Split the workflow for MQ addition and warning to agent-devx

DataDog · Feb 5, 2025 · dc961d1 · dc961d1
1 parent 88ed521
commit dc961d1
Show file tree

Hide file tree

Showing 2 changed files with 98 additions and 55 deletions.
diff --git a/.github/workflows/add_dependabot_pr_to_mq.yml b/.github/workflows/add_dependabot_pr_to_mq.yml
@@ -1,57 +1,71 @@
 ---
-    name: Add dependabot PR to the Merge Queue
-    on:
-      pull_request_review:
-        types:
-          - submitted
-          - edited
-
-    jobs:
-      add_to_merge_queue:
-        if: github.event.pull_request.user.login == 'dependabot[bot]'
-        runs-on: ubuntu-latest
-        permissions:
-          pull-requests: write
-
-        steps:
-          - uses: actions/create-github-app-token@c1a285145b9d317df6ced56c09f525b5c2b6f755 # v1.11.1
-            id: app-token
-            with:
-              app-id: ${{ vars.DD_GITHUB_TOKEN_GENERATOR_APP_ID }}
-              private-key: ${{ secrets.DD_GITHUB_TOKEN_GENERATOR_PRIVATE_KEY }}
-          - name: Check if the PR is mergeable
-            uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
-            id: check-mergeable
-            with:
-              github-token: ${{ steps.app-token.outputs.token }}
-              script: |
-                const pullRequestNumber = context.payload.pull_request.number;
-                const { data: pullRequest } = await github.rest.pulls.get({
-                  owner: context.repo.owner,
-                  repo: context.repo.repo,
-                  pull_number: pullRequestNumber
-                });
+name: Add dependabot PR to the Merge Queue
+on:
+  pull_request_review:
+    types:
+      - submitted
+      - edited
 
-                return `${pullRequest.mergeable && pullRequest.mergeable_state === 'clean'}`;
-              result-encoding: string
-          - name: Contact agent-devx
-            if: ${{ steps.check-mergeable.outputs.result != 'true' }}
-            run: |
-              message="Hi!\nThis dependabot PR ${{github.event.pull_request.html_url}} is not mergeable.\nPlease check it out."
-              curl -X POST -H "Content-Type: application/json" --data '{"message": "$message"}' ${{ secrets.SLACK_AGENT_DEVX_WEBHOOK }}
-          - name: Add Merge Comment to Pull Request
-            if: ${{ steps.check-mergeable.outputs.result == 'true' }}
-            uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
-            with:
-              github-token: ${{ steps.app-token.outputs.token }}
-              script: |
-                const pullRequestNumber = context.payload.pull_request.number;
-                const commentBody = "/merge";
-    
-                // Add a comment to the pull request
-                await github.rest.issues.createComment({
-                  owner: context.repo.owner,
-                  repo: context.repo.repo,
-                  issue_number: pullRequestNumber,
-                  body: commentBody
-                });
+jobs:
+  add_to_merge_queue:
+    if: github.event.pull_request.user.login == 'dependabot[bot]'
+    runs-on: ubuntu-latest
+    permissions:
+      pull-requests: write
+
+    steps:
+      - uses: actions/create-github-app-token@c1a285145b9d317df6ced56c09f525b5c2b6f755 # v1.11.1
+        id: app-token
+        with:
+          app-id: ${{ vars.DD_GITHUB_TOKEN_GENERATOR_APP_ID }}
+          private-key: ${{ secrets.DD_GITHUB_TOKEN_GENERATOR_PRIVATE_KEY }}
+      - name: Check if the PR is mergeable
+        uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
+        id: check-mergeable
+        with:
+          github-token: ${{ steps.app-token.outputs.token }}
+          script: |
+            const pullRequestNumber = context.payload.pull_request.number;
+            const { data: pullRequest } = await github.rest.pulls.get({
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              pull_number: pullRequestNumber
+            });
+            const { data: reviews } = await github.rest.pulls.listReviews({
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              pull_number: pullRequestNumber
+            });
+
+            // Users can have several reviews, which are listed in chronological order: we use a map to keep the last review state.
+            let reviewers = new Map();
+            for (const review of reviews) {
+              reviewers.set(review.user.login, review.state);
+            }
+            let allApproved = true;
+            for (const [reviewer, state] of reviewers) {
+              if (state === 'CHANGES_REQUESTED') {
+                allApproved = false;
+                break;
+              }
+            }
+            // When a required reviewer approves, the team is removed from the requested_teams list.
+            // As such, a mergeable PR has no more requested teams and no changes requested in its reviews.
+            return `${allAproved && pullRequest.requested_teams.length === 0}`;
+          result-encoding: string
+      - name: Add Merge Comment to Pull Request
+        if: ${{ steps.check-mergeable.outputs.result == 'true' }}
+        uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
+        with:
+          github-token: ${{ steps.app-token.outputs.token }}
+          script: |
+            const pullRequestNumber = context.payload.pull_request.number;
+            const commentBody = "/merge";
+
+            // Add a comment to the pull request
+            await github.rest.issues.createComment({
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              issue_number: pullRequestNumber,
+              body: commentBody
+            });
diff --git a/.github/workflows/warn_failed_dependabot_pr.yml b/.github/workflows/warn_failed_dependabot_pr.yml
@@ -0,0 +1,29 @@
+---
+name: Warn Failed Dependabot PR
+
+on:
+  issue_comment:
+    types: 
+      - created
+      - edited
+
+jobs:
+  check_comment:
+    if: github.actor == 'dd-devflow[bot]'
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check for error in comment
+        id: check-comment
+        env:
+          PR_BODY: ${{ github.event.comment.body }}
+        run: |
+              if echo "$PR_BODY" | grep -iE "(unqueued|failing)"; then
+                  echo "not_merged=true" >> $GITHUB_OUTPUT
+              else
+                  echo "not_merged=false" >> $GITHUB_OUTPUT
+              fi
+      - name: Contact agent-devx
+        if: ${{ steps.check-comment.outputs.not_merged == 'true' }}
+        run: |
+          message="Hi!\nThis dependabot PR ${{github.event.issue.html_url}} was not merged.\nPlease have a look."
+          curl -X POST -H "Content-Type: application/json" --data '{"message": "$message"}' ${{ secrets.SLACK_AGENT_DEVX_WEBHOOK }}