Update bypass approval github workflow (#69)

Use centralized workflow
bufbuild · Oct 26, 2022 · 75fcd41 · 75fcd41
1 parent 0c188ae
commit 75fcd41
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 30 deletions.
diff --git a/.github/workflows/emergency-review-bypass.yaml b/.github/workflows/emergency-review-bypass.yaml
@@ -8,14 +8,5 @@ permissions:
 jobs:
   approve:
     if: github.event.label.name == 'Emergency Bypass Review'
-    runs-on: self-hosted
-    steps:
-      - name: approve pull request
-        uses: hmarr/auto-approve-action@9ae347e9f84a25da76c915a406cb17cfece1716d
-        with:
-          github-token: ${{ secrets.GITHUB_TOKEN }}
-          pull-request-number: ${{ github.event.inputs.pullRequestNumber }}
-      - name: Slack Notification
-        run: |
-          jq --null-input '{ text: "Oh no! The following PR was emergency approved: ${{github.event.pull_request.html_url}}" }' \
-          | curl -sSL -X POST -H 'Content-Type: application/json' -d @- '${{ secrets.SLACK_MERGE_WITHOUT_APPROVAL_WEBHOOK }}'
+    uses: bufbuild/base-workflows/.github/workflows/emergency-review-bypass.yaml@main
+    secrets: inherit
diff --git a/.github/workflows/notify-approval-bypass.yaml b/.github/workflows/notify-approval-bypass.yaml
@@ -9,22 +9,5 @@ permissions:
   pull-requests: read
 jobs:
   approval:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Fail If No Approval
-        if: ${{ github.event.pull_request.merged }}
-        env:
-          AUTH_HEADER: 'Authorization: token ${{ secrets.GITHUB_TOKEN }}'
-          JSON_HEADER: 'Content-Type: application/json'
-          REVIEWS_URL: 'https://api.github.com/repos/${{ github.repository }}/pulls/${{ github.event.pull_request.number }}/reviews'
-        run: |
-          curl -sSL -H "${JSON_HEADER}" -H "${AUTH_HEADER}" "${REVIEWS_URL}" \
-            | jq -e '. | map({user: .user.login, state: .state})
-                       | reduce .[] as $x ({}; .[$x.user] = $x.state)
-                       | to_entries | map(.value)
-                       | contains(["APPROVED"]) and (contains(["CHANGES_REQUESTED"]) | not)'
-      - name: Slack Notification
-        if: ${{ failure() }}
-        run: |
-          jq --null-input '{ text: "Oh no! The following PR was merged without approval: w${{github.event.pull_request.html_url}}" }' \
-          | curl -sSL -X POST -H 'Content-Type: application/json' -d @- '${{ secrets.SLACK_MERGE_WITHOUT_APPROVAL_WEBHOOK }}'
+    uses: bufbuild/base-workflows/.github/workflows/notify-approval-bypass.yaml@main
+    secrets: inherit