feat(work-flow-review): Add a new work flow for reviews

Author: bp-cos

.github/workflows/review.yml

@@ -0,0 +1,51 @@
+# .github/workflows/require-approval.yml
+name: Require at least one approval
+
+on:
+  pull_request:
+    types: [opened, reopened, ready_for_review, synchronize]
+  pull_request_review:
+    types: [submitted, edited, dismissed]
+
+jobs:
+  check-approval:
+    runs-on: ubuntu-latest
+    permissions:
+      pull-requests: read
+      contents: read
+    steps:
+      - name: Ensure ≥1 approving review exists
+        uses: actions/github-script@v7
+        with:
+          script: |
+            const {owner, repo} = context.repo;
+
+            // Determine PR number for both pull_request and pull_request_review events
+            let number;
+            if (context.payload.pull_request?.number) {
+              number = context.payload.pull_request.number;
+            } else if (context.payload.review?.pull_request_url) {
+              number = Number(context.payload.review.pull_request_url.split('/').pop());
+            } else {
+              core.setFailed('Cannot determine PR number from event payload.');
+              return;
+            }
+
+            // Retrieve all reviews
+            const reviews = await github.paginate(
+              github.rest.pulls.listReviews,
+              { owner, repo, pull_number: number }
+            );
+
+            // Keep only each user's latest review
+            const latestByUser = new Map();
+            for (const r of reviews) latestByUser.set(r.user.id, r.state);
+
+            // Count approvals
+            const approvals = [...latestByUser.values()].filter(s => s === 'APPROVED').length;
+
+            if (approvals < 1) {
+              core.setFailed(`PR #${number} requires at least one approving review before merging.`);
+            } else {
+              core.info(`Approvals found: ${approvals}. Check passed.`);
+            }