Skip to content

TriageOps

TriageOps #5

Workflow file for this run

name: TriageOps
on:
issues:
types: [ opened ]
workflow_dispatch:
inputs:
issue_number:
description: GitHub issue number to run against
required: true
workflow:
type: choice
options:
- new-thread-setup
required: true
# We only need contents:read permission since we'll be authenticate as our
# own GitHUb app here.
permissions:
contents: read
jobs:
######################## AUTOMATED ########################
new-thread-setup:
name: Setup new thread
runs-on: ubuntu-latest
if: ${{ github.event.action == 'opened' }}
steps:
- uses: actions/create-github-app-token@v1
name: "Generate GitHub app token for @recaptimedev-automation[app]"
id: app-token
with:
app-id: ${{ secrets.GH_RTDEV_APP_ID }}
private-key: ${{ secrets.GH_RTDEV_APP_KEY }}
owner: recaptime-dev
- uses: actions/checkout@v3
- name: "Check if author is on github-team:transparency-log-threads"
uses: tspascoal/get-user-teams-membership@v3
id: teamAuthCheck
with:
team: 'transparency-log-threads'
username: ${{ github.actor }}
GITHUB_TOKEN: ${{ steps.app-token.outputs.token }}
- name: Lock issue
uses: OSDKDev/lock-issues@v1.1
with:
repo-token: ${{ steps.app-token.outputs.token }}
- name: Auto-reply and close if not part of allowlist
if: ${{ steps.teamAuthCheck.outputs.isTeamMember == 'false' }}
uses: actions/github-script@v7
with:
github-token: ${{ steps.app-token.outputs.token }}
script: |
const comment = `\
Hi @${context.actor}!
You are currently not yet allowlisted to create your own \
thread here. Please see the [README][readme] for more information \
on how to request access. Once you have been allowlisted, you may reopen this \
issue.
[readme]: https://github.com/recaptime-dev/transparency-log-threads/blob/main/README.md
`
github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: comment
})
github.rest.issues.update({
issue_number: context.issue.number,
wner: context.repo.owner,
repo: context.repo.repo,
state: "closed",
state_reason: "not_planned"
})
- name: Parse issue form
if: ${{ steps.teamAuthCheck.outputs.isTeamMember == 'true' }}
uses: stefanbuck/github-issue-parser@v3
id: issue-parser
with:
template-path: .github/ISSUE_TEMPLATE/form.yml
- name: Set labels based on role
if: ${{ steps.teamAuthCheck.outputs.isTeamMember == 'true' }}
uses: redhat-plumbers-in-action/advanced-issue-labeler@v2
with:
issue-form: ${{ steps.issue-parser.outputs.jsonString }}
section: role
token: ${{ steps.app-token.outputs.token }}
######################## MANUAL ACTIONS ########################
new-thread-setup-manual:
name: 'Setup new thread [manual triggered]'
runs-on: ubuntu-latest
if: ${{ github.event.inputs.workflow == 'new-thread-setup' }}
steps:
- uses: actions/create-github-app-token@v1
name: "Generate GitHub app token for @recaptimedev-automation[app]"
id: app-token
with:
app-id: ${{ secrets.GH_RTDEV_APP_ID }}
private-key: ${{ secrets.GH_RTDEV_APP_KEY }}
owner: recaptime-dev
- uses: actions/checkout@v3
- name: Fetch issue info from API
uses: actions/github-script@v7
with:
script: |
return github.rest.issues.get({
issue_number: context.payload.inputs.issue_number,
owner: context.repo.owner,
repo: context.repo.repo,
});
github-token: ${{ steps.app-token.outputs.token }}
id: issueData
- name: "Check if author is on github-team:transparency-log-threads"
uses: tspascoal/get-user-teams-membership@v3
id: teamAuthCheck
with:
team: 'transparency-log-threads'
username: ${{ steps.issueData.outputs.result.data.user.login }}
GITHUB_TOKEN: ${{ steps.app-token.outputs.token }}
- name: Lock issue
if: ${{ steps.issueData.outputs.result.locked == 'false' }}
uses: OSDKDev/lock-issues@v1.1
with:
repo-token: ${{ steps.app-token.outputs.token }}
issue-number: ${{ github.event.inputs.issue_number }}
- name: Auto-reply and close if not part of allowlist
if: ${{ steps.teamAuthCheck.outputs.isTeamMember == 'false' }}
uses: actions/github-script@v7
with:
github-token: ${{ steps.app-token.outputs.token }}
script: |
const { data } = await github.rest.issues.get({
issue_number: context.payload.inputs.issue_number,
owner: context.repo.owner,
repo: context.repo.repo,
});
const comment = `\
Hi @${data.user.login}!
You are currently not yet allowlisted to create your own \
thread here. Please see the [README][readme] for more information \
on how to request access. Once you have been allowlisted, you may reopen this \
issue.
[readme]: https://github.com/recaptime-dev/transparency-log-threads/blob/main/README.md
`
github.rest.issues.createComment({
issue_number: context.payload.inputs.issue_number,
owner: context.repo.owner,
repo: context.repo.repo,
body: comment
})
github.rest.issues.update({
issue_number: context.inputs.issue_number,
wner: context.repo.owner,
repo: context.repo.repo,
state: "closed",
state_reason: "not_planned"
})
- name: Parse issue form
if: ${{ steps.teamAuthCheck.outputs.isTeamMember == 'true' }}
uses: stefanbuck/github-issue-parser@v3
id: issue-parser
with:
template-path: .github/ISSUE_TEMPLATE/form.yml
issue-body: ${{ steps.issueData.outputs.result.data.body }}
- name: Set labels based on role
if: ${{ steps.teamAuthCheck.outputs.isTeamMember == 'true' }}
uses: redhat-plumbers-in-action/advanced-issue-labeler@v2
with:
issue-form: ${{ steps.issue-parser.outputs.jsonString }}
section: role
token: ${{ steps.app-token.outputs.token }}