@@ -11,17 +11,14 @@ spec:
1111 description : URL of the GitHub pull request.
1212 - name : git_head_commit
1313 description : SHA of the head of the branch to be merged.
14- - name : bundle_path
15- description : Path to the operator bundle affected by the pull request.
14+ - name : operator_path
15+ description : Path to the operator affected by the pull request.
1616 - name : github_token_secret_name
1717 description : The name of the Kubernetes Secret that contains the GitHub token.
1818 default : github
1919 - name : github_token_secret_key
2020 description : The key within the Kubernetes Secret that contains the GitHub token.
2121 default : token
22- - name : force_merge
23- description : The boolean which will indicate when to ignore the verification of ci.yaml file.
24- default : " false"
2522 workspaces :
2623 - name : source
2724 results :
@@ -33,35 +30,14 @@ spec:
3330 workingDir : $(workspaces.source.path)
3431 script : |
3532 set -xe
36- if [ "$(params.force_merge)" = "true" ]; then
37- echo -n true > "$(results.bool_merge.path)"
38- elif [[ "$(params.bundle_path)" == "" ]]; then
39- echo -n true > "$(results.bool_merge.path)"
33+ if [[ -z "$(params.operator_path)" ]]; then
34+ echo -n false > "$(results.bool_merge.path)"
4035 else
41- PKG_PATH=$(dirname $(realpath "$(params.bundle_path)"))
42- CI_FILE_PATH="$PKG_PATH/ci.yaml"
43- BOOL_MERGE=$(yq -r '.merge' < "$CI_FILE_PATH")
36+ BOOL_MERGE=$(yq -r '.merge!=false' < "$(params.operator_path)/ci.yaml")
4437
4538 echo -n "$BOOL_MERGE" > "$(results.bool_merge.path)"
4639 fi
4740
48- name : review-pull-request
49- image : " $(params.pipeline_image)"
50- env :
51- - name : GITHUB_TOKEN
52- valueFrom :
53- secretKeyRef :
54- name : $(params.github_token_secret_name)
55- key : $(params.github_token_secret_key)
56- script : |
57- #! /usr/bin/env bash
58- set -ex
59-
60- gh pr review "$(params.git_pr_url)" --approve \
61- --body "Operator bundle PR has been approved!"
62-
63- echo "Merge request has been approved!"
64-
6541name : merge-pull-request
6642 image : " $(params.pipeline_image)"
6743 env :
8258 exit 0
8359 fi
8460
61+ # To avoid issuing too many GH API requests, fetch all PR info we need
62+ # in a single call upfront and process the result later
63+ gh pr view "$(params.git_pr_url)" --json isDraft,reviews >/tmp/pr.json
64+
65+ if [[ "$(jq -r ".isDraft" /tmp/pr.json)" == "true" ]] ; then
66+ echo "Skipping merge: PR is set as draft"
67+ echo -n "false" > "$(results.pr_merged.path)"
68+ exit 0
69+ fi
70+
71+ # Extract all reviews and return one line per reviewer containing three space separated fields:
72+ # $state $authorAssociation $author
73+ # where
74+ # $state is the outcome of the most recent review by the author and can be APPROVED, CHANGES_REQUESTED,
75+ # DISMISSED, COMMENTED or PENDING
76+ # $authorAssociation is the role of the author in the repository; for possible values see
77+ # https://docs.github.com/en/graphql/reference/enums#commentauthorassociation
78+ # $author is the GitHub handle of the reviewer
79+ # Example:
80+ # APPROVED MEMBER rh-operator-bundle-bot
81+ # PENDING NONE randomuser
82+ jq -r '[.reviews[]|{author:.author.login,authorAssociation,state,submittedAt}]|group_by(.author)|map(sort_by(.submittedAt)|.[-1]|"\(.state) \(.authorAssociation) \(.author)")[]' \
83+ /tmp/pr.json | tee /tmp/reviews.txt
84+
85+ # Do not merge if we do not have approval from the bot or any other repo member
86+ if ! grep "^APPROVED MEMBER " /tmp/reviews.txt ; then
87+ echo "Skipping merge: PR is not approved."
88+ echo -n "false" > "$(results.pr_merged.path)"
89+ exit 0
90+ fi
91+
8592 # Squash and merge only if the head commit sha has not changed since
8693 # the start of the pipeline run
8794 gh pr merge "$(params.git_pr_url)" --squash --auto \
0 commit comments