Skip to content

Commit c58f493

Browse files
pmalekpmalek
committed
fix: fix CI permissions
1 parent 4b78160 commit c58f493

File tree

2 files changed

+15
-1
lines changed

2 files changed

+15
-1
lines changed

.github/workflows/_permission_check.yaml

Lines changed: 13 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,11 @@ name: permission check
55

66
on:
77
workflow_call:
8+
inputs:
9+
pr_user_login:
10+
description: Pull request user login (if the causing event was a pull request).
11+
required: false
12+
type: string
813

914
jobs:
1015
check-permission:
@@ -29,7 +34,14 @@ jobs:
2934
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
3035

3136
- name: check user permission
32-
if: github.triggering_actor != 'dependabot[bot]' && github.triggering_actor != 'renovate[bot]' && steps.checkAccess.outputs.require-result == 'false'
37+
if: |
38+
!(
39+
${{ inputs.pr_user_login }} == '' ||
40+
(${{ inputs.pr_user_login }} == 'dependabot[bot]' && github.triggering_actor != 'dependabot[bot]') ||
41+
(${{ inputs.pr_user_login }} == 'renovate[bot]' && github.triggering_actor != 'renovate[bot]')
42+
)
43+
&&
44+
steps.checkAccess.outputs.require-result == 'false'
3345
run: |
3446
echo "${{ github.triggering_actor }} does not have permissions on this repo."
3547
echo "Current permission level is ${{ steps.checkAccess.outputs.user-permission }}"

.github/workflows/check.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -18,6 +18,8 @@ on:
1818

1919
jobs:
2020
check-permission:
21+
with:
22+
pr_user_login: ${{ github.event.pull_request.user.login }}
2123
uses: ./.github/workflows/_permission_check.yaml
2224
secrets: inherit
2325

0 commit comments

Comments
 (0)