From 686b2aa6843ddc8bdc6b3a02f866e6675127ee34 Mon Sep 17 00:00:00 2001
From: Samantha <hello@entropy.cat>
Date: Wed, 2 Aug 2023 13:41:33 -0400
Subject: [PATCH] CI: Add GitHub workflow for detecting configuration changes
 (#7024)

(https://github.com/beautifulentropy/boulder/pull/33 to see it in
action)

Fixes #7021
---
 .github/workflows/issue-for-config.yml | 51 ++++++++++++++++++++++++++
 1 file changed, 51 insertions(+)
 create mode 100644 .github/workflows/issue-for-config.yml

diff --git a/.github/workflows/issue-for-config.yml b/.github/workflows/issue-for-config.yml
new file mode 100644
index 000000000..bde8145ee
--- /dev/null
+++ b/.github/workflows/issue-for-config.yml
@@ -0,0 +1,51 @@
+name: Check PR for configuration changes
+
+on:
+  pull_request:
+    types: [opened, synchronize, reopened]
+    paths:
+    - 'features/featureflag_string.go'
+    - 'test/config-next/*.json'
+    - 'test/config-next/*.yaml'
+    - 'test/config-next/*.yml'
+
+jobs:
+  check-changes:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Comment PR
+        uses: actions/github-script@v6
+        with:
+          script: |
+            const commentMarker = '<!-- deployment_ticket_check -->';
+            const prAuthor = context.payload.pull_request.user.login;
+            const commentBody = `${commentMarker}\n@${prAuthor}, this PR appears to contain configuration changes. Please ensure that a corresponding deployment ticket has been filed with the new configuration values.\n`;
+            const { owner, repo, number: issue_number } = context.issue;
+            const issueRegexp = /IN-\d+/;
+
+            // Get PR body and all issue comments.
+            const prBody = context.payload.pull_request.body;
+            const comments = await github.rest.issues.listComments({
+              owner,
+              repo,
+              issue_number
+            });
+
+            if (issueRegexp.test(prBody) || comments.data.some(c => issueRegexp.test(c.body))) {
+                // Issue number exists in PR body or comments.
+                return;
+              }
+
+            if (comments.data.find(c => c.body.includes(commentMarker))) {
+              // Comment already exists.
+              return;
+            }
+
+            // No issue number or comment were found, post the comment.
+            await github.rest.issues.createComment({
+              owner,
+              repo,
+              issue_number,
+              body: commentBody
+            });
+          github-token: ${{ secrets.GITHUB_TOKEN }}