paritytech · github-actions · Sep 29, 2023 · Sep 28, 2023 · Sep 28, 2023 · Sep 28, 2023
@@ -8,6 +8,9 @@ const tsConfParams = { rootDir: __dirname };
 const conf = getConfiguration({ typescript: tsConfParams });
 
 const tsConfOverride = getTypescriptOverride(tsConfParams);
-conf.overrides.push(tsConfOverride);
+conf.overrides.push({
+  ...tsConfOverride,
+  rules: { "@typescript-eslint/strict-boolean-expressions": 0 },
+});
 
 module.exports = conf;
@@ -15,3 +15,5 @@ jobs:
         uses: paritytech/auto-merge-bot@main
         with:
           GITHUB_TOKEN: '${{ github.token }}'
+          ALLOWLIST: "bullrich,rzadp,mordamax,mutantcornholio"
+
@@ -45,6 +45,9 @@ You can find all the inputs in [the action file](./action.yml), but let's walk t
 		- Make sure that the type of merge you selected is available in the repository merge options.
 - `SILENT`: If the bot should be silent and not comment when enabling/disabling auto-merge.
 	- **Optional**: Defaults to `false`.
+- `ALLOWLIST`: List of user accounts which are allowed to use the bot aside from the author and org members.
+	- **Optional**
+	- Must be a comma separated value: `user-1,user-2,user-3`.
 
 ## Usage
 

@@ -15,6 +15,9 @@ inputs:
   SILENT:
     required: false
     description: If true, the bot will not post a comment on the PR.
+  ALLOWLIST:
+    required: false
+    description: List of users which are allowed to use the bot. Separated by commas (abc,def,ghi)
 outputs:
   repo:
     description: 'The name of the repo in owner/repo pattern'

@@ -24,6 +24,7 @@ export class Bot {
     private readonly pr: Issue,
     private readonly logger: ActionLogger,
     private readonly commentsApi: CommentsApi,
+    private readonly allowlistedUsers: string[],
     private readonly actionUrl: string,
   ) {}
 
@@ -32,11 +33,22 @@ export class Bot {
     this.logger.debug("Evaluating if user can trigger the bot");
     const author = this.pr.user.id;
     if (this.comment.user.id === author) {
-      this.logger.debug("Author of comment is also author of PR");
+      this.logger.info("Author of comment is also author of PR");
       return true;
     }
     this.logger.debug("Author of comment is not the author of the PR");
 
+    if (this.allowlistedUsers && this.allowlistedUsers.length > 0) {
+      if (this.allowlistedUsers.indexOf(this.comment.user.login) > -1) {
+        this.logger.info("User belongs to allowlisted users");
+        return true;
+      }
+      this.logger.debug("User does not belong to list of allowlisted users");
+    }
+
+    this.logger.debug(
+      "Evaluating if author of comment is a public member of the org",
+    );
     return await this.commentsApi.userBelongsToOrg(this.comment.user.login);
   }
 
@@ -71,7 +83,7 @@ export class Bot {
     }
     this.logger.debug("User can trigger bot");
 
-    const [_, command] = this.comment.body.split(" ");
+    const [, command] = this.comment.body.split(" ");
     try {
       switch (command as Command) {
         // Simply `/merge`

@@ -14,10 +14,7 @@ export class CommentsApi {
    * @param message Message to write in the comment
    * @param overrideSilentMode If silent mode should be overriden
    */
-  async comment(
-    message: string,
-    overrideSilentMode: boolean = false,
-  ): Promise<void> {
+  async comment(message: string, overrideSilentMode = false): Promise<void> {
     this.logger.info("Commenting: " + message);
     if (!this.silentMode || overrideSilentMode) {
       await this.api.rest.issues.createComment({

@@ -8,7 +8,7 @@ import { Issue, IssueComment } from "@octokit/webhooks-types";
 import { Bot } from "./bot";
 import { CommentsApi } from "./github/comments";
 import { Merger } from "./github/merger";
-import { generateCoreLogger } from "./util";
+import { generateCoreLogger, getallowlistedUsers } from "./util";
 
 const getRepo = (ctx: Context) => {
   let repo = getInput("repo", { required: false });
@@ -60,6 +60,8 @@ logger.info(
   }`,
 );
 
+const allowlistedUsers = getallowlistedUsers();
+
 const actionUrl = `${context.serverUrl}/${repo.owner}/${repo.repo}/actions/runs/${context.runId}`;
 
 if (context.payload.comment) {
@@ -79,7 +81,14 @@ if (context.payload.comment) {
     headers: { authorization: `token ${token}` },
   }) as graphql;
   const merger = new Merger(issue.node_id, gql, logger, getMergeMethod());
-  const bot = new Bot(comment, issue, logger, commentsApi, actionUrl);
+  const bot = new Bot(
+    comment,
+    issue,
+    logger,
+    commentsApi,
+    allowlistedUsers,
+    actionUrl,
+  );
   bot
     .run(merger)
     .then(() => logger.info("Finished!"))

@@ -1,7 +1,15 @@
-import { debug, error, info, warning } from "@actions/core";
+import { debug, error, getInput, info, warning } from "@actions/core";
 
 import { ActionLogger } from "./github/types";
 
 export function generateCoreLogger(): ActionLogger {
   return { info, debug, warn: warning, error };
 }
+
+export function getallowlistedUsers(): string[] {
+  const users = getInput("ALLOWLIST", { required: false });
+  if (users) {
+    return users.split(",");
+  }
+  return [];
+}