-
Notifications
You must be signed in to change notification settings - Fork 5
/
Copy pathREADME.md
135 lines (97 loc) · 4.37 KB
/
README.md
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
# component-owners
Automatically add component owners as assignees and approvers to pull requests.
This works very similarly to CODEOWNERS, however with CODEOWNERS all owners must have write access to the repository.
Many open source projects wish to assign some level of ownership of individual components, but are hesitant to grant write access to those owners.
This action only requires that component owners be collaborators on the repository or members of the organization, but does NOT require they have write access.
## Getting Started
First, create a configuration file.
By default, the action will look in `.github/component_owners.yml`.
```yaml
# .github/component_owners.yml
# Each component identified by its path prefix has a list of owners
components:
# Ownership applies recursively to any file in a directory
src/:
- owner1 # owner1 owns all files in src/
# Ownership can be assigned as a string
src/index.ts: owner2 owner3
# or a list
src/list-owners.ts:
- owner3
- owner4
# Ownership can be assigned based on a file extension
"*.md":
- owner5
# You also can assign ownership for a team (https://docs.github.com/en/organizations/organizing-members-into-teams/about-teams)
src/example.ts: org-name/team-name
# Optionally ignore some PR authors to reduce spam for your component owners
ignored-authors:
- dependabot
- renovate-bot
```
Next, create your github action yml.
```yaml
name: 'Component Owners'
on:
# pull_request_target is suggested for projects where pull requests will be
# made from forked repositories. If pull_request is used in these cases,
# the github token will not have sufficient permission to update the PR.
pull_request_target:
permissions:
contents: read # to read changed files
issues: write # to read/write issue assignees
pull-requests: write # to read/write PR reviewers
jobs:
run_self:
runs-on: ubuntu-latest
name: Auto Assign Owners
steps:
- uses: dyladan/component-owners@main
with:
# default: .github/component_owners.yml
config-file: .github/component_owners.yml
# default: ${{ github.token }}
repo-token: ${{ github.token }}
# default: true
assign-owners: "true"
# default: true
request-owner-reviews: "true"
```
## Configuration
### `config-file`
**default**: `.github/component_owners.yml`
Path to configuration file.
### `repo-token`
**default**: `${{ github.token }}`
GitHub personal access token.
Must have permission to read and write pull requests.
**You must [generate your own access token](#using-own-access-token) if you plan to use it for teams ownership**, otherwise the default `github.token` is typically sufficient.
### `assign-owners`
**default**: `true`
Determines if the component owners should be added to the pull request as assignees.
### `request-owner-reviews`
**default**: `true`
Determines pull request reviews should be requested from component owners.
## Using own access token
If you want to use this action to assign reviews for teams, then `github.token` would not be sufficient and you need to generate a new one.
1. Just follow [Github's instructions](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens#creating-a-fine-grained-personal-access-token) and add a new token with the following set of permissions:
| Permissions | Access |
| --- | --- |
Actions | Read-only
Codespaces | Read-only
Commit statuses | Read-only
Contents | Read-only
Environments | Read-only
Issues | Read and write
Metadata | Read-only
Pull requests | Read and write
2. Create a [secret for your repository](https://docs.github.com/en/actions/security-guides/using-secrets-in-github-actions#creating-secrets-for-a-repository), and place your token inside. Name it, for example, ``CODEOWNER_SECRET``.
3. Use the newly created secret as the token in the action yml file:
```
# default: ${{ github.token }}
repo-token: ${{ secrets.CODEOWNER_SECRET }}
```
## Why not use CODEOWNERS?
Great question.
If all of your contributors have write access to your repo, CODEOWNERS is a great solution.
If, like many open source projects, you would like to assign some ownership of a single component of your repository, but you don't want to grant those component owners write access to the repo, this action can help.