Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ci: add workflow for the Bounty Program commands #277

Merged
merged 3 commits into from
Mar 18, 2024
Merged
Changes from 2 commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
90 changes: 90 additions & 0 deletions .github/workflows/bounty-program-commands.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,90 @@
# This workflow is centrally managed at https://github.com/asyncapi/.github/
# Don't make changes to this file in this repository, as they will be overwritten with
# changes made to the same file in the abovementioned repository.

# The purpose of this workflow is to allow Bounty Team members
# (https://github.com/orgs/asyncapi/teams/bounty_team) to issue commands to the
# organization's global AsyncAPI bot related to the Bounty Program, while at the
# same time preventing unauthorized users from misusing them.

name: Bounty Program commands

on:
issue_comment:
types:
- created

jobs:
guard-against-unauthorized-use:
if: >
github.actor != ('aeworxet' || 'thulieblack') &&
(
contains(github.event.comment.body, '/bounty' )
)

runs-on: ubuntu-latest

steps:
- name: ❌ @${{github.actor}} made an unauthorized attempt to use a Bounty Program's command
uses: actions/github-script@v6

with:
github-token: ${{ secrets.GH_TOKEN }}
script: |
const commentText = `❌ @${{github.actor}} is not authorized to use the Bounty Program's commands.
These commands can only be used by members of the [Bounty Team](https://github.com/orgs/asyncapi/teams/bounty_team).`;

console.log(`❌ @${{github.actor}} made an unauthorized attempt to use a Bounty Program's command.`);
github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: commentText
})

add-label-bounty:
if: >
github.actor == ('aeworxet' || 'thulieblack') &&
(
contains(github.event.comment.body, '/bounty' )
)

runs-on: ubuntu-latest
env:
BOUNTY_PROGRAM_LABELS_JSON: |
[
{"name": "bounty", "color": "0e8a16", "description": "Participation in the Bounty Program"}
]

steps:
- name: Add label `bounty`
uses: actions/github-script@v6

with:
github-token: ${{ secrets.GH_TOKEN }}
script: |
derberg marked this conversation as resolved.
Show resolved Hide resolved
const BOUNTY_PROGRAM_LABELS = JSON.parse(process.env.BOUNTY_PROGRAM_LABELS_JSON);
let LIST_OF_LABELS_FOR_REPO = await github.rest.issues.listLabelsForRepo({
owner: context.repo.owner,
repo: context.repo.repo,
});

LIST_OF_LABELS_FOR_REPO = LIST_OF_LABELS_FOR_REPO.data.map(key => key.name);

if (!LIST_OF_LABELS_FOR_REPO.includes(BOUNTY_PROGRAM_LABELS[0].name)) {
await github.rest.issues.createLabel({
owner: context.repo.owner,
repo: context.repo.repo,
name: BOUNTY_PROGRAM_LABELS[0].name,
color: BOUNTY_PROGRAM_LABELS[0].color,
description: BOUNTY_PROGRAM_LABELS[0].description
});
}

console.log('Adding label `bounty`...');
github.rest.issues.addLabels({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
labels: [BOUNTY_PROGRAM_LABELS[0].name]
})
Loading