Checks if the required codeowners have approved a PR and requires a minimum number of approvals
token
secrets.GITHUB_TOKEN
.read_org_scoped_token
read:org
scope for the organization org_name
.org_name
min_approvals
pr_number
branch
require_all_approvals_latest_commit
true
limit_org_teams_to_codeowners_file
false
CODEOWNERS
file. This overrides the default behavior of checking all teams in the organization org_name
. Consider enabling for environments with a large number of teams to reduce execution time.approval_mode
ALL
approved
true
if all required approvals are met, false
otherwise/.github/CODEOWNERS
or /CODEOWNERS
example CODEOWNERS
:
.github/** @YourOrg/some_team_name
some_dir/** @YourOrg/some_other_team_name
read:org
scope enabled for your organization, and add it as a secret to your organization, repo, or environment.Create a workflow that uses the action: example workflow:
name: PR Approval Workflow
on:
pull_request:
branches:
- main
pull_request_review:
types: [submitted]
jobs:
check-approvals:
runs-on: ubuntu-latest
permissions:
id-token: write
contents: read
pull-requests: read
steps:
- name: Check for required approvals
id: check-approvals
uses: skymoore/required-approvals@main
with:
token: ${{ secrets.GITHUB_TOKEN }}
read_org_scoped_token: ${{ secrets.READ_ORG_SCOPED_TOKEN }}
org_name: yourorg
min_approvals: 1
- name: Run action if all required approvals are met
if: ${{ steps.check-approvals.outputs.approved == 'true' }}
run: |
echo "All required approvals are met. Running the action."