Fix duplicate Code Owners checks on PRs (#12758)

petebacondarwin · web-flow · commit 67ab88bc528f · 2026-03-04T21:18:56.000Z
diff --git a/.github/workflows/codeowners.yml b/.github/workflows/codeowners.yml
@@ -1,6 +1,8 @@
 name: "Code Owners"
 
-# Re-evaluate when PRs are opened/updated, and when reviews are submitted/dismissed.
+# Re-evaluate when PRs are opened/updated.
+# When reviews are submitted/dismissed, the separate rerun_codeowners.yml workflow
+# re-runs this check (rather than creating a second check context).
 # Using pull_request_target (not pull_request) so the workflow has access to secrets
 # for fork PRs. This is safe because:
 #   - The checkout is the BASE branch (ownership rules come from the protected branch)
@@ -9,8 +11,6 @@ name: "Code Owners"
 on:
   pull_request_target:
     types: [opened, reopened, synchronize, ready_for_review, labeled, unlabeled]
-  pull_request_review:
-    types: [submitted, dismissed]
 
 concurrency:
   group: codeowners-${{ github.event.pull_request.number }}
diff --git a/.github/workflows/rerun_codeowners.yml b/.github/workflows/rerun_codeowners.yml
@@ -0,0 +1,40 @@
+name: "Rerun Code Owners"
+
+# When a review is submitted or dismissed, re-run the Code Owners check from the
+# main codeowners.yml workflow (triggered by pull_request_target) rather than
+# running the check again under a separate event context. This avoids duplicate
+# "Code Owners" checks appearing on the PR.
+on:
+  pull_request_review:
+    types: [submitted, dismissed]
+
+permissions: {}
+
+jobs:
+  rerun-codeowners:
+    name: "Rerun Codeowners Plus"
+    runs-on: ubuntu-latest
+    permissions:
+      actions: write
+      checks: read
+    steps:
+      - name: "Re-run Codeowners Check"
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          HEAD_SHA: ${{ github.event.pull_request.head.sha }}
+          REPO: ${{ github.repository }}
+        run: |
+          # Find the "Run Codeowners Plus" check run for the PR head commit
+          # and extract the Actions job ID from its details URL.
+          # Using the commit SHA (not branch name) so this works for fork PRs
+          # where the branch name doesn't exist in the base repository.
+          job_id=$(gh api "repos/${REPO}/commits/${HEAD_SHA}/check-runs?check_name=Run+Codeowners+Plus" \
+            --jq '(.check_runs[0].details_url // "") | split("/") | last | split("?") | first' || true)
+
+          if [ -n "$job_id" ]; then
+            gh api "repos/${REPO}/actions/jobs/${job_id}/rerun" --method POST \
+              || echo "Job may already be running"
+            echo "Re-triggered 'Run Codeowners Plus' (job ${job_id})"
+          else
+            echo "Check 'Run Codeowners Plus' not found for SHA ${HEAD_SHA}"
+          fi
