Commit6ea26df

committed

ci(.github/workflows/traiage.yaml): check instead for push access to repo

1 parent2b44855 commit6ea26dfCopy full SHA for 6ea26df

File tree

-7

lines changed

-7

lines changed

Lines changed: 6 additions & 7 deletions

Original file line number	Diff line number	Diff line change
`@@ -110,20 +110,19 @@ jobs:`
`110`	`110`	`exit 1`
`111`	`111`	`fi`
`112`	`112`
`113`		`- -name:Verifyorganization membership`
	`113`	`+ -name:Verifypush access`
`114`	`114`	`env:`
`115`		`-GITHUB_ORG:${{ github.repository_owner }}`
	`115`	`+GITHUB_REPOSITORY:${{ github.repository }}`
`116`	`116`	`GH_TOKEN:${{ github.token }}`
`117`	`117`	`GITHUB_USERNAME:${{ steps.determine-inputs.outputs.github_username }}`
`118`	`118`	`GITHUB_USER_ID:${{ steps.determine-inputs.outputs.github_user_id }}`
`119`	`119`	`run:\|`
`120`		`- #Check ifthe actor is a member of the organization`
`121`		`-if !gh api "orgs/${GITHUB_ORG}/members/${GITHUB_USERNAME}" --silent 2>/dev/null; then`
`122`		`- echo "::error title=Access Denied::User ${GITHUB_USERNAME} is not a member of the ${GITHUB_ORG} organization"`
`123`		`- echo "::error::You must be a member of the ${GITHUB_ORG} GitHub organization to run this workflow."`
	`120`	`+ #Querythe actor’s permission on this repo`
	`121`	`+can_push="$(gh api "/repos/${GITHUB_REPOSITORY}/collaborators/${GITHUB_USERNAME}/permission" --jq '.user.permission.push')"`
	`122`	`+if [[ "${can_push}" != "true" ]]; then`
	`123`	`+ echo "::error title=Access Denied::${GITHUB_USERNAME} does not have push access to ${GITHUB_REPOSITORY}"`
`124`	`124`	`exit 1`
`125`	`125`	`fi`
`126`		`- echo "::notice::User ${GITHUB_USERNAME} verified as member of ${GITHUB_ORG} organization"`
`127`	`126`
`128`	`127`	`-name:Extract context key from issue`
`129`	`128`	`id:extract-context`

Comments

(0)