-
Notifications
You must be signed in to change notification settings - Fork 1.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add CI checks for italia/ hierarchical maintainership. #3801
base: master
Are you sure you want to change the base?
Conversation
When opening a PR changing something under the italia/ identifier, check whether the author is listed as a maintainer in one of the READMEs, starting from the top directory (italia/) and and progressively narrowing down to the specific directory of the change. Then create a comment with the findings, tagging the relevant users.
Nice! Automating maintainer checks has been on the todo list forever. As mentioned, this will be more of a guideline than a strict rule in every case. There's another check action here: #3786 As said in that PR, I was thinking of a config file to setup this sort of metadata. A structured data file would be far easier to parse, validate, and use than README parsing and heuristics. Adding maintainer info would then be straightforward. But there are concerns with duplication and syncing of info, since people seem to like to use READMEs. Some design experimentation is likely needed. I'll have to look at this script more. I'm not that familiar with their API but this looks easier to write than I imagined. Does the I do think we'd want this to be more generalized before being added. But it seems a great start! |
@davidlehn great, I'm glad we're all on the same page about automation!
The rationale for using READMEs was avoiding duplication, as you mentioned, and keep things simple. I agree that for this PoC the regexp approach is a little rough, but I was thinking about a microformat (not in the sense of microformats.org, which AFAIU are tied to HTML, and I'd rather not add an HTML parser into this) to have both something more solid to parse and keep it readable in the READMEs. Something like, for example:
We can force it to be one per line, wdyt? Also, these are examples of the output of this check: It checks each directory recursively, starting from the top-level one and going down to the more nested ones, to see if the maintainer is listed in any of the READMEs. Note that in the second PR, the
It should be the target branch, but good catch. This is crucial for the whole process and we should double check it does what we mean.
The action doesn't fail, but instead comments on the PR with a warning, as you can see from above, giving hints to the reviewer. In case a PR author adds themselves it would warn about them not being in one of the READMEs and tag the appropriate people, who can then review the PR.
Nice to hear! The idea is that we can maybe operate on an opt-in basis, adding the toplevel dir of projects that want to do this check. After that, the only place to generalize is https://github.com/perma-id/w3id.org/pull/3801/files#diff-d9ac58060f3a6f15a3f7e4744d195da1ecf3d3352fcefb89312357a980ddaebcR21 |
body += isAuthorFound | ||
? `Author @${author} is listed as maintainer of \`${directory}\` (via [\`${dir}/README.md\`](../blob/master/${dir}/README.md))` | ||
: [ | ||
`Author @${author} is not listed in any README.md within the \`italia/\` directory`, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
`Author @${author} is not listed in any README.md within the \`italia/\` directory`, | |
`Author @${author} is not listed in any README.md within the \`${ROOT_DIR}/\` directory`, |
name: Review PR permissions for italia/ directory | ||
|
||
on: | ||
pull_request_target: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is one of the most annoying missing features in GitHub actions: workflows from forks use a GITHUB_TOKEN
with no permission to comment on the PR and every solution is either convoluted, a foot-gun or both.
pull_target_request
is the simplest foot-gun and is not a security issue as long as:
- we don't checkout of the repository's code
- there are no secrets (https://github.com/perma-id/w3id.org/settings/secrets/actions)
- changes to this file are carefully reviewed, making sure the above items don't change over time or in the proposed patch
When opening a PR changing something under the italia/ identifier, check whether the author is listed as a maintainer in one of the READMEs, starting from the top directory (italia/) and and progressively narrowing down to the specific directory of the change.
Then create a comment with the findings, tagging the relevant users.
This is a PoC for #3799 (comment)
cc @dgarijo