Update the changelog script to include author in the oneliner

[tsandall]

We like to recognize people for contributing to OPA by including a mention of them in the CHANGELOG. Today is this is somewhat ad-hoc and requires manual edits to the generated CHANGELOG updates. It would be better if the changelog script (build/changelog.py) was smart enough to figure out the GitHub name of the person.

[Syn3rman]

Hey @tsandall,

I'd like to give this a shot, so can I try this if this is still open?

This would aim at adding the author to the changelog so that it looks something like <fix> <fixed by> <author> right?

Also, I tried running the script but I'm getting the error

Traceback (most recent call last):
  File "changelog.py", line 88, in <module>
    main()
  File "changelog.py", line 65, in main
    args = parse_args()
  File "changelog.py", line 57, in parse_args
    default=get_latest_tag(), help="start of changes")
  File "changelog.py", line 49, in get_latest_tag
    return run(cmd).split('-')[0]
TypeError: a bytes-like object is required, not 'str'

while running the script, the fix for which would be to use return subprocess.check_output(shlex.split(cmd), *args, **kwargs).decode('utf-8') instead, so does this need to be done or am I getting something wrong?

Update:
I changed the script so that the changelog messages are in the format:

- ast, topdown: Index comprehensions to avoid unnecessary work ([#2276](https://github.com/open-policy-agent/opa/issues/2276)) authored by Torin Sandall

And if we want the GitHub id of the user, one way would be to use the GitHub search API using:

res = requests.get(url, params=body)
user = res.json()["items"][0].get("login","")

[patrick-east]

Thanks for looking into this one @Syn3rman !! Looks like you're already making some good progress on it 👍

I do think that we would probably want to try and lookup their GitHub id, ideally once we have the commit SHA ID we should be able to lookup the metadata about it via https://developer.github.com/v3/repos/commits/#get-a-single-commit the snippet using requests is probably pretty close to what we'd want to use.

[tsandall]

Getting the login name from the API that @patrick-east showed would be ideal because they contributors will get tagged and anyone looking at the release notes will be able to easily navigate to their profile.

If the script could exclude OPA maintainers that would be best. I'm not sure the best way to achieve that. If it's possible to lookup the organizations that a GitHub user is apart of that would help. I think my own organization memberships are public.

[patrick-east]

May not be too hard to just check against https://github.com/open-policy-agent/opa/blob/master/MAINTAINERS.md too

[Syn3rman]

Thanks for the reply @tsandall @patrick-east!

I do think that we would probably want to try and lookup their GitHub id, ideally once we have the commit SHA ID we should be able to lookup the metadata about it via https://developer.github.com/v3/repos/commits/#get-a-single-commit the snippet using requests is probably pretty close to what we'd want to use.

That seemed to work for me till I ran into a 403 error, since it looks like you can only make 60 requests while you are not authenticated.

If the script could exclude OPA maintainers that would be best. I'm not sure the best way to achieve that. If it's possible to lookup the organizations that a GitHub user is apart of that would help. I think my own organization memberships are public.

I thought of first checking if the author is a maintainer or not by using the regex pattern [^\s]+@[^\s]+ to extract the email for all the emails from MAINTAINERS.md and making the request only if they aren't, which would also reduce the number of API calls required.

I have implemented this, so I'll open a pr so that you can have a look at it and suggest changes.