Validate Approval #19
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Validate Approval | |
| on: | |
| pull_request_review: | |
| types: [submitted] | |
| permissions: | |
| contents: read | |
| pull-requests: write | |
| actions: write | |
| statuses: write | |
| jobs: | |
| approve_and_run: | |
| runs-on: ubuntu-latest | |
| if: | | |
| ( | |
| github.event.review.state == 'approved' && | |
| github.event.review.user.login == 'Gamebuster19901' | |
| ) || | |
| ( | |
| ( | |
| github.event.pull_request != null && | |
| github.event.sender.login == 'Gamebuster19901' && | |
| github.event.pull_request.user.login == 'Gamebuster19901' | |
| ) && | |
| ( | |
| startsWith(github.event.review.body, 'approved') || | |
| startsWith(github.event.review.body, 'reject') | |
| ) | |
| ) | |
| steps: | |
| - name: Handle Approved Review | |
| if: | | |
| github.event.review.state == 'approved' || startsWith(github.event.review.body, 'approved') | |
| id: "checking_approval" | |
| run: | | |
| DESC="${{ github.event.review.user.login }} APPROVED build for ${{ github.event.review.commit_id }}" | |
| echo "$DESC" | |
| echo "conclusion=success" >> "$GITHUB_ENV" | |
| echo "description=$DESC" >> "$GITHUB_ENV" | |
| - name: Rejected Review Handling | |
| if: startsWith(github.event.review.body, 'reject') | |
| run: | | |
| DESC="${{ github.event.review.user.login }} REJECTED build for ${{ github.event.review.commit_id }}" | |
| echo "$DESC" | |
| echo "conclusion=failure" >> "$GITHUB_ENV" | |
| echo "description=$DESC" >> "$GITHUB_ENV" | |
| exit 1 | |
| - name: Post Status Check | |
| if: | |
| always() | |
| run: | | |
| echo "${{ env.approved_sha }}" | |
| STATUS="${{ env.conclusion }}" | |
| DESCRIPTION="${{ env.description }}" | |
| CONTEXT="Approval Validation" | |
| APPROVED_SHA="${{ github.event.review.commit_id }}" | |
| TARGET_URL="https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}" | |
| # Post the status using GitHub API | |
| curl -s -X POST \ | |
| -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \ | |
| -H "Content-Type: application/json" \ | |
| -d "{ | |
| \"state\": \"$STATUS\", | |
| \"description\": \"$DESCRIPTION\", | |
| \"context\": \"Approval Validation\", | |
| \"target_url\": \"$TARGET_URL\" | |
| }" \ | |
| "https://api.github.com/repos/${{ github.repository }}/statuses/$APPROVED_SHA" | |
| - name: Trigger Build Commit Workflow | |
| if: success() | |
| env: | |
| PR_BRANCH: ${{ github.event.pull_request.head.ref }} | |
| run: | | |
| echo "Triggering workflow for branch: $PR_BRANCH" | |
| # Construct JSON payload safely using jq | |
| JSON_PAYLOAD=$(jq -n --arg ref "refs/heads/$PR_BRANCH" \ | |
| --arg sha "${{ github.event.review.commit_id }}" \ | |
| '{ref: $ref, inputs: {sha: $sha}}') | |
| # Define the API endpoint for dispatching the workflow | |
| WORKFLOW_URL="https://api.github.com/repos/${{ github.repository }}/actions/workflows/build.yml/dispatches" | |
| # Trigger the workflow | |
| HTTP_CODE=$(curl -s -o response.json -w "%{http_code}" -X POST \ | |
| -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \ | |
| -H "Accept: application/vnd.github.v3+json" \ | |
| -d "$JSON_PAYLOAD" \ | |
| "$WORKFLOW_URL") | |
| if [[ "$HTTP_CODE" -lt 200 || "$HTTP_CODE" -ge 300 ]]; then | |
| echo "Error triggering the workflow: HTTP $HTTP_CODE" | |
| cat response.json | |
| exit 1 | |
| else | |
| echo "Successfully triggered the workflow." | |
| fi |