- Notifications
You must be signed in to change notification settings - Fork925
chore: modify preview deployment script to work with forks#13404
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.
Already on GitHub?Sign in to your account
Uh oh!
There was an error while loading.Please reload this page.
Changes fromall commits
File filter
Filter by extension
Conversations
Uh oh!
There was an error while loading.Please reload this page.
Jump to
Uh oh!
There was an error while loading.Please reload this page.
Diff view
Diff view
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -34,6 +34,17 @@ permissions: | ||
| pull-requests: write # needed for commenting on PRs | ||
| jobs: | ||
| check_membership: | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Check if actor is a member | ||
| run: | | ||
| set -euo pipefail | ||
| response=$(curl -s -o /dev/null -w "%{http_code}" -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" "https://api.github.com/orgs/coder/members/${{ github.actor }}") | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others.Learn more. Are you sure this works in each case? For example,https://api.github.com/orgs/coder/members/matifali returns {"message":"User does not exist or is not a public member of the organization","documentation_url":"https://docs.github.com/rest/orgs/members#check-public-organization-membership-for-a-user"}There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others.Learn more. It seems like it works for private members: $ curl -s -H"Authorization: token$(gh auth token)""https://api.github.com/orgs/coder/members/matifali" -v ...< HTTP/2 204 ... There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others.Learn more. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others.Learn more. Yes, all works great. I was testing without the token and always getting a 302. Thank you for adding the check. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others.Learn more. It would be nice to test by deploying the current PR. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others.Learn more. I tried that in#13280 (where I originally had this fix) but GH didn't seem to use the new workflow. Is there a timeout maybe? I'll give it a try though. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others.Learn more. Damn, I tried to execute this but I got: $ ./scripts/deploy-pr.sh -d -b -y branchName: dk/fix-previewprNumber: 13404experiments: build:truedeploy:truecould not create workflow dispatch event: HTTP 422: No ref found for: dk/fix-preview (https://api.github.com/repos/coder/coder/actions/workflows/60960476/dispatches) I think the branch has to be in the main repo. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others.Learn more. Oh, looks like I must've pushed Member There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others.Learn more. I am noticing the same issue. It's deploying the previous branch I was working on. | ||
| if [[ "$response" == "404" ]]; then | ||
| echo "Error: Only members of the coder organization can trigger this workflow." | ||
| exit 1 | ||
| fi | ||
| check_pr: | ||
| runs-on: ubuntu-latest | ||
| outputs: | ||
| @@ -47,8 +58,8 @@ jobs: | ||
| run: | | ||
| set -euo pipefail | ||
| pr_open=true | ||
| if [[ "$(gh prlist --repo=coder/coder -H $(git rev-parse --abbrev-ref HEAD) --json state --jq '.[].state')" != "OPEN" ]]; then | ||
| >&2echo "PR doesn't exist or is closed." | ||
| pr_open=false | ||
| fi | ||
| echo "pr_open=$pr_open" >> $GITHUB_OUTPUT | ||
Uh oh!
There was an error while loading.Please reload this page.