This action is meant to help in managing inbound PRs that may need adjustment other than code.
It looks for the following:
- PR Title formatted according to conventional commits.
- PR Body refers to an issue, as detected by a regular expression
- PR originates from a branch other than the protected branch, e.g. "main", (based on head ref)
- PR does not include modifications to specific files that should be reviewed carefully (e.g. package.json)
Below is a sample yaml file to place in .github/workflows/:
name: PR Compliance
on:
pull_request_target:
types: [opened, edited, reopened]
# Action should have write permission to make updates to PR
permissions:
pull-requests: write
# Uncomment the line below if using the `issue-labels`
# option on a private repository.
# issues: read
jobs:
pr-compliance:
runs-on: ubuntu-latest
steps:
- uses: mtfoley/pr-compliance-action@main
with:
# all inputs are optional
watch-files: |
package.json
npm-shrinkwrap.json
issue-labels: |
accepting prsThis action drives the following outcomes with all inputs at default:
| Check | Outcome on Flagging |
|---|---|
| PR Title Lint Fails | Action shows as failed check. Action leaves review comment. |
| PR Does Not Refer to Issue | Action closes issue. Action leaves review comment. |
| PR Originates from Protected Branch | Action closes issue. Action leaves review comment. |
| PR Modifies Watched Files | Action leaves review comment. |
If a PR is initially deemed non-compliant by the action and a review comment is left, the action will update this same review comment each time it runs again (e.g. if the PR title or description changes). If the PR is found to be compliant after changes, the review comment will be updated to reflect this.
All inputs are optional and have default values.
| Name | Default | Description |
|---|---|---|
| repo-token | secrets.GITHUB_TOKEN |
Access token for which this action will run. This action uses @actions/core library. |
| ignore-authors | dependabot dependabot[bot] |
If the action detects that the PR author is one of these logins, it will skip checks and set all outputs to true. |
| base-comment | (see action.yml) | Preamble to any comment the action leaves on the PR. |
| ignore-team-members | true | Whether to ignore in the case that the PR author is a) the owner of repository, or b) has a public membership1 in the org that owns the repository. |
| body-regex | (see action.yml) | Regular expression to identify whether the PR body refers to an issue23. |
| body-fail | false | Whether to trigger a failing check when the body-regex is not matched in the PR body. Triggers a warning by default. |
| body-auto-close | true | Whether or not to auto-close on failed check of PR Body |
| body-comment | (see action.yml) | Comment to leave on PR on failed check of PR Body |
| issue-labels | (Blank) | List of labels that must exist on all issues linked to a PR4. |
| issue-labels-auto-close | true | Whether to auto-close on failed check of issue labels. |
| issue-labels-comment | (see action.yml) | Comment to leave on PR when issue labels are missing. |
| protected-branch | (Blank) | Branch that check should ensure that PR does not use as it's head. If left blank, it falls back to default branch. |
| protected-branch-auto-close | true | Whether or not to auto-close on failed check of PR head branch |
| protected-branch-comment | (see action.yml) | Comment to leave on PR on failed check of PR head branch. |
| title-check-enable | true | Whether or not to lint PR title per conventional commits. |
| title-comment | (see action.yml) | Comment to leave on PR on failed check of PR title per conventional commits |
| watch-files | (Blank) | Files to flag for modifications (e.g. package.json) |
| watch-files-comment | (see action.yml) | Comment to leave on PR when watched files have been changed. |
Each check performed is also manifested in an output.
| Name | Description |
|---|---|
| body-check | Result of match for PR Body against configured regex. |
| branch-check | Result of check to ensure PR head is not protected branch. |
| title-check | Result of check to ensure PR title is formatted per conventional commits |
| watch-files-check | Result of check for watched files having been modified. True if no modifications found to watched files. |
Footnotes
-
In a case where a contributor has a private membership to the org, the
ignore-authorsmay be used to skip checks - however, this workflow file configuration could effectively make membership public. ↩ -
Default regular expression is based on linking to an issue using a keyword. To keep PRs related to issues within the same same repo, we use the
KEYWORD #ISSUE-NUMBERsyntax. However, one could also use a regular expression like(fix(es|ed)?|((resolve|close)(s|d)?)) (my-org)\/([a-z0-9\-_]*)#\d*[1-9]\d*↩ -
The body check can be configured to always pass by using a sufficiently generic regex, e.g.
.*, that will match any PR description. ↩ -
The issue labels check needs read permissions for issues to see what labels are on the linked issues for the PR. For public repositories, the workflow file should not need any adjustment. For private repositories, the workflow file will need to have the
issues: readpermission added if any issue labels are specified as required. ↩