From 610c4e747d180c140e4dfa93d2056b6aba01c7a9 Mon Sep 17 00:00:00 2001 From: Carlos Eduardo Arango Gutierrez Date: Thu, 29 Feb 2024 18:41:41 +0100 Subject: [PATCH] QUick look Signed-off-by: Carlos Eduardo Arango Gutierrez --- .github/workflows/test.yaml | 1 + action.yaml | 3 ++ cmd/nv-ci-bot/retitle/retitle.go | 56 ++++++++++++++++++++++++++++---- 3 files changed, 53 insertions(+), 7 deletions(-) diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index 5b0f2558..3920da25 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -12,3 +12,4 @@ jobs: - uses: ./ with: github-token: ${{ secrets.GITHUB_TOKEN }} + github-team: "cloud-native" diff --git a/action.yaml b/action.yaml index 94ff2805..c40bbb2f 100644 --- a/action.yaml +++ b/action.yaml @@ -4,6 +4,9 @@ inputs: github-token: description: "Token used by prow actions to accomplish jobs and tasks. May be a bot user access token or the limited scope Github token" required: true + github-team: + description: "The team name to which the bot belongs" + required: true runs: using: docker image: Dockerfile diff --git a/cmd/nv-ci-bot/retitle/retitle.go b/cmd/nv-ci-bot/retitle/retitle.go index 22ee1e1b..c5032f90 100644 --- a/cmd/nv-ci-bot/retitle/retitle.go +++ b/cmd/nv-ci-bot/retitle/retitle.go @@ -17,9 +17,12 @@ package retitle import ( + "context" + "os" "regexp" "strings" + "golang.org/x/oauth2" "k8s.io/klog/v2" "github.com/google/go-github/v59/github" @@ -64,16 +67,49 @@ func (m command) build() *cli.Command { func (m command) run(c *cli.Context) error { action := githubactions.New() + // Create the GitHub client + accessToken := os.Getenv("INPUT_GITHUB-TOKEN") + ts := oauth2.StaticTokenSource( + &oauth2.Token{AccessToken: accessToken}, + ) + tc := oauth2.NewClient(c.Context, ts) + gh := github.NewClient(tc) + + // Get the event context, err := action.Context() if err != nil { m.log.Error(err, "Failed to get action context") return err } + org, repo := context.Repo() + + // Check if user is trusted first + var user string + if context.Event != nil { + if comment, ok := context.Event["comment"].(map[string]any); ok { + if userMap, ok := comment["user"].(map[string]any); ok { + if login, ok := userMap["login"].(string); ok { + user = login + } + } + } + } + + trusted, err := isMemberOfTeam(gh, org, "cloud-native", user) + if err != nil { + m.log.Error(err, "Failed to check if user is trusted") + return err + } + if !trusted { + m.log.Info("User is not trusted") + return nil + } var newTitle string - var issueNumber int + var issueNumber float64 if context.Event != nil { if comment, ok := context.Event["comment"].(map[string]any); ok { + // Extract the comment body if body, ok := comment["body"].(string); ok { // Make sure they are requesting a re-title if !retitleRe.MatchString(body) { @@ -83,8 +119,9 @@ func (m command) run(c *cli.Context) error { newTitle = getNewTitle(body) } } + // get the issue number if issue, ok := context.Event["issue"].(map[string]any); ok { - if num, ok := issue["number"].(int); ok { + if num, ok := issue["number"].(float64); ok { issueNumber = num } } @@ -92,15 +129,11 @@ func (m command) run(c *cli.Context) error { m.log.Info("New title", "title", newTitle) m.log.Info("Issue number", "number", issueNumber) - org, repo := context.Repo() - ghToken := action.Getenv("GITHUB_TOKEN") - gh := github.NewClient(nil).WithAuthToken(ghToken) - // Update the title req := &github.IssueRequest{ Title: &newTitle, } - _, _, err = gh.Issues.Edit(c.Context, org, repo, issueNumber, req) + _, _, err = gh.Issues.Edit(c.Context, org, repo, int(issueNumber), req) if err != nil { m.log.Error(err, "Failed to update issue") return err @@ -116,3 +149,12 @@ func getNewTitle(body string) string { } return strings.TrimSpace(matches[1]) } + +// Check if the user is a member of the team +func isMemberOfTeam(gh *github.Client, org, team, user string) (bool, error) { + membership, _, err := gh.Teams.GetTeamMembershipBySlug(context.Background(), org, team, user) + if err != nil { + return false, err + } + return membership.State != nil && *membership.State == "active", nil +}