Merge pull request #177 from yih-redhat/change-action

update github action
fedora-iot · Nov 20, 2024 · cbc8b59 · cbc8b59
2 parents a1dfcf3 + 854a054
commit cbc8b59
Showing 1 changed file with 17 additions and 1 deletion.
diff --git a/.github/workflows/greenboot-ci.yaml b/.github/workflows/greenboot-ci.yaml
@@ -2,7 +2,7 @@
 name: Greenboot Test
 
 on:
-  pull_request:
+  pull_request_target:
     types: [opened, synchronize, reopened]
 
 jobs:
@@ -11,6 +11,21 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
+      - name: Query author repository permissions
+        uses: octokit/[email protected]
+        id: user_permission
+        with:
+          route: GET /repos/${{ github.repository }}/collaborators/${{ github.event.sender.login }}/permission
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Check if user does have correct permissions
+        if: contains('admin write', fromJson(steps.user_permission.outputs.data).permission)
+        id: check_user_perm
+        run: |
+          echo "User '${{ github.event.sender.login }}' has permission '${{ fromJson(steps.user_permission.outputs.data).permission }}' allowed values: 'admin', 'write'"
+          echo "allowed_user=true" >> $GITHUB_OUTPUT
+
       - name: Get information for pull request
         uses: octokit/[email protected]
         id: pr-api
@@ -20,6 +35,7 @@ jobs:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Run the tests
+        if: ${{ fromJson(steps.check_user_perm.outputs.data).allowed_user == 'true' }}
         uses: sclorg/[email protected]
         with:
           compose: Fedora-41