From f7564fab28c7e48d869727ee50ae11e8bbefafdb Mon Sep 17 00:00:00 2001 From: simon Date: Wed, 8 Apr 2026 15:10:59 +0200 Subject: [PATCH 1/3] Remove redundant @simonfaltum from /cmd/bundle/ OWNERS rule Simon is already covered by the * catch-all rule. Listing him explicitly on /cmd/bundle/ is redundant. This PR also serves to verify the maintainer-approval and suggest-reviewers workflows added in #4912. --- .github/OWNERS | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/OWNERS b/.github/OWNERS index 72d835acd4..fe64467b98 100644 --- a/.github/OWNERS +++ b/.github/OWNERS @@ -1,5 +1,5 @@ * @andrewnester @anton-107 @denik @pietern @shreyas-goenka @simonfaltum -/cmd/bundle/ @andrewnester @anton-107 @denik @pietern @shreyas-goenka @simonfaltum @lennartkats-db +/cmd/bundle/ @andrewnester @anton-107 @denik @pietern @shreyas-goenka @lennartkats-db /libs/template/ @andrewnester @anton-107 @denik @pietern @shreyas-goenka @simonfaltum @lennartkats-db /acceptance/pipelines/ @jefferycheng1 @kanterov @lennartkats-db /cmd/pipelines/ @jefferycheng1 @kanterov @lennartkats-db From 08a0ec4cf3e3c534fe27ebeab4e3d1eb15f9b6a3 Mon Sep 17 00:00:00 2001 From: simon Date: Wed, 8 Apr 2026 15:25:19 +0200 Subject: [PATCH 2/3] Fix maintainer-approval to use custom runner group The databricks org has an IP allow-list that blocks GitHub public runners from making API calls. Use the same custom runner group as the other workflows in this repo. --- .github/workflows/maintainer-approval.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/maintainer-approval.yml b/.github/workflows/maintainer-approval.yml index 5ddec5a165..32fca64cd3 100644 --- a/.github/workflows/maintainer-approval.yml +++ b/.github/workflows/maintainer-approval.yml @@ -11,7 +11,9 @@ defaults: jobs: check: - runs-on: ubuntu-latest + runs-on: + group: databricks-deco-testing-runner-group + labels: ubuntu-latest-deco timeout-minutes: 5 permissions: pull-requests: read From 9a9704e54541cfbc7c8a74d68ec2e96b95a61679 Mon Sep 17 00:00:00 2001 From: simon Date: Wed, 8 Apr 2026 16:01:21 +0200 Subject: [PATCH 3/3] Rename getCoreTeam to getMaintainers, fix error messages The error message said 'core team member' which is an internal concept. Use 'maintainer' instead, matching the workflow name and the OWNERS file terminology. --- .github/scripts/owners.js | 6 ++--- .github/workflows/maintainer-approval.js | 34 ++++++++++++------------ 2 files changed, 20 insertions(+), 20 deletions(-) diff --git a/.github/scripts/owners.js b/.github/scripts/owners.js index d8bd70a347..55bb6b269f 100644 --- a/.github/scripts/owners.js +++ b/.github/scripts/owners.js @@ -57,12 +57,12 @@ function findOwners(filepath, rules) { } /** - * Get core team from the * catch-all rule. + * Get maintainers from the * catch-all rule. * @returns {string[]} logins */ -function getCoreTeam(rules) { +function getMaintainers(rules) { const catchAll = rules.find((r) => r.pattern === "*"); return catchAll ? catchAll.owners : []; } -module.exports = { parseOwnersFile, ownersMatch, findOwners, getCoreTeam }; +module.exports = { parseOwnersFile, ownersMatch, findOwners, getMaintainers }; diff --git a/.github/workflows/maintainer-approval.js b/.github/workflows/maintainer-approval.js index 52c62bf631..d9b4f6b82a 100644 --- a/.github/workflows/maintainer-approval.js +++ b/.github/workflows/maintainer-approval.js @@ -2,19 +2,19 @@ const path = require("path"); const { parseOwnersFile, findOwners, - getCoreTeam, + getMaintainers, } = require("../scripts/owners"); // Check if the PR author is exempted. -// If ALL changed files are owned by non-core-team owners that include the -// author, the PR can merge with any approval (not necessarily core team). -function isExempted(authorLogin, files, rules, coreTeam) { +// If ALL changed files are owned by non-maintainer owners that include the +// author, the PR can merge with any approval (not necessarily a maintainer). +function isExempted(authorLogin, files, rules, maintainers) { if (files.length === 0) return false; - const coreSet = new Set(coreTeam); + const maintainerSet = new Set(maintainers); for (const { filename } of files) { const owners = findOwners(filename, rules); - const nonCoreOwners = owners.filter((o) => !coreSet.has(o)); - if (nonCoreOwners.length === 0 || !nonCoreOwners.includes(authorLogin)) { + const nonMaintainers = owners.filter((o) => !maintainerSet.has(o)); + if (nonMaintainers.length === 0 || !nonMaintainers.includes(authorLogin)) { return false; } } @@ -28,11 +28,11 @@ module.exports = async ({ github, context, core }) => { "OWNERS" ); const rules = parseOwnersFile(ownersPath); - const coreTeam = getCoreTeam(rules); + const maintainers = getMaintainers(rules); - if (coreTeam.length === 0) { + if (maintainers.length === 0) { core.setFailed( - "Could not determine core team from .github/OWNERS (no * rule found)." + "Could not determine maintainers from .github/OWNERS (no * rule found)." ); return; } @@ -43,17 +43,17 @@ module.exports = async ({ github, context, core }) => { pull_number: context.issue.number, }); - const coreTeamApproved = reviews.some( + const maintainerApproved = reviews.some( ({ state, user }) => - state === "APPROVED" && user && coreTeam.includes(user.login) + state === "APPROVED" && user && maintainers.includes(user.login) ); - if (coreTeamApproved) { + if (maintainerApproved) { const approver = reviews.find( ({ state, user }) => - state === "APPROVED" && user && coreTeam.includes(user.login) + state === "APPROVED" && user && maintainers.includes(user.login) ); - core.info(`Core team approval from @${approver.user.login}`); + core.info(`Maintainer approval from @${approver.user.login}`); return; } @@ -67,7 +67,7 @@ module.exports = async ({ github, context, core }) => { pull_number: context.issue.number, }); - if (authorLogin && isExempted(authorLogin, files, rules, coreTeam)) { + if (authorLogin && isExempted(authorLogin, files, rules, maintainers)) { const hasAnyApproval = reviews.some(({ state }) => state === "APPROVED"); if (!hasAnyApproval) { core.setFailed( @@ -78,6 +78,6 @@ module.exports = async ({ github, context, core }) => { } core.setFailed( - `Requires approval from a core team member: ${coreTeam.join(", ")}.` + `Requires approval from a maintainer: ${maintainers.join(", ")}.` ); };