Merge pull request #40 from patternfly-extension-testing/inline-team-check

nicolethoen · web-flow · commit 5f506da1571c · 2026-04-01T11:39:45.000-04:00
update check
diff --git a/.github/workflows/pr-preview.yml b/.github/workflows/pr-preview.yml
@@ -14,43 +14,31 @@ jobs:
         contains(github.event.comment.body, '/deploy-preview'))
     outputs:
       allowed: ${{ steps.check-team.outputs.allowed }}
-      pr-number: ${{ steps.pr-info.outputs.number }}
+      pr-number: ${{ steps.check-team.outputs.number }}
     steps:
-      - name: Get PR info
-        id: pr-info
+      - name: Get PR info and check permissions
+        id: check-team
         env:
           EVENT_NAME: ${{ github.event_name }}
           PR_NUMBER: ${{ github.event.pull_request.number }}
-          PR_ACTOR: ${{ github.event.pull_request.user.login }}
+          PR_ASSOCIATION: ${{ github.event.pull_request.author_association }}
           COMMENT_NUMBER: ${{ github.event.issue.number }}
-          COMMENT_ACTOR: ${{ github.event.comment.user.login }}
+          COMMENT_ASSOCIATION: ${{ github.event.comment.author_association }}
         run: |
           if [[ "$EVENT_NAME" == "pull_request_target" ]]; then
             echo "number=$PR_NUMBER" >> $GITHUB_OUTPUT
-            echo "actor=$PR_ACTOR" >> $GITHUB_OUTPUT
+            ASSOCIATION="$PR_ASSOCIATION"
           else
             echo "number=$COMMENT_NUMBER" >> $GITHUB_OUTPUT
-            echo "actor=$COMMENT_ACTOR" >> $GITHUB_OUTPUT
+            ASSOCIATION="$COMMENT_ASSOCIATION"
           fi
 
-      - name: Check team membership
-        id: check-team
-        env:
-          GH_READ_ORG_TOKEN: ${{ secrets.GH_READ_ORG_TOKEN }}
-          ACTOR: ${{ steps.pr-info.outputs.actor }}
-          ORG: patternfly
-          TEAM: frequent-flyers
-        run: |
-          RESPONSE=$(curl -s -o /dev/null -w "%{http_code}" \
-            -H "Authorization: token $GH_READ_ORG_TOKEN" \
-            -H "Accept: application/vnd.github.v3+json" \
-            "https://api.github.com/orgs/$ORG/teams/$TEAM/members/$ACTOR")
-          if [[ "$RESPONSE" == "204" ]]; then
+          if [[ "$ASSOCIATION" == "OWNER" || "$ASSOCIATION" == "MEMBER" || "$ASSOCIATION" == "COLLABORATOR" ]]; then
             echo "allowed=true" >> $GITHUB_OUTPUT
-            echo "$ACTOR is a member of $TEAM"
+            echo "User is a repo $ASSOCIATION — allowed"
           else
             echo "allowed=false" >> $GITHUB_OUTPUT
-            echo "$ACTOR is not a member of $TEAM"
+            echo "User association is $ASSOCIATION — not allowed"
           fi
 
   deploy-preview:
