diff --git a/.github/workflows/add-pr-to-devops.yml b/.github/workflows/add-pr-to-devops.yml new file mode 100644 index 0000000..8862f1d --- /dev/null +++ b/.github/workflows/add-pr-to-devops.yml @@ -0,0 +1,85 @@ +name: Add PR to DevOps Board + +on: + pull_request: + types: [opened, reopened] + branches: [main, master] + +jobs: + add_to_project: + runs-on: ubuntu-latest + if: | + github.event.pull_request.base.ref == 'main' || + github.event.pull_request.base.ref == 'master' + permissions: + contents: read + pull-requests: write + repository-projects: write + organization-projects: write + steps: + - name: Add PR to DevOps Release Board + uses: actions/github-script@v8 + with: + github-token: ${{ secrets.GITHUB_TOKEN }} + script: | + const prNodeId = context.payload.pull_request.node_id; + const prNumber = context.payload.pull_request.number; + + try { + // Get organization projects + const { data: projects } = await github.rest.projects.listForOrg({ + org: 'dhwani-ris', + state: 'open' + }); + + console.log(`Found ${projects.length} organization projects`); + + // Find the DevOps Release & QC Board project + const devopsProject = projects.find(p => + p.name.toLowerCase().includes('devops') && + (p.name.toLowerCase().includes('release') || p.name.toLowerCase().includes('qc')) + ); + + if (!devopsProject) { + console.log('DevOps Release & QC Board project not found'); + console.log('Available projects:', projects.map(p => p.name).join(', ')); + return; + } + + console.log(`Found project: ${devopsProject.name} (ID: ${devopsProject.id})`); + + // Get project columns + const { data: columns } = await github.rest.projects.listColumns({ + project_id: devopsProject.id + }); + + if (columns.length === 0) { + console.log('No columns found in project'); + return; + } + + console.log(`Found ${columns.length} columns:`, columns.map(c => c.name).join(', ')); + + // Add PR to the first column (usually "To do" or "In progress") + const firstColumn = columns[0]; + + await github.rest.projects.createCard({ + column_id: firstColumn.id, + content_id: prNodeId, + content_type: 'PullRequest' + }); + + console.log(`✅ Successfully added PR #${prNumber} to DevOps Release & QC Board`); + console.log(` Project: ${devopsProject.name}`); + console.log(` Column: ${firstColumn.name}`); + } catch (error) { + console.log('❌ Error adding PR to project:', error.message); + if (error.status === 403) { + console.log('⚠️ Permission denied. GITHUB_TOKEN may not have organization project access.'); + console.log(' Consider using a Personal Access Token (PAT) with project scope.'); + } else if (error.status === 404) { + console.log('⚠️ Project or column not found. Check project name and permissions.'); + } + throw error; + } + diff --git a/.github/workflows/auto-reviewer.yml b/.github/workflows/auto-reviewer.yml index 5ba1e01..f97e436 100644 --- a/.github/workflows/auto-reviewer.yml +++ b/.github/workflows/auto-reviewer.yml @@ -2,7 +2,8 @@ name: Auto Request Review on: pull_request: - types: [opened, synchronize, reopened, ready_for_review] + types: [opened, synchronize, reopened, ready_for_review, closed] + branches: [master] permissions: pull-requests: write @@ -13,8 +14,8 @@ jobs: name: Request Review from Default Reviewer runs-on: ubuntu-latest if: | - github.event.pull_request.base.ref == 'main' || - github.event.pull_request.base.ref == 'master' + (github.event.action == 'opened' || github.event.action == 'reopened' || github.event.action == 'synchronize' || github.event.action == 'ready_for_review') && + (github.event.pull_request.base.ref == 'main' || github.event.pull_request.base.ref == 'master') steps: - name: Request review from default reviewer diff --git a/.github/workflows/bot-handler.yml b/.github/workflows/bot-handler.yml index 8b0476a..050c0ed 100644 --- a/.github/workflows/bot-handler.yml +++ b/.github/workflows/bot-handler.yml @@ -4,7 +4,8 @@ on: issue_comment: types: [created, edited] pull_request: - types: [opened, synchronize, reopened] + types: [opened, synchronize, reopened, closed] + branches: [master] permissions: contents: write diff --git a/.github/workflows/devops-checklist.yml b/.github/workflows/devops-checklist.yml index 1bc8956..ba7ea48 100644 --- a/.github/workflows/devops-checklist.yml +++ b/.github/workflows/devops-checklist.yml @@ -137,22 +137,22 @@ jobs: const fixes = commits.filter(c => c.message.startsWith('fix')).map(c => c.message.replace(/^fix(\(.+?\))?:\s*/i, '')); const other = commits.filter(c => !c.message.startsWith('feat') && !c.message.startsWith('fix') && !c.message.startsWith('chore') && !c.message.startsWith('ci')); - // Build feature details + // Build feature details (without numbering - will be added in formatFeatureDetails) let featureDetails = []; if (features.length > 0) { - featureDetails.push(...features.map(f => `1) ${f}`)); + featureDetails.push(...features); } if (fixes.length > 0) { - featureDetails.push(...fixes.map(f => `2) ${f}`)); + featureDetails.push(...fixes); } if (other.length > 0) { - featureDetails.push(...other.slice(0, 5).map((o, i) => `${i + 3}) ${o.message}`)); + featureDetails.push(...other.slice(0, 5).map(o => o.message)); } const today = new Date().toISOString().split('T')[0]; const releaseDate = today.split('-').reverse().join('-'); // Format: DD-MM-YYYY - // Format feature details better + // Format feature details with sequential numbering const formatFeatureDetails = (details) => { if (details.length === 0) return 'See commits above'; return details.map((f, i) => `${i + 1}) ${f}`).join('
'); @@ -181,87 +181,6 @@ jobs: |-------|-----------------|----------------|-----------------| | 1. | \`${context.repo.repo}\` | \`${pr.base.ref}-release-${version}\` | ${formatFeatureDetails(featureDetails)} | - **Dependencies:** - - Dependencies updated: \`TBD\` *(Please review and update)* - \`\`\` - - \`\`\` - - **Database Changes (Queries to run):** - - Database changes required: \`TBD\` *(Please review and update)* - \`\`\` - - \`\`\` - - **Testing:** - - [ ] Unit tests passed - - [ ] Integration tests passed - - [ ] E2E tests passed - - [ ] Manual testing completed - \`\`\` - - \`\`\` - - **Known Issues:** - - Known issues: \`TBD\` *(Please review and update)* - \`\`\` - - \`\`\` - - **Contact Information:** - - Support Team Email: \`\`\`\`\`\` - - Support Team Phone: \`\`\`\`\`\` - - **Attachments:** - - Deployment files attached/committed: \`TBD\` *(Please review and update)* - \`\`\` - - \`\`\` - - --- - - ### For DevOps Team Use Only - *(To be filled by the DevOps team after deploying the release)* - - **Deployment Details:** - - Date and time of deployment: \`\`\`\`\`\` - - Deployed by: \`\`\`\`\`\` - - Deployment Status: \`\`\`\`\`\` - - **Deployment Instructions:** - - [ ] Pre-deployment tasks completed (backups, etc.) - - [ ] Production environment accessed securely - - [ ] Latest release pulled from version control - - [ ] Dependencies installed/updated - - [ ] Database migrations run (if applicable) - - [ ] Application services restarted - - [ ] Deployment monitored and verified - - **Rollback Plan:** - - [ ] Rollback procedure documented - - [ ] Previous version tag identified: \`\`\`\`\`\` - - [ ] Database rollback scripts prepared (if applicable) - - [ ] Rollback tested in staging environment - - **Post-Deployment Checklist:** - - [ ] Service availability and response times verified - - [ ] System resources monitored - - [ ] Critical user scenarios tested - - [ ] Data integrity confirmed - - [ ] Error logs reviewed - - [ ] Security scans completed - - [ ] Server and infrastructure health checked - - [ ] Backup and disaster recovery procedures validated - - **Notes:** - \`\`\` - - \`\`\` - - **Acknowledgment:** - - [ ] Deployment acknowledged and system ready for production use - - --- **Note:** This deployment document was **automatically generated** from PR commits and information. Please review and update the TBD sections before merging.`; // Check if comment already exists @@ -320,35 +239,6 @@ jobs: github-token: ${{ secrets.GITHUB_TOKEN }} script: | const pr = context.payload.pull_request; - const checklist = `## 🔧 DevOps Checklist - Workflow Review - - **Please review all workflows and checks before merging:** - - ### Workflow Status Review - - [ ] All CI/CD workflows are passing - - [ ] Quality Checks workflow passed - - [ ] Security Scan workflow passed - - [ ] Code quality checks passed - - [ ] Test coverage meets requirements - - ### Review Status - - [ ] All required reviewers have approved - - [ ] Code review completed - - [ ] Security review completed (if applicable) - - ### Pre-Merge Verification - - [ ] Deployment Notes document reviewed (see Deployment Notes comment above) - - [ ] All commits reviewed - - [ ] Breaking changes identified (if any) - - [ ] Version number verified (if applicable) - - ### Final Checks - - [ ] No blocking issues or errors - - [ ] Ready for production deployment - - [ ] Rollback plan understood (if high-risk) - - --- - **Note:** This checklist is for DevOps team to verify all workflows and checks before merging.`; // Check if comment already exists const comments = await github.rest.issues.listComments({ @@ -363,22 +253,44 @@ jobs: ); if (existingComment) { - // Update existing comment - await github.rest.issues.updateComment({ - owner: context.repo.owner, - repo: context.repo.repo, - comment_id: existingComment.id, - body: checklist - }); - console.log('Updated existing DevOps Checklist comment'); - } else { - // Create new comment - await github.rest.issues.createComment({ - owner: context.repo.owner, - repo: context.repo.repo, - issue_number: pr.number, - body: checklist - }); - console.log('Created new DevOps Checklist comment'); + // Check if already submitted (check both visible marker and hidden marker) + if (existingComment.body.includes('✅ **CHECKLIST SUBMITTED**') || + existingComment.body.includes('CHECKLIST_SUBMITTED_LOCK')) { + console.log('Checklist already submitted and locked, cannot update'); + return; + } + // Don't update existing comment to preserve checkbox states + console.log('DevOps Checklist comment already exists, preserving user checkboxes'); + return; } + + // Only create new comment if it doesn't exist + const checklist = `## 🔧 DevOps Checklist + + 👋 **DevOps Team:** Please review and check the items below. + + --- + + ### ✅ Pre-Merge Verification + - [ ] All CI/CD workflows passing (check Actions tab) + - [ ] Code quality checks passed (Semgrep, Pre-commit) + - [ ] Security scans passed (no vulnerabilities) + - [ ] No secrets or credentials exposed (manual review) + + ### 📝 Documentation + - [ ] Deployment notes reviewed (see comment above) + - [ ] 🔗 [Rollback Guidelines](https://dhwaniris1-my.sharepoint.com/:b:/g/personal/technology_dhwaniris_com/IQBZ-x3H8jIjQoliD_JEKHfSAQq2pMXdy8wFAdISg7fInTE?e=gd7dsq) reviewed + + --- + + 💡 *Click the checkboxes above to mark items as complete.*`; + + // Create new comment + await github.rest.issues.createComment({ + owner: context.repo.owner, + repo: context.repo.repo, + issue_number: pr.number, + body: checklist + }); + console.log('Created new DevOps Checklist comment');