introduce validation workflow for PR project assignment#3334
introduce validation workflow for PR project assignment#3334ranshid wants to merge 1 commit intovalkey-io:unstablefrom
Conversation
Signed-off-by: Ran Shidlansik <[email protected]>
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## unstable #3334 +/- ##
============================================
+ Coverage 75.05% 75.06% +0.01%
============================================
Files 129 129
Lines 71553 71632 +79
============================================
+ Hits 53705 53774 +69
- Misses 17848 17858 +10 🚀 New features to boost your workflow:
|
There was a problem hiding this comment.
Pull request overview
Adds a GitHub Actions workflow to enforce that pull requests targeting the unstable branch in valkey-io/valkey are assigned to at least one GitHub Project before merging, improving PR tracking.
Changes:
- Introduces a new
pull_request_targetworkflow scoped to PRs targetingunstable. - Uses
gh api graphqlto query the PR’s associated Project items and fails the check if none are found.
You can also share your feedback on Copilot code review. Take the survey.
| - unstable | ||
|
|
||
| permissions: | ||
| pull-requests: read |
There was a problem hiding this comment.
permissions: is restricted to pull-requests: read, which sets all other token permissions to none. The GraphQL field pullRequest.projectItems requires Projects access, so this workflow is likely to fail with authorization errors. Add projects: read (and, if you also need classic projects support, repository-projects: read) to the workflow permissions.
| pull-requests: read | |
| pull-requests: read | |
| projects: read | |
| repository-projects: read |
| run: | | ||
| PROJECT_COUNT=$(gh api graphql -f query=' | ||
| query($owner: String!, $repo: String!, $pr: Int!) { | ||
| repository(owner: $owner, name: $repo) { | ||
| pullRequest(number: $pr) { | ||
| projectItems(first: 1) { | ||
| totalCount | ||
| } | ||
| } | ||
| } | ||
| }' -f owner="$REPO_OWNER" -f repo="$REPO_NAME" -F pr="$PR_NUMBER" \ | ||
| --jq '.data.repository.pullRequest.projectItems.totalCount') | ||
|
|
||
| if [ "$PROJECT_COUNT" -eq 0 ]; then | ||
| echo "::error::This PR has no assigned project. Please add it to a project before merging." |
There was a problem hiding this comment.
The script doesn’t run in a strict shell mode and doesn’t handle gh api failures explicitly. If the API call fails (auth/network/GraphQL error), PROJECT_COUNT may be empty and the numeric comparison will error with a confusing message. Consider enabling strict mode (e.g., set -euo pipefail) and failing with a clear ::error::... when the API call doesn’t return a number.
| on: | ||
| pull_request_target: | ||
| types: [opened, edited, reopened, synchronize] | ||
| branches: | ||
| - unstable |
There was a problem hiding this comment.
This workflow won’t automatically rerun when a PR is added to/removed from a GitHub Project (that change doesn’t emit a pull_request(_target) event type). That means a PR can remain in a failing “required check” state until someone manually re-runs the workflow or pushes a new commit. Consider adding a workflow_dispatch trigger (or documenting the required re-run) to reduce friction.
Add CI check for project assignment on PRs
This adds a GitHub Actions workflow that verifies every PR targeting unstable has at least one GitHub Project assigned before it can be merged.
this is to ensure PRs are properly tracked in a project before merging, improving visibility and project management.
What it does