From 1603645c76ce37552af952ef8734fd902463ba18 Mon Sep 17 00:00:00 2001 From: Misha Sugakov <537715+msugakov@users.noreply.github.com> Date: Wed, 3 Dec 2025 10:58:48 +0100 Subject: [PATCH 1/2] ROX-31146: Reduce spam of Konflux PRs, releasers can approve (#17968) --- .github/CODEOWNERS | 14 ++++++------ .github/workflows/tag-more-reviewers.yaml | 26 +++++++++++++++++++++++ 2 files changed, 34 insertions(+), 6 deletions(-) create mode 100644 .github/workflows/tag-more-reviewers.yaml diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index c0b6b7ad2c3e1..0d7722abe4513 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -79,9 +79,11 @@ operator/**/* @stackrox/install /sensor/kubernetes/listener/resources/secrets* @stackrox/scanner /SCANNER_VERSION @stackrox/scanner -# The RHTAP maintainers for ACS review all changes related to the Konflux (f.k.a. RHTAP) pipelines, such as new -# pipelines, parameter changes or automated task updates as well as Dockerfile updates. -**/konflux.*Dockerfile @stackrox/rhtap-maintainers -/.konflux/ @stackrox/rhtap-maintainers -/.tekton/ @stackrox/rhtap-maintainers -rpms.* @stackrox/rhtap-maintainers +# Konflux maintainers for ACS review all changes related to the Konflux pipelines, Dockerfiles, etc. +# Release engineers need to merge MintMaker PRs at the time of the release. +# rhacs-bot needs an ability to auto-approve MintMaker PRs for automated task and security updates. +**/konflux.*Dockerfile @stackrox/konflux-maintainers-no-email @stackrox/release-mgmt-no-email @rhacs-bot +/.tekton/ @stackrox/konflux-maintainers-no-email @stackrox/release-mgmt-no-email @rhacs-bot +rpms.* @stackrox/konflux-maintainers-no-email @stackrox/release-mgmt-no-email @rhacs-bot +/.konflux/ @stackrox/konflux-maintainers +.github/renovate.json5 @stackrox/konflux-maintainers diff --git a/.github/workflows/tag-more-reviewers.yaml b/.github/workflows/tag-more-reviewers.yaml new file mode 100644 index 0000000000000..f6ce74aac7c50 --- /dev/null +++ b/.github/workflows/tag-more-reviewers.yaml @@ -0,0 +1,26 @@ +name: Tag more reviewers + +on: + pull_request: + types: + - review_requested + +jobs: + tag-konflux-maintainers: + # We have lots of PR traffic from MintMaker (acting as `red-hat-konflux[bot]`), and so it's unsustainable to go + # through these emails every day. Therefore, the notifications are disabled for `konflux-maintainers-no-email` + # team that's set as owner in CODEOWNERS for the Konflux stuff. + # At the same time, we want to be notified when humans, not the bot, request reviews (which happens automatically + # again through CODEOWNERS) for the Konflux-related files. This job invites `konflux-maintainers` team for review + # for such cases. + if: | + github.event.requested_team.name == 'konflux-maintainers-no-email' && + github.event.pull_request.user.login != 'red-hat-konflux[bot]' + env: + GH_TOKEN: ${{ secrets.RHACS_BOT_GITHUB_TOKEN }} + runs-on: ubuntu-latest + steps: + - name: Tag Konflux Maintainers for review + run: | + gh pr --repo "${{ github.repository }}" edit "${{ github.event.pull_request.number }}" \ + --add-reviewer stackrox/konflux-maintainers From 4b9fa41b2e7f1633b62ddedd5f14dfc29df0f3d9 Mon Sep 17 00:00:00 2001 From: Misha Sugakov Date: Wed, 3 Dec 2025 12:48:44 +0100 Subject: [PATCH 2/2] Remove IBM NPGuard colleagues from codeowners --- .github/CODEOWNERS | 5 ----- 1 file changed, 5 deletions(-) diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 0d7722abe4513..734c6e0821989 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -39,11 +39,6 @@ sensor/**/* @stackrox/sensor-ecosystem tests/performance/**/* @stackrox/sensor-ecosystem tests/roxctl/**/* @stackrox/sensor-ecosystem -# Listing all users as "Outside collaborators cannot be added to a team" -bats-tests/local/roxctl-netpol-* @zivnevo @adisos @shireenf-ibm -roxctl/netpol/**/* @zivnevo @adisos @shireenf-ibm -tests/roxctl/bats-tests/test-data/np-guard/ @zivnevo @adisos @shireenf-ibm - qa-tests-backend/**/* @janisz /ui/**/* @stackrox/ui