flowchart LR
subgraph PULL REQUEST
classDef default color:#383838,fill:#FFF7F1,stroke-width:1px
classDef external color:#383838,fill:#E6EEF8,stroke-width:1px
classDef normal color:#081457,fill:#E3E6FC,stroke-width:1px
classDef local fill:#FFC700,stroke:#333,stroke-width:1px
classDef remote fill:#D2BDF2,stroke:#201434,stroke-width:1px
classDef notouch fill:#F99697,stroke:#A4050E,stroke-width:1px
md-outputs[("md-outputs")]:::local
PR[\"pull request"\]:::remote
pr-preflight.yaml:::normal
pr-recieve.yaml(["pr-recieve.yaml"]):::normal
pr-comment.yaml:::normal
pr-close-signal.yaml:::normal
pr-post-remove-branch.yaml:::normal
md-outputs-PR[("md-outputs-PR#")]:::notouch
end
PR --> pr-preflight.yaml
pr-preflight.yaml -.->|"comments on"| PR
pr-preflight.yaml ~~~ pr-recieve.yaml
PR -->|"on maintainer approval"| pr-recieve.yaml
pr-recieve.yaml -.-|"uses"| md-outputs
pr-recieve.yaml -.->|"triggers"| pr-comment.yaml
pr-comment.yaml -.->|"creates"| md-outputs-PR
pr-comment.yaml -.->|"comments on"| PR
PR -.->|"on close"| pr-close-signal.yaml
pr-close-signal.yaml -.->|"triggers"| pr-post-remove-branch.yaml
pr-post-remove-branch.yaml -.->|"deletes"| md-outputs-PR
17 Pull Request Responders
One feature of The Workbench is the pull request workflows that run automatically for each and every pull request. These checks will do the following:
- Confirm that the pull request is not invalid or spoofing another pull request or doing something potentially malicious.
- Check the lesson for any invalid markdown elements
- Rebuild the markdown outputs (not the site) in a safe environment and deploy it to an orphan branch that will allow the lesson maintainer to audit the changes brought in by the pull request (this is important for R Markdown lessons).
When the checks have finished, GitHub will add a comment to the pull request that informs the maintainer about what has changed.
17.1 Motivation
Much of the motivation for the pull request audits can be found in the Auditing Pull Requests episode in The Workbench documentation.
flowchart TB
classDef default color:#383838,fill:#FFF7F1,stroke-width:1px
classDef external color:#383838,fill:#E6EEF8,stroke-width:1px
classDef normal color:#081457,fill:#E3E6FC,stroke-width:1px
classDef local fill:#FFC700,stroke:#333,stroke-width:1px
classDef remote fill:#D2BDF2,stroke:#201434,stroke-width:1px
classDef notouch fill:#F99697,stroke:#A4050E,stroke-width:1px
pr["Pull Request"]:::remote
receive["Receive Pull Request"]:::remote
validate["Check Valid PR"]:::local
branch["Create md-outputs-{PR}"]:::local
comment["Comment on Pull Request"]:::local
review["Maintainer Review"]:::remote
accept["Accepted"]:::normal
reject["Rejected"]:::notouch
deploy["Deploy"]:::local
destroy["Destroy md-outputs-{PR}"]:::local
pr --> receive;
receive --> validate;
validate -.->|"valid"| branch;
validate -.->|"invalid"| comment;
branch --> comment
comment --> review
review --> reject
review --> accept
accept --> deploy
deploy ~~~ destroy
accept --> destroy
reject --> destroy