This bot exists to automate the development process/workflow for https://github.com/microsoft/vscode-python. It also acts as a simple demo of a GitHub bot running on Azure.
This bot is what is known as an OAuth app and is not a GitHub app. The differences come down to simplicity in authentication and how widely can the bot be deployed. Since this bot is only deployed for a single repository and the original author was intimately familiar with OAuth apps that was the route taken.
This bot also predates GitHub Actions being released. As such some things this bot does may be easier to do as an action.
Currently the bot will do the following things for you:
- Add/remove the
classifylabel based on whether any other status label is set. - When an issue is closed, remove any status-related labels, e.g.
needs PR(with the idea that if an issue is re-opened then it needs to be re-evaluated as to why the issue is still open).
You must set two environment variables for the bot to function:
GH_SECRET: secret between GitHub and your bot.GH_AUTH: Auth token for the bot to make changes in your repo.
The shared secret between GitHub and your bot is used to verify that the webhook payload actually originated from GitHub for your repository and isn't malicious. This is important as a malicious user could send fake webhook payloads to your bot and cause it to make changes on the malicious user's behalf.
The personal access token is to empower your bot to make changes to your repo on your behalf. You can use a token from your personal GitHub account or create a fake bot account. Make sure the token has the following scopes/permissions:
1.repo:public_repo (if your repo is public; adjust accordingly for your needs)
When creating the webhook you need to specify what events to send to your endpoint. This bot supports the following events:
Issues
The bot is currently written to support Azure Functions running on Python 3.7.
This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit https://cla.microsoft.com.
When you submit a pull request, a CLA-bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (e.g., label, comment). Simply follow the instructions provided by the bot. You will only need to do this once across all repos using our CLA.
This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact [email protected] with any additional questions or comments.