Adds additional documentation and cleans up debug messages printed
to GitHub workflow output (available in the GitHub Actions pane).
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Enhances the flow that adds a comment on a PR if a non-collaborator
is in the reviewer list by checking if a comment was previously left
on the PR. If it was for the same set of non-collaborators, another
comment is not created. If a new non-collaborator is discovered, the
message will be left identifying that new user account.
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
If a non-collaborator is part of the reviewer list, an admin needs
to be notified so they can be removed.
This change finds the list of admins for the repo and notifies them
in the comment left on the PR describing the list of non-collaborator
users. The message itself is cleaned up to show only the
non-collaborator users for ease of identification.
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Updates logic to:
- Not request reviews from reviewers that have already left a review
on the PR. Previously, the reviewers review (e.g. approval) would
remain on the PR, but they would be notified on each change to the
PR. This approach follows the expected notification process for
requesting reviews which is one time. Maintainers and reviewers can
set up their own notifications for more granular updates on PR
activity separately.
- Add the collaborator reviewers if a reviewer(s) is found to not be
a collaborator. This is an improvement to today's behavior which is
to not add any reviewers if a single reviewer is not a collaborator
of the repo.
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Removed the `download_gh_file()` function which is no longer needed
with sparse checkout.
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Uses PyGithub for GitHub interactions instead of the GitHub REST API
directly.
This simplifies the code, improves error handling and robustness, and
lets the PyGithub project abstract GitHub REST API changes that may
occur over time.
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Uses `GitPython` instead of invoking the git executable directly.
This has the benefit of improving code readability and less support
code for binary interaction.
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
This change simply moves the trigger to `pull_request_target`. The
rest of this message contains verbose details related to that.
`pull_request_target` is used instead of `pull_request` since the
default GitHub token cannot pick up write permissions with the
`pull_request` type on PRs from public forks. Write permission is
needed to add reviewrs. This was previously tested on an edk2 fork
where PRs were not from other public forks into the fork being used
for testing but directly on the fork itself.
Because `pull_request_target` runs the pull request in the context
of the base branch (not the PR branch) some logic needs slightly
modified. The main change is that the GitHub context will no longer
give the PR branch HEAD as the PR commit SHA (i.e.
`github.event.pull_request.head.sha`). The SHA will be the base
branch (`master`) SHA as that is what is checked out for the
workflow run. SO, the actual PR SHA is now fetched separately.
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Adds a script that provides GitHub API helpers for workflows and
other GitHub automation in the repository.
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Michael Kubacki