|
6 | 6 |
|
7 | 7 | jobs: |
8 | 8 | check-permissions: |
9 | | - uses: patternfly/.github/.github/workflows/check-team-membership.yml@main |
10 | | - secrets: inherit |
| 9 | + runs-on: ubuntu-latest |
| 10 | + if: >- |
| 11 | + github.event_name == 'pull_request_target' || |
| 12 | + (github.event_name == 'issue_comment' && |
| 13 | + github.event.issue.pull_request && |
| 14 | + contains(github.event.comment.body, '/deploy-preview')) |
| 15 | + outputs: |
| 16 | + allowed: ${{ steps.check-team.outputs.allowed }} |
| 17 | + pr-number: ${{ steps.pr-info.outputs.number }} |
| 18 | + steps: |
| 19 | + - name: Get PR info |
| 20 | + id: pr-info |
| 21 | + env: |
| 22 | + EVENT_NAME: ${{ github.event_name }} |
| 23 | + PR_NUMBER: ${{ github.event.pull_request.number }} |
| 24 | + PR_ACTOR: ${{ github.event.pull_request.user.login }} |
| 25 | + COMMENT_NUMBER: ${{ github.event.issue.number }} |
| 26 | + COMMENT_ACTOR: ${{ github.event.comment.user.login }} |
| 27 | + run: | |
| 28 | + if [[ "$EVENT_NAME" == "pull_request_target" ]]; then |
| 29 | + echo "number=$PR_NUMBER" >> $GITHUB_OUTPUT |
| 30 | + echo "actor=$PR_ACTOR" >> $GITHUB_OUTPUT |
| 31 | + else |
| 32 | + echo "number=$COMMENT_NUMBER" >> $GITHUB_OUTPUT |
| 33 | + echo "actor=$COMMENT_ACTOR" >> $GITHUB_OUTPUT |
| 34 | + fi |
| 35 | +
|
| 36 | + - name: Check team membership |
| 37 | + id: check-team |
| 38 | + env: |
| 39 | + GH_READ_ORG_TOKEN: ${{ secrets.GH_READ_ORG_TOKEN }} |
| 40 | + ACTOR: ${{ steps.pr-info.outputs.actor }} |
| 41 | + ORG: patternfly |
| 42 | + TEAM: frequent-flyers |
| 43 | + run: | |
| 44 | + RESPONSE=$(curl -s -o /dev/null -w "%{http_code}" \ |
| 45 | + -H "Authorization: token $GH_READ_ORG_TOKEN" \ |
| 46 | + -H "Accept: application/vnd.github.v3+json" \ |
| 47 | + "https://api.github.com/orgs/$ORG/teams/$TEAM/members/$ACTOR") |
| 48 | + if [[ "$RESPONSE" == "204" ]]; then |
| 49 | + echo "allowed=true" >> $GITHUB_OUTPUT |
| 50 | + echo "$ACTOR is a member of $TEAM" |
| 51 | + else |
| 52 | + echo "allowed=false" >> $GITHUB_OUTPUT |
| 53 | + echo "$ACTOR is not a member of $TEAM" |
| 54 | + fi |
11 | 55 |
|
12 | 56 | deploy-preview: |
13 | 57 | runs-on: ubuntu-latest |
|
0 commit comments