: master
- name: Check if reviewer is trusted
id: check_reviewer
run: |
REVIEWER="${GITHUB_EVENT_REVIEW_USER_LOGIN}"
echo "Reviewer: $REVIEWER"
# Check if the reviewer is in our trusted_contributors.yaml list
# We use yq to parse the YAML file and check for the reviewer
if yq e ".trusted_contributors | any_c(. == \"$REVIEWER\")" .github/config/trusted_contributors.yaml | grep -q "true"; then
echo "is_trusted=true" >> $GITHUB_OUTPUT
echo "Result: Reviewer is a trusted community contributor."
else
echo "is_trusted=false" >> $GITHUB_OUTPUT
echo "Result: Reviewer is not in the trusted list."
fi
env:
GITHUB_EVENT_REVIEW_USER_LOGIN: ${{ github.event.review.user.login }}
- name: Add community-reviewed label
if: github.event.action == 'submitted' && github.event.review.state == 'approved' && steps.check_reviewer.outputs.is_trusted == 'true'
env:
GH_TOKEN: ${{ secrets.BAZEL_IO_TOKEN }}
run: |
PR_NUMBER="${{ github.event.pull_request.number }}"
echo "Adding 'community-reviewed' label to PR #$PR_NUMBER"
gh pr edit "$PR_NUMBER" --add-label "community-reviewed"
- name: Remove community-reviewed label
if: (github.event.action == 'dismissed' || github.event.review.state == 'changes_requested') && steps.check_reviewer.outputs.is_trusted == 'true'
env:
GH_TOKEN: ${{ secrets.BAZEL_IO_TOKEN }}
run: |
PR_NUMBER="${{ github.event.pull_request.number }}"
echo "Removing 'community-reviewed' label from PR #$PR_NUMBER"
gh pr edit "$PR_NUMBER" --remove-label "community-reviewed"