From 59ca10033498f6b6eba12adfaf77d8b548407b15 Mon Sep 17 00:00:00 2001 From: Saad Najmi Date: Wed, 4 Mar 2026 12:10:51 -0800 Subject: [PATCH 1/2] ci: bot accepts the CLA --- .github/workflows/cla-auto-accept.yml | 63 +++++++++++++++++++++++++++ 1 file changed, 63 insertions(+) create mode 100644 .github/workflows/cla-auto-accept.yml diff --git a/.github/workflows/cla-auto-accept.yml b/.github/workflows/cla-auto-accept.yml new file mode 100644 index 0000000000..27307b7150 --- /dev/null +++ b/.github/workflows/cla-auto-accept.yml @@ -0,0 +1,63 @@ +name: Auto-accept CLA for bot PRs + +on: + issue_comment: + types: [created] + +jobs: + cla-accept: + name: Accept CLA + runs-on: ubuntu-latest + if: | + github.repository == 'microsoft/fluentui-react-native' && + github.event.issue.pull_request != null && + contains(github.event.comment.user.login, 'microsoft-github-policy-service') + + steps: + - name: Generate token + uses: actions/create-github-app-token@v2 + id: app-token + with: + app-id: ${{ vars.APP_ID }} + private-key: ${{ secrets.GH_APP_PRIVATE_KEY }} + permission-pull-requests: read + permission-issues: write + + - name: Accept CLA if bot-authored PR + uses: actions/github-script@v7 + with: + github-token: ${{ steps.app-token.outputs.token }} + script: | + const pr = await github.rest.pulls.get({ + owner: context.repo.owner, + repo: context.repo.repo, + pull_number: context.issue.number, + }); + + if (!pr.data.user.login.endsWith('[bot]')) { + console.log(`PR author ${pr.data.user.login} is not a bot — skipping`); + return; + } + + const { data: comments } = await github.rest.issues.listComments({ + owner: context.repo.owner, + repo: context.repo.repo, + issue_number: context.issue.number, + }); + + const alreadyAgreed = comments.some(c => + c.body.includes('@microsoft-github-policy-service agree') + ); + + if (alreadyAgreed) { + console.log('CLA already accepted — skipping'); + return; + } + + await github.rest.issues.createComment({ + owner: context.repo.owner, + repo: context.repo.repo, + issue_number: context.issue.number, + body: '@microsoft-github-policy-service agree company="Microsoft"', + }); + console.log('CLA accepted'); From 6d8ff3c3b5b43361c41b26736f1efe93667870e3 Mon Sep 17 00:00:00 2001 From: Saad Najmi Date: Wed, 4 Mar 2026 12:17:48 -0800 Subject: [PATCH 2/2] stricter --- .github/workflows/cla-auto-accept.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/cla-auto-accept.yml b/.github/workflows/cla-auto-accept.yml index 27307b7150..b5d32d507f 100644 --- a/.github/workflows/cla-auto-accept.yml +++ b/.github/workflows/cla-auto-accept.yml @@ -15,7 +15,7 @@ jobs: steps: - name: Generate token - uses: actions/create-github-app-token@v2 + uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1 id: app-token with: app-id: ${{ vars.APP_ID }} @@ -24,7 +24,7 @@ jobs: permission-issues: write - name: Accept CLA if bot-authored PR - uses: actions/github-script@v7 + uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8 with: github-token: ${{ steps.app-token.outputs.token }} script: | @@ -34,8 +34,8 @@ jobs: pull_number: context.issue.number, }); - if (!pr.data.user.login.endsWith('[bot]')) { - console.log(`PR author ${pr.data.user.login} is not a bot — skipping`); + if (pr.data.user.login !== 'microsoft-react-native-sdk[bot]') { + console.log(`PR author ${pr.data.user.login} is not the release bot — skipping`); return; }