-
Notifications
You must be signed in to change notification settings - Fork 373
58 lines (51 loc) · 1.94 KB
/
Copy pathcpflow-help-command.yml
File metadata and controls
58 lines (51 loc) · 1.94 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
name: Review App Help Command
on:
issue_comment:
types: [created]
workflow_dispatch:
inputs:
pr_number:
description: Pull request number to post help on
required: true
type: number
permissions:
contents: read
issues: write
pull-requests: write
jobs:
help:
# Comment-triggered runs are gated on author_association so only repo
# owners/members/collaborators can invoke them. workflow_dispatch is
# intentionally not gated here: GitHub already restricts manual dispatches
# to users with `actions: write` (write access to the repo), which is a
# stricter bar than COLLABORATOR.
if: |
(github.event_name == 'issue_comment' &&
github.event.issue.pull_request &&
contains(fromJson('["+review-app-help","+review-app-help\n","+review-app-help\r\n"]'), github.event.comment.body) &&
contains(fromJson('["OWNER","MEMBER","COLLABORATOR"]'), github.event.comment.author_association)) ||
github.event_name == 'workflow_dispatch'
runs-on: ubuntu-latest
timeout-minutes: 5
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
# Help only reads `.github/cpflow-help.md`; no git push happens, so drop the
# GITHUB_TOKEN credential helper to keep the token out of .git/config.
persist-credentials: false
- name: Post help message
uses: actions/github-script@v7
with:
script: |
const fs = require("fs");
const helpText = fs.readFileSync(".github/cpflow-help.md", "utf8");
const prNumber = context.eventName === "workflow_dispatch"
? Number(context.payload.inputs.pr_number)
: context.issue.number;
await github.rest.issues.createComment({
owner: context.repo.owner,
repo: context.repo.repo,
issue_number: prNumber,
body: helpText
});