Require that the PR come from dependabot

grofers · May 25, 2020 · 8c2996e · 8c2996e
1 parent a0eb3b2
commit 8c2996e
Show file tree

Hide file tree

Showing 5 changed files with 46 additions and 21 deletions.
diff --git a/.prettierrc b/.prettierrc
@@ -0,0 +1,4 @@
+{
+  "trailingComma": "es5",
+  "singleQuote": true
+}
diff --git a/action.yml b/action.yml
@@ -1,5 +1,5 @@
-name: 'Auto Approve'
-description: 'Automatically approve pull requests'
+name: 'Auto Approve Dependabot'
+description: 'Automatically approve dependabot pull requests'
 branding:
   icon: 'check-circle'
   color: 'green'

diff --git a/dist/index.js b/dist/index.js
@@ -1448,23 +1448,29 @@ var __importStar = (this && this.__importStar) || function (mod) {
 Object.defineProperty(exports, "__esModule", { value: true });
 const core = __importStar(__webpack_require__(470));
 const github = __importStar(__webpack_require__(469));
+const ALLOWED_NAMES = ['dependabot[bot]', 'dependabot-preview[bot]'].reduce((acc, name) => (Object.assign(Object.assign({}, acc), { [name]: true })), {});
 function run() {
     return __awaiter(this, void 0, void 0, function* () {
         try {
-            const token = core.getInput("github-token", { required: true });
-            const { pull_request: pr } = github.context.payload;
+            const token = core.getInput('github-token', { required: true });
+            const { actor, payload: { pull_request: pr }, } = github.context;
             if (!pr) {
-                throw new Error("Event payload missing `pull_request`");
+                throw new Error('Event payload missing `pull_request`');
+            }
+            core.info(`PR #${pr.number} opened from ${actor}`);
+            if (!ALLOWED_NAMES[actor]) {
+                core.info(`PR #${pr.number} is not from an approved source (${actor})`);
+                return;
             }
             const client = new github.GitHub(token);
             core.debug(`Creating approving review for pull request #${pr.number}`);
             yield client.pulls.createReview({
                 owner: github.context.repo.owner,
                 repo: github.context.repo.repo,
                 pull_number: pr.number,
-                event: "APPROVE"
+                event: 'APPROVE',
             });
-            core.debug(`Approved pull request #${pr.number}`);
+            core.info(`Approved pull request #${pr.number}`);
         }
         catch (error) {
             core.setFailed(error.message);

diff --git a/package.json b/package.json
@@ -1,7 +1,7 @@
 {
-  "name": "auto-approve-action",
-  "version": "1.0.0",
-  "description": "Automatically approve pull requests",
+  "name": "auto-approve-dependabot-action",
+  "version": "2.0.1",
+  "description": "Automatically approve dependabot pull requests",
   "main": "dist/main.ts",
   "scripts": {
     "build": "ncc build src/main.ts",
@@ -11,17 +11,17 @@
   },
   "repository": {
     "type": "git",
-    "url": "git+https://github.com/hmarr/auto-approve-action.git"
+    "url": "git+https://github.com/cognitedata/auto-approve-dependabot-action.git"
   },
   "keywords": [
     "actions"
   ],
-  "author": "hmarr",
+  "author": "Cognite AS",
   "license": "MIT",
   "bugs": {
-    "url": "https://github.com/hmarr/auto-approve-action/issues"
+    "url": "https://github.com/cognitedata/auto-approve-dependabot-action/issues"
   },
-  "homepage": "https://github.com/hmarr/auto-approve-action#readme",
+  "homepage": "https://github.com/cognitedata/auto-approve-dependabot-action#readme",
   "dependencies": {
     "@actions/core": "^1.2.0",
     "@actions/github": "^1.1.0"

diff --git a/src/main.ts b/src/main.ts
@@ -1,13 +1,28 @@
-import * as core from "@actions/core";
-import * as github from "@actions/github";
+import * as core from '@actions/core';
+import * as github from '@actions/github';
+
+const ALLOWED_NAMES = ['dependabot[bot]', 'dependabot-preview[bot]'].reduce(
+  (acc, name) => ({ ...acc, [name]: true }),
+  {}
+);
 
 async function run() {
   try {
-    const token = core.getInput("github-token", { required: true });
+    const token = core.getInput('github-token', { required: true });
 
-    const { pull_request: pr } = github.context.payload;
+    const {
+      actor,
+      payload: { pull_request: pr },
+    } = github.context;
     if (!pr) {
-      throw new Error("Event payload missing `pull_request`");
+      throw new Error('Event payload missing `pull_request`');
+    }
+
+    core.info(`PR #${pr.number} opened from ${actor}`);
+
+    if (!ALLOWED_NAMES[actor]) {
+      core.info(`PR #${pr.number} is not from an approved source (${actor})`);
+      return;
     }
 
     const client = new github.GitHub(token);
@@ -16,9 +31,9 @@ async function run() {
       owner: github.context.repo.owner,
       repo: github.context.repo.repo,
       pull_number: pr.number,
-      event: "APPROVE"
+      event: 'APPROVE',
     });
-    core.debug(`Approved pull request #${pr.number}`);
+    core.info(`Approved pull request #${pr.number}`);
   } catch (error) {
     core.setFailed(error.message);
   }