diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 2a56cb1..3d68208 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -86,16 +86,29 @@ jobs: - name: Notify final reviewer team env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + ORG_PAT: ${{ secrets.ORG_PAT }} # PAT with repo + read:org for team review request + run: | PR_NUMBER=${{ github.event.pull_request.number }} REVIEWER=${{ github.event.review.user.login }} TEAM_HANDLE="@${{ github.repository_owner }}/ai4sdlc-approval" - COMMENT="$TEAM_HANDLE PR #$PR_NUMBER has been approved by @$REVIEWER and is ready for final review." + COMMENT="$TEAM_HANDLE PR #$PR_NUMBER has a new review comment from @$REVIEWER and is ready for final review." + curl -X POST \ -H "Authorization: token $GITHUB_TOKEN" \ -H "Accept: application/vnd.github+json" \ + -H "Content-Type: application/json" \ -d "{\"body\": \"$COMMENT\"}" \ https://api.github.com/repos/${{ github.repository }}/issues/$PR_NUMBER/comments + + # 2) Request review from the approval team + curl -X POST \ + -H "Authorization: token $ORG_PAT" \ + -H "Accept: application/vnd.github+json" \ + -H "Content-Type: application/json" \ + -d "{\"team_reviewers\":[\"ai4sdlc-approval\"]}" \ + https://api.github.com/repos/${{ github.repository }}/pulls/$PR_NUMBER/requested_reviewers -v + # Build stage - converting md file to html using MkDocs convert_md_to_html: @@ -153,7 +166,7 @@ jobs: # aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} # aws-region: us-east-1 # change if needed - name: configure aws credentials - uses: aws-actions/configure-aws-credentials@v1.7.0 + uses: aws-actions/configure-aws-credentials@v2 with: role-to-assume: arn:aws:iam::677043464939:role/GitHubAction-AssumeRoleWithAction role-session-name: GitHub_to_AWS_via_FederatedOIDC