Add context param to check-team-membership.js and update calls (#8277)

praytoo · web-flow · commit d11a9955d683 · 2025-08-26T21:28:31.000-07:00
* Refactor check-team-membership.js to use context.repo.org and update calls * Refactor check-team-membership.js to use context.repo.org and fix parameters * Delete github-actions/utils/check-team-membership.j * Update verify-pr.js to fix PR #8277 logic * Update issue-trigger workflow for PR #8277 * Fix check-team-membership.js for PR #8277 * Fix check-team-membership.js for PR #8277 * Fix check-team-membership.js for PR #8277
diff --git a/.github/workflows/issue-trigger.yml b/.github/workflows/issue-trigger.yml
@@ -20,7 +20,7 @@ jobs:
           const username = '${{ github.actor }}'
           const team = 'website-write'
           const script = require('./github-actions/utils/check-team-membership.js')
-          return script(github, username, team)
+          return script(github, context, username, team)
           
     # If user is team member: checks if the issue has required labels
     - if: ${{ steps.check-team-membership.outputs.result == 'true' }}
diff --git a/github-actions/trigger-pr-target/verify-pr.js b/github-actions/trigger-pr-target/verify-pr.js
@@ -9,7 +9,7 @@ async function main({github,context}) {
     const prNumber = context.payload.number;
     const repo = context.payload.pull_request.base.repo.name;
     const owner = context.payload.pull_request.base.repo.owner.login;
-    const isMember = await isMemberOfTeam(github, prAuthor, 'website-write');
+    const isMember = await isMemberOfTeam(github, context, prAuthor, 'website-write');
     if (isMember || prAuthor =='dependabot[bot]') {    
         console.log('Successfully verified!');
     }
diff --git a/github-actions/utils/check-team-membership.js b/github-actions/utils/check-team-membership.js
@@ -1,34 +1,35 @@
-/** 
-* @param {octokit} github - Octokit object used to access GitHub API 
-* @param {String} githubUsername - The GitHub username of the user whose membership is to be checked.
-* @param {String} team - The HFLA team the username's membership is checked against. Example: 'website-write'
-
-- Returns true or false depending on whether the username is found on the passed team, 404 means the user passed wasn't 
-found on the team passed. Any other type of error will be thrown.
-- Need read:org permission to use this function, the least permissive token which contains this is the TEAMS token.
-Lack of permission will result in a 403 error.
-- The method of obtaining the GitHub username will vary depending on the contents of the context object. See GitHub action 
-docs on printing context information into the log.
-*/
-
-async function isMemberOfTeam(github, githubUsername, team) {
-    try {
-        await github.rest.teams.getMembershipForUserInOrg({
-            org: 'hackforla',
-            team_slug: team,
-            username: githubUsername
-        });
-        console.log(`User '${githubUsername}' is member of team '${team}'`);
-        return true;
-    } catch (verificationError) {
-        if (verificationError.status == 404) {
-            console.log(`User '${githubUsername}' is not a team member`);
-            return false;
-        }
-        else {
-            throw verificationError;
-        }
+/**
+ * @param {octokit} github - Octokit object used to access GitHub API
+ * @param {Object} context - context object from actions/github-script
+ * @param {String} githubUsername - The GitHub username of the user whose membership is to be checked.
+ * @param {String} team - The HFLA team the username's membership is checked against. Example: 'website-write'
+ *
+ * Returns true or false depending on whether the username is found on the passed team, 404 means the user passed
+ * wasn't found on the team passed. Any other type of error will be thrown.
+ *
+ * Need read:org permission to use this function. Lack of permission will result in a 403 error.
+ *
+ * The method of obtaining the GitHub username will vary depending on the contents of the context object. See GitHub
+ * action docs on printing context information into the log.
+ */
+async function isMemberOfTeam(github, context, githubUsername, team) {
+  try {
+    await github.rest.teams.getMembershipForUserInOrg({
+      org: context.repo.owner,
+      team_slug: team,
+      username: githubUsername
+    });
+    console.log(`User '${githubUsername}' is member of team '${team}'`);
+    return true;
+  } catch (verificationError) {
+    if (verificationError.status === 404) {
+      console.log(`User '${githubUsername}' is not a team member`);
+      return false;
+    } else {
+      throw verificationError;
     }
+  }
 }
 
 module.exports = isMemberOfTeam;
+

Original file line number	Diff line number	Diff line change
`@@ -9,7 +9,7 @@ async function main({github,context}) {`
`9`	`9`	`const prNumber = context.payload.number;`
`10`	`10`	`const repo = context.payload.pull_request.base.repo.name;`
`11`	`11`	`const owner = context.payload.pull_request.base.repo.owner.login;`
`12`		`- const isMember = await isMemberOfTeam(github, prAuthor, 'website-write');`
	`12`	`+ const isMember = await isMemberOfTeam(github, context, prAuthor, 'website-write');`
`13`	`13`	`if (isMember \|\| prAuthor =='dependabot[bot]') {`
`14`	`14`	`console.log('Successfully verified!');`
`15`	`15`	`}`