From 0e6c3a181c532d0608238d7cd7d653d7635deed3 Mon Sep 17 00:00:00 2001
From: Lee Bousfield <ljbousfield@gmail.com>
Date: Tue, 9 Jul 2024 20:08:45 -0600
Subject: [PATCH] Only run "design approved" check when necessary

---
 .github/workflows/merge-checks.yml         | 11 ++----
 .github/workflows/trigger-merge-checks.yml | 46 ++++++++++++++++++++++
 2 files changed, 49 insertions(+), 8 deletions(-)
 create mode 100644 .github/workflows/trigger-merge-checks.yml

diff --git a/.github/workflows/merge-checks.yml b/.github/workflows/merge-checks.yml
index 6f291bbb226..6c7fac2cb6a 100644
--- a/.github/workflows/merge-checks.yml
+++ b/.github/workflows/merge-checks.yml
@@ -1,20 +1,15 @@
 name: Merge Checks
 
-on:
-  pull_request:
-    branches: [ master ]
-    types: [synchronize, opened, reopened, labeled, unlabeled]
+on: workflow_dispatch
 
 jobs:
   design-approved-check:
-    if: ${{ !contains(github.event.*.labels.*.name, 'design-approved') }}
     name: Design Approved Check
     runs-on: ubuntu-latest
     steps:
-      - name: Check for design-approved label
+      - name: Missing design-approved label
+        if: ${{ !contains(github.event.*.labels.*.name, 'design-approved') }}
         run: |
           echo "Pull request is missing the 'design-approved' label"
           echo "This workflow fails so that the pull request cannot be merged"
           exit 1
-
-
diff --git a/.github/workflows/trigger-merge-checks.yml b/.github/workflows/trigger-merge-checks.yml
new file mode 100644
index 00000000000..7dced04f2b7
--- /dev/null
+++ b/.github/workflows/trigger-merge-checks.yml
@@ -0,0 +1,46 @@
+name: Trigger Merge Checks
+
+on:
+  pull_request:
+    branches: [ master ]
+    types: [synchronize, opened, reopened, labeled, unlabeled]
+
+permissions:
+  actions: write
+  checks: read
+
+jobs:
+  check-design-approved:
+    name: Check Design Approved Status
+    runs-on: ubuntu-latest
+    steps:
+      - name: Run merge-checks workflow
+        if: ${{ contains(github.event.*.labels.*.name, 'design-approved') }}
+        run: |
+          curl -sSL --fail-with-body \
+            -X POST \
+            -H "Accept: application/vnd.github+json" \
+            -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \
+            -H "X-GitHub-Api-Version: 2022-11-28" \
+            "https://api.github.com/repos/$GITHUB_REPOSITORY/actions/workflows/merge-checks.yml/dispatches" \
+            -d '{"ref":"${{ github.head_ref }}"}'
+      - name: Update merge-checks workflow run
+        if: ${{ !contains(github.event.*.labels.*.name, 'design-approved') }}
+        run: |
+          set -x pipefail
+          if curl -sSL --fail-with-body \
+              -H "Accept: application/vnd.github+json" \
+              -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \
+              -H "X-GitHub-Api-Version: 2022-11-28" \
+              "https://api.github.com/repos/$GITHUB_REPOSITORY/commits/$GITHUB_SHA/check-runs" \
+            | jq -e '.check_runs | .[] | select(.name == "Design Approved Check")' >/dev/null
+          then
+            # The "design approved" check has previously run on this commit, so we need to reexecute it
+            curl -sSL --fail-with-body \
+              -X POST \
+              -H "Accept: application/vnd.github+json" \
+              -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \
+              -H "X-GitHub-Api-Version: 2022-11-28" \
+              "https://api.github.com/repos/$GITHUB_REPOSITORY/actions/workflows/merge-checks.yml/dispatches" \
+              -d '{"ref":"${{ github.head_ref }}"}'
+          fi