triage.yml

name: Triage

on:
  pull_request_target:
    types:
      - opened
      - synchronize
      - reopened
      - labeled
      - unlabeled

permissions: {}

concurrency: triage-${{ github.head_ref }}

jobs:
  review:
    runs-on: ubuntu-22.04
    if: startsWith(github.repository, 'Homebrew/')
    steps:
      - name: Review pull request
        if: >
          (github.event_name == 'pull_request' || github.event_name == 'pull_request_target') &&
            github.event.pull_request.state != 'closed'
        uses: actions/github-script@v7
        with:
          github-token: ${{ secrets.HOMEBREW_BREW_TRIAGE_PULL_REQUESTS_TOKEN }}
          script: |
            async function approvePullRequest(pullRequestNumber) {
              const reviews = await approvalsByAuthenticatedUser(pullRequestNumber)

              if (reviews.length > 0) {
                return
              }

              await github.rest.pulls.createReview({
                ...context.repo,
                pull_number: pullRequestNumber,
                event: 'APPROVE',
              })
            }

            async function approvalsByAuthenticatedUser(pullRequestNumber) {
              const { data: user } = await github.rest.users.getAuthenticated()

              const { data: reviews } = await github.rest.pulls.listReviews({
                ...context.repo,
                pull_number: pullRequestNumber,
              })

              const approvals = reviews.filter(review => review.state == 'APPROVED')
              return approvals.filter(review => review.user.login == user.login)
            }

            async function reviewPullRequest(pullRequestNumber) {
              const { data: pullRequest } = await github.rest.pulls.get({
                owner: context.repo.owner,
                repo: context.repo.repo,
                pull_number: pullRequestNumber,
              })

              const { data: user } = await github.rest.users.getAuthenticated()
              if (pullRequest.user.login == user.login) {
                core.warning('Pull request author is a bot.')
                return
              }

              if (pullRequest.author_association != 'MEMBER') {
                core.warning('Pull request author is not a member.')
                return
              }

              const criticalLabel = 'critical'
              const labels = pullRequest.labels.map(label => label.name)
              const hasCriticalLabel = labels.includes(criticalLabel)

              if (hasCriticalLabel) {
                const message = `Review granted due to \`${criticalLabel}\` label.`
                core.info(message)
                await approvePullRequest(pullRequestNumber)
              }
            }

            await reviewPullRequest(context.issue.number)