[build][CI] Introduce automated PR governance workflows

yuxiqian · web-flow · commit 11deb62637fe · 2024-07-16T18:53:08.000+08:00
This closes #3466
diff --git a/.github/actions/get-workflow-origin b/.github/actions/get-workflow-origin
@@ -0,0 +1 @@
+Subproject commit 1b5a8a677b9ac6b10ffe7c275ebb0f9c8cff62bb
diff --git a/.github/actions/label-when-approved-action b/.github/actions/label-when-approved-action
@@ -0,0 +1 @@
+Subproject commit 0058d0094da27e116fad6e0da516ebe1107f26de
diff --git a/.github/workflows/approve_label.yml b/.github/workflows/approve_label.yml
@@ -0,0 +1,64 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+name: "Label when approved workflow run"
+on:
+  workflow_run:
+    workflows: [Label-when-reviewed]
+    types: [requested]
+permissions:
+  # All other permissions are set to none
+  checks: write
+  contents: read
+  pull-requests: write
+jobs:
+  label-when-approved:
+    name: "Label when approved"
+    runs-on: ubuntu-latest
+    outputs:
+      isApprovedByCommiters: ${{ steps.label-when-approved-by-commiters.outputs.isApproved }}
+      isApprovedByAnyone: ${{ steps.label-when-approved-by-anyone.outputs.isApproved }}
+    steps:
+      - name: "Checkout ${{ github.ref }} ( ${{ github.sha }} )"
+        uses: actions/checkout@v2
+        with:
+          persist-credentials: false
+          submodules: recursive
+      - name: "Get information about the original trigger of the run"
+        uses: ./.github/actions/get-workflow-origin
+        id: source-run-info
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
+          sourceRunId: ${{ github.event.workflow_run.id }}
+      - name: Label when approved by commiters
+        uses: ./.github/actions/label-when-approved-action
+        id: label-when-approved-by-commiters
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
+          label: 'approved'
+          require_committers_approval: 'true'
+          remove_label_when_approval_missing: 'true'
+          pullRequestNumber: ${{ steps.source-run-info.outputs.pullRequestNumber }}
+      - name: Label when approved by anyone
+        uses: ./.github/actions/label-when-approved-action
+        id: label-when-approved-by-anyone
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
+          label: 'reviewed'
+          pullRequestNumber: ${{ steps.source-run-info.outputs.pullRequestNumber }}
+          remove_label_when_approval_missing: 'true'
diff --git a/.github/workflows/approve_label_trigger.yml b/.github/workflows/approve_label_trigger.yml
@@ -0,0 +1,28 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+name: Label-when-reviewed
+on: pull_request_review
+jobs:
+
+  label-when-reviewed:
+    name: "Label PRs when reviewed"
+    runs-on: ubuntu-latest
+    steps:
+      - name: "Do nothing. Only trigger corresponding workflow_run event"
+        run: echo
diff --git a/.github/workflows/close_stale.yml b/.github/workflows/close_stale.yml
@@ -0,0 +1,56 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements.  See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License.  You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+# https://github.com/actions/stale
+name: 'Close stale issues and PRs'
+on:
+  schedule:
+    - cron: '0 0 * * *'
+permissions:
+  # Stale recommended permissions
+  pull-requests: write
+  issues: write
+jobs:
+  stale:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/stale@v9
+        with:
+          operations-per-run: 1000
+          # Stale Issues
+          days-before-issue-stale: 0
+          days-before-issue-close: 0
+          stale-issue-message: >
+            As required by Apache Flink, please report bugs or new features on Apache Jira
+            under the project Flink using component tag Flink CDC. You must have a JIRA account in order to log cases and issues.
+            If you don’t have an ASF JIRA account, you can request one at the ASF Self-serve portal,
+            account creation requires review by the PMC member of the application project, which normally takes one to two working days to be approved.
+          close-issue-message: >
+            This issue has been closed because Flink CDC doesn't use GitHub issue trackers.
+          # Stale PRs
+          days-before-pr-stale: 60
+          days-before-pr-close: 30
+          stale-pr-message: >
+            This pull request has been automatically marked as stale because it has not had recent
+            activity for 60 days. It will be closed in 30 days if no further activity occurs.
+          close-pr-message: >
+            This pull request has been closed because it has not had recent activity. You could reopen it
+            if you try to continue your work, and anyone who are interested in it are encouraged to continue
+            work on this pull request.
+          close-pr-label: stale
+          remove-pr-stale-when-updated: true
+          remove-issue-stale-when-updated: true
+          labels-to-add-when-unstale: 'waiting for review'
diff --git a/.gitmodules b/.gitmodules
@@ -1,3 +1,9 @@
 [submodule "docs/themes/book"]
 	path = docs/themes/book
 	url = https://github.com/alex-shpak/hugo-book
+[submodule ".github/actions/get-workflow-origin"]
+	path = .github/actions/get-workflow-origin
+	url = https://github.com/potiuk/get-workflow-origin
+[submodule ".github/actions/label-when-approved-action"]
+	path = .github/actions/label-when-approved-action
+	url = https://github.com/TobKed/label-when-approved-action
