From a427f34ecfbd5a7370074f8a12db03b9511e6323 Mon Sep 17 00:00:00 2001
From: nicolethoen <nthoen@redhat.com>
Date: Wed, 25 Mar 2026 11:23:15 -0400
Subject: [PATCH] chore: inline team check

---
 .github/workflows/pr-preview.yml | 48 ++++++++++++++++++++++++++++++--
 1 file changed, 46 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/pr-preview.yml b/.github/workflows/pr-preview.yml
index 31a6a86..e90aa48 100644
--- a/.github/workflows/pr-preview.yml
+++ b/.github/workflows/pr-preview.yml
@@ -6,8 +6,52 @@ on:
 
 jobs:
   check-permissions:
-    uses: patternfly/.github/.github/workflows/check-team-membership.yml@main
-    secrets: inherit
+    runs-on: ubuntu-latest
+    if: >-
+      github.event_name == 'pull_request_target' ||
+      (github.event_name == 'issue_comment' &&
+        github.event.issue.pull_request &&
+        contains(github.event.comment.body, '/deploy-preview'))
+    outputs:
+      allowed: ${{ steps.check-team.outputs.allowed }}
+      pr-number: ${{ steps.pr-info.outputs.number }}
+    steps:
+      - name: Get PR info
+        id: pr-info
+        env:
+          EVENT_NAME: ${{ github.event_name }}
+          PR_NUMBER: ${{ github.event.pull_request.number }}
+          PR_ACTOR: ${{ github.event.pull_request.user.login }}
+          COMMENT_NUMBER: ${{ github.event.issue.number }}
+          COMMENT_ACTOR: ${{ github.event.comment.user.login }}
+        run: |
+          if [[ "$EVENT_NAME" == "pull_request_target" ]]; then
+            echo "number=$PR_NUMBER" >> $GITHUB_OUTPUT
+            echo "actor=$PR_ACTOR" >> $GITHUB_OUTPUT
+          else
+            echo "number=$COMMENT_NUMBER" >> $GITHUB_OUTPUT
+            echo "actor=$COMMENT_ACTOR" >> $GITHUB_OUTPUT
+          fi
+
+      - name: Check team membership
+        id: check-team
+        env:
+          GH_READ_ORG_TOKEN: ${{ secrets.GH_READ_ORG_TOKEN }}
+          ACTOR: ${{ steps.pr-info.outputs.actor }}
+          ORG: patternfly
+          TEAM: frequent-flyers
+        run: |
+          RESPONSE=$(curl -s -o /dev/null -w "%{http_code}" \
+            -H "Authorization: token $GH_READ_ORG_TOKEN" \
+            -H "Accept: application/vnd.github.v3+json" \
+            "https://api.github.com/orgs/$ORG/teams/$TEAM/members/$ACTOR")
+          if [[ "$RESPONSE" == "204" ]]; then
+            echo "allowed=true" >> $GITHUB_OUTPUT
+            echo "$ACTOR is a member of $TEAM"
+          else
+            echo "allowed=false" >> $GITHUB_OUTPUT
+            echo "$ACTOR is not a member of $TEAM"
+          fi
 
   deploy-preview:
     runs-on: ubuntu-latest