Add ability to specify a team as an approver

Prior to this change, the approvers could only be explicit users. With this change, you can now specify an org team and this will be expanded out with a user list for approvers. Closes #14.
2022-07-14 21:57:27 -04:00
6 changed files with 166 additions and 28 deletions
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1 @@
+.env
--- a/README.md
+++ b/README.md
@ -29,12 +29,12 @@ steps:
  - uses: trstringer/manual-approval@v1
    with:
      secret: ${{ github.TOKEN }}
-      approvers: user1,user2
+      approvers: user1,user2,org-team1
      minimum-approvals: 1
      issue-title: "Deploying v1.3.5 to prod from staging"
 ```

- `approvers` is a comma-delimited list of all required approvers. (*Note: Required approvers must have the ability to be set as approvers in the repository. If you add an approver that doesn't have this permission then you would receive an HTTP/402 Validation Failed error when running this action*)
+- `approvers` is a comma-delimited list of all required approvers. An approver can either be a user or an org team. (*Note: Required approvers must have the ability to be set as approvers in the repository. If you add an approver that doesn't have this permission then you would receive an HTTP/402 Validation Failed error when running this action*)
 - `minimum-approvals` is an integer that sets the minimum number of approvals required to progress the workflow. Defaults to ALL approvers.
 - `issue-title` is a string that will be appened to the title of the issue.

--- a/approval.go
+++ b/approval.go
@ -15,11 +15,11 @@ type approvalEnvironment struct {
 	repo                string
 	repoOwner           string
 	runID               int
-	approvers           []string
-	minimumApprovals    int
 	approvalIssue       *github.Issue
 	approvalIssueNumber int
 	issueTitle          string
+	issueApprovers      []string
+	minimumApprovals    int
 }

 func newApprovalEnvironment(client *github.Client, repoFullName, repoOwner string, runID int, approvers []string, minimumApprovals int, issueTitle string) (*approvalEnvironment, error) {
@ -35,7 +35,7 @@ func newApprovalEnvironment(client *github.Client, repoFullName, repoOwner strin
 		repo:             repo,
 		repoOwner:        repoOwner,
 		runID:            runID,
-		approvers:        approvers,
+		issueApprovers:   approvers,
 		minimumApprovals: minimumApprovals,
 		issueTitle:       issueTitle,
 	}, nil
@ -59,7 +59,7 @@ Required approvers: %s

 Respond %s to continue workflow or %s to cancel.`,
 		a.runURL(),
-		a.approvers,
+		a.issueApprovers,
 		formatAcceptedWords(approvedWords),
 		formatAcceptedWords(deniedWords),
 	)
@ -69,13 +69,13 @@ Respond %s to continue workflow or %s to cancel.`,
 		a.repoOwner,
 		a.repo,
 		issueTitle,
-		a.approvers,
+		a.issueApprovers,
 		issueBody,
 	)
 	a.approvalIssue, _, err = a.client.Issues.Create(ctx, a.repoOwner, a.repo, &github.IssueRequest{
 		Title:     &issueTitle,
 		Body:      &issueBody,
-		Assignees: &a.approvers,
+		Assignees: &a.issueApprovers,
 	})
 	a.approvalIssueNumber = a.approvalIssue.GetNumber()
 	return err
--- a/approvers.go
+++ b/approvers.go
@ -0,0 +1,71 @@
+package main
+
+import (
+	"context"
+	"fmt"
+	"os"
+	"strconv"
+	"strings"
+
+	"github.com/google/go-github/v43/github"
+)
+
+func retrieveApprovers(client *github.Client, repoOwner string) ([]string, error) {
+	approvers := []string{}
+
+	requiredApproversRaw := os.Getenv(envVarApprovers)
+	requiredApprovers := strings.Split(requiredApproversRaw, ",")
+
+	for _, approverUser := range requiredApprovers {
+		expandedUsers := expandGroupFromUser(client, repoOwner, approverUser)
+		if expandedUsers != nil {
+			approvers = append(approvers, expandedUsers...)
+		} else {
+			approvers = append(approvers, approverUser)
+		}
+	}
+
+	approvers = deduplicateUsers(approvers)
+
+	minimumApprovalsRaw := os.Getenv(envVarMinimumApprovals)
+	minimumApprovals := len(approvers)
+	var err error
+	if minimumApprovalsRaw != "" {
+		minimumApprovals, err = strconv.Atoi(minimumApprovalsRaw)
+		if err != nil {
+			return nil, fmt.Errorf("error parsing minimum number of approvals: %w", err)
+		}
+	}
+
+	if minimumApprovals > len(approvers) {
+		return nil, fmt.Errorf("error: minimum required approvals (%d) is greater than the total number of approvers (%d)", minimumApprovals, len(approvers))
+	}
+
+	return approvers, nil
+}
+
+func expandGroupFromUser(client *github.Client, org, userOrTeam string) []string {
+	users, _, err := client.Teams.ListTeamMembersBySlug(context.Background(), org, userOrTeam, &github.TeamListTeamMembersOptions{})
+	if err != nil || len(users) == 0 {
+		return nil
+	}
+
+	userNames := make([]string, 0, len(users))
+	for _, user := range users {
+		userNames = append(userNames, user.GetLogin())
+	}
+
+	return userNames
+}
+
+func deduplicateUsers(users []string) []string {
+	uniqValuesByKey := make(map[string]bool)
+	uniqUsers := []string{}
+	for _, user := range users {
+		if _, ok := uniqValuesByKey[user]; !ok {
+			uniqValuesByKey[user] = true
+			uniqUsers = append(uniqUsers, user)
+		}
+	}
+	return uniqUsers
+}
--- a/approvers_test.go
+++ b/approvers_test.go
@ -0,0 +1,38 @@
+package main
+
+import (
+	"reflect"
+	"testing"
+)
+
+func TestDeduplicateUsers(t *testing.T) {
+	testCases := []struct {
+		name     string
+		input    []string
+		expected []string
+	}{
+		{
+			name:     "with_duplicate_user",
+			input:    []string{"first", "second", "first"},
+			expected: []string{"first", "second"},
+		},
+		{
+			name:     "without_duplicate_user",
+			input:    []string{"first", "second"},
+			expected: []string{"first", "second"},
+		},
+	}
+
+	for _, testCase := range testCases {
+		t.Run(testCase.name, func(t *testing.T) {
+			actual := deduplicateUsers(testCase.input)
+			if !reflect.DeepEqual(testCase.expected, actual) {
+				t.Fatalf(
+					"unequal depulicated: expected %v actual %v",
+					testCase.expected,
+					actual,
+				)
+			}
+		})
+	}
+}
--- a/main.go
+++ b/main.go
@ -6,7 +6,6 @@ import (
 	"os"
 	"os/signal"
 	"strconv"
-	"strings"
 	"time"

 	"github.com/google/go-github/v43/github"
@ -31,7 +30,7 @@ func handleInterrupt(ctx context.Context, client *github.Client, apprv *approval
 	}
 }

-func newCommentLoopChannel(ctx context.Context, apprv *approvalEnvironment, client *github.Client, approvers []string, minimumApprovals int) chan int {
+func newCommentLoopChannel(ctx context.Context, apprv *approvalEnvironment, client *github.Client) chan int {
 	channel := make(chan int)
 	go func() {
 		for {
@ -42,7 +41,7 @@ func newCommentLoopChannel(ctx context.Context, apprv *approvalEnvironment, clie
 				close(channel)
 			}

-			approved, err := approvalFromComments(comments, approvers, minimumApprovals)
+			approved, err := approvalFromComments(comments, apprv.issueApprovers, apprv.minimumApprovals)
 			if err != nil {
 				fmt.Printf("error getting approval from comments: %v\n", err)
 				channel <- 1
@ -106,7 +105,40 @@ func newGithubClient(ctx context.Context) *github.Client {
 	return github.NewClient(tc)
 }

+func validateInput() error {
+	missingEnvVars := []string{}
+	if os.Getenv(envVarRepoFullName) == "" {
+		missingEnvVars = append(missingEnvVars, envVarRepoFullName)
+	}
+
+	if os.Getenv(envVarRunID) == "" {
+		missingEnvVars = append(missingEnvVars, envVarRunID)
+	}
+
+	if os.Getenv(envVarRepoOwner) == "" {
+		missingEnvVars = append(missingEnvVars, envVarRepoOwner)
+	}
+
+	if os.Getenv(envVarToken) == "" {
+		missingEnvVars = append(missingEnvVars, envVarToken)
+	}
+
+	if os.Getenv(envVarApprovers) == "" {
+		missingEnvVars = append(missingEnvVars, envVarApprovers)
+	}
+
+	if len(missingEnvVars) > 0 {
+		return fmt.Errorf("missing env vars: %v", missingEnvVars)
+	}
+	return nil
+}
+
 func main() {
+	if err := validateInput(); err != nil {
+		fmt.Printf("%v\n", err)
+		os.Exit(1)
+	}
+
 	repoFullName := os.Getenv(envVarRepoFullName)
 	runID, err := strconv.Atoi(os.Getenv(envVarRunID))
 	if err != nil {
@ -118,26 +150,22 @@ func main() {
 	ctx := context.Background()
 	client := newGithubClient(ctx)

-	requiredApproversRaw := os.Getenv(envVarApprovers)
-	fmt.Printf("Required approvers: %s\n", requiredApproversRaw)
-	approvers := strings.Split(requiredApproversRaw, ",")
-
-	minimumApprovalsRaw := os.Getenv(envVarMinimumApprovals)
-	minimumApprovals := len(approvers)
-	if minimumApprovalsRaw != "" {
-		minimumApprovals, err = strconv.Atoi(minimumApprovalsRaw)
-		if err != nil {
-			fmt.Printf("error parsing minimum number of approvals: %v\n", err)
-			os.Exit(1)
-		}
-	}
-
-	if minimumApprovals > len(approvers) {
-		fmt.Printf("error: minimum required approvals (%v) is greater than the total number of approvers (%v)\n", minimumApprovals, len(approvers))
+	approvers, err := retrieveApprovers(client, repoOwner)
+	if err != nil {
+		fmt.Printf("error retrieving approvers: %v\n", err)
 		os.Exit(1)
 	}

 	issueTitle := os.Getenv(envVarIssueTitle)
+	minimumApprovalsRaw := os.Getenv(envVarMinimumApprovals)
+	minimumApprovals := 0
+	if minimumApprovalsRaw != "" {
+		minimumApprovals, err = strconv.Atoi(minimumApprovalsRaw)
+		if err != nil {
+			fmt.Printf("error parsing minimum approvals: %v\n", err)
+			os.Exit(1)
+		}
+	}
 	apprv, err := newApprovalEnvironment(client, repoFullName, repoOwner, runID, approvers, minimumApprovals, issueTitle)
 	if err != nil {
 		fmt.Printf("error creating approval environment: %v\n", err)
@ -153,7 +181,7 @@ func main() {
 	killSignalChannel := make(chan os.Signal, 1)
 	signal.Notify(killSignalChannel, os.Interrupt)

-	commentLoopChannel := newCommentLoopChannel(ctx, apprv, client, approvers, minimumApprovals)
+	commentLoopChannel := newCommentLoopChannel(ctx, apprv, client)

 	select {
 	case exitCode := <-commentLoopChannel: