1+ name : Major Version Approval Check
2+
3+ on :
4+ pull_request :
5+ types : [opened, synchronize, reopened, edited]
6+ branches : ['main']
7+ pull_request_review :
8+ types : [submitted]
9+
10+ permissions :
11+ contents : read
12+ pull-requests : read
13+
14+ jobs :
15+ major-version-approval-check :
16+ name : Major Version Approval Check
17+ runs-on : ubuntu-latest
18+ if : github.event.pull_request.user.login == 'release-please[bot]' && contains(github.event.pull_request.body, 'MAJOR_VERSION_ALLOWED=')
19+ steps :
20+ - name : Check for at least 2 approvals from yoshi-php members
21+ env :
22+ GH_TOKEN : ${{ secrets.GITHUB_TOKEN }}
23+ PR_NUMBER : ${{ github.event.pull_request.number }}
24+ REQUIRED_APPROVALS : 2
25+ run : |
26+ set -eo pipefail
27+
28+ echo "Fetching approvals for PR #$PR_NUMBER..."
29+ # Get a unique, sorted list of all users who have approved.
30+ approvals=$(gh pr view $PR_NUMBER --json reviews --jq '[.reviews[] | select(.state == "APPROVED") | .author.login] | unique | .[]' | sort -u)
31+ if [ -z "$approvals" ]; then
32+ echo "No approvals found on this PR."
33+ approvals=""
34+ fi
35+
36+ echo "Fetching yoshi-php team members..."
37+ team_members=$(gh api --paginate orgs/googleapis/teams/yoshi-php/members --jq '.[].login' | sort -u)
38+ if [ -z "$team_members" ]; then
39+ echo "Error: Could not fetch any members for the yoshi-php team."
40+ exit 1
41+ fi
42+
43+ # find and count the intersection of the two lists.
44+ count=$(echo "$team_members" | grep -F -x -f <(echo "$approvals") | wc -l)
45+
46+ echo "Found $count approval(s) from the yoshi-php team."
47+
48+ if [[ $count -lt $REQUIRED_APPROVALS ]]; then
49+ echo "Error: Requires at least $REQUIRED_APPROVALS approvals from the yoshi-php team. Only $count found."
50+ exit 1
51+ else
52+ echo "Success: Approval requirement of $REQUIRED_APPROVALS met."
53+ fi
0 commit comments