MINOR Remove triage label in nightly job (#18147)

For PRs that have been reviewed (by anyone, not just a committer), remove the "triage" label. This job runs once per night.

Reviewers: Justine Olshan <jolshan@confluent.io>, Chia-Ping Tsai <chia7712@gmail.com>

.github/workflows/README.md

@@ -67,13 +67,11 @@ Unlike trunk, the PR builds _will_ utilize the Gradle cache.
 ### PR Triage
 
 In order to get the attention of committers, we have a triage workflow for Pull Requests
-opened by non-committers. This workflow consists of three files:
+opened by non-committers. This workflow consists of two files:
 
-* [pr-update.yml](pr-update.yml) When a PR is created add the `triage` label if the PR
+* [pr-update.yml](pr-update.yml) When a PR is created, add the `triage` label if the PR
   was opened by a non-committer.
-* [pr-reviewed-trigger.yml](pr-reviewed-trigger.yml) Runs when any PR is reviewed. 
-  Used as a trigger for the next workflow
-* [pr-reviewed.yml](pr-reviewed.yml) Remove the `triage` label after a PR has been reviewed
+* [pr-reviewed.yml](pr-reviewed.yml) Cron job to remove the `triage` label from PRs which have been reviewed
 
 _The pr-update.yml workflow includes pull_request_target!_
 
@@ -100,7 +98,7 @@ There are two files related to this workflow:
 
 * [pr-labeled.yml](pr-labeled.yml) approves a pending approval for PRs that have
 been labeled with `ci-approved`
-* [ci-requested.yml](ci-requested.yml) approves future CI requests automatically
+* [ci-requested.yml](ci-requested.yml) approves future workflow requests automatically
 if the PR has the `ci-approved` label
 
 _The pr-labeled.yml workflow includes pull_request_target!_

.github/workflows/pr-reviewed-trigger.yml

@@ -1,42 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one or more
-# contributor license agreements.  See the NOTICE file distributed with
-# this work for additional information regarding copyright ownership.
-# The ASF licenses this file to You under the Apache License, Version 2.0
-# (the "License"); you may not use this file except in compliance with
-# the License.  You may obtain a copy of the License at
-#
-#    http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-name: Pull Request Reviewed
-
-on:
-  pull_request_review:
-    types:
-      - submitted
-
-jobs:
-  # This job is a workaround for the fact that pull_request_review lacks necessary permissions to modify PRs.
-  # Also, there is no pull_request_target analog to pull_request_review. The approach taken here is taken from
-  # https://securitylab.github.com/resources/github-actions-preventing-pwn-requests/.
-  pr-review-trigger:
-    name: Reviewed
-    runs-on: ubuntu-latest
-    steps:
-      - name: Env
-        run: printenv
-        env:
-          GITHUB_CONTEXT: ${{ toJson(github) }}
-      - name: Capture PR Number
-        run:
-          echo ${{ github.event.pull_request.number }} >> pr-number.txt
-      - name: Archive Event
-        uses: actions/upload-artifact@v4
-        with:
-          name: pr-number.txt
-          path: pr-number.txt

.github/workflows/pr-reviewed.yml

@@ -16,39 +16,48 @@
 name: Remove Triage Label
 
 on:
-  workflow_run:
-    workflows: [Pull Request Reviewed]
-    types:
-      - completed
+  workflow_dispatch:      # Let us run manually
+
+  schedule:
+    - cron: '0 3 * * *'    # Run at 3:00 UTC nightly -- just before the "stale.yml" workflow
 
 jobs:
-  # This job runs with elevated permissions and the ability to modify pull requests. The steps taken here
-  # should be limited to updating labels and adding comments to PRs. This approach is taken from
-  # https://securitylab.github.com/resources/github-actions-preventing-pwn-requests/.
   remove-triage:
-    if: ${{ github.event.workflow_run.conclusion == 'success' }}
     runs-on: ubuntu-latest
     steps:
       - name: Env
         run: printenv
         env:
           GITHUB_CONTEXT: ${{ toJson(github) }}
-      - uses: actions/download-artifact@v4
-        with:
-          github-token: ${{ github.token }}
-          run-id: ${{ github.event.workflow_run.id }}
-          name: pr-number.txt
       - name: Remove label
         uses: actions/github-script@v7
         continue-on-error: true
         with:
           github-token: ${{ secrets.GITHUB_TOKEN }}
           script: |
-            var fs = require('fs');
-            var pr_number = Number(fs.readFileSync('./pr-number.txt'));
-            await github.rest.issues.removeLabel({
-              owner: context.repo.owner,
-              repo: context.repo.repo,
-              issue_number: pr_number,
-              name: 'triage'
+            github.paginate("GET /search/issues{?q}", {
+              q: "repo:apache/kafka label:triage is:pull-request"
+            })
+            .then((pulls) => {
+              pulls.forEach(pull => {
+                github.request("GET /repos/{owner}/{repo}/pulls/{pull_number}/reviews", {
+                  owner: "apache",
+                  repo: "kafka",
+                  pull_number: pull.number,
+                  headers: {
+                    "X-GitHub-Api-Version": "2022-11-28"
+                  }
+                }).then((resp) => {
+                  console.log("Found " + resp.data.length + " reviews for PR " + pull.number);
+                  if (resp.data.length > 0) {
+                    console.log("Removing 'triage' label from PR " + pull.number + " : " + pull.title);
+                    github.rest.issues.removeLabel({
+                      owner: "apache",
+                      repo: "kafka",
+                      issue_number: pull.number,
+                      name: "triage"
+                    });
+                  }
+                });
+              });
             });