diff --git a/.github/workflows/AutoLabelAssign.yml b/.github/workflows/AutoLabelAssign.yml index 1acf95af1d5..f977fa48123 100644 --- a/.github/workflows/AutoLabelAssign.yml +++ b/.github/workflows/AutoLabelAssign.yml @@ -1,23 +1,41 @@ -name: Auto label and assign pull requests +name: Assign and label PR permissions: pull-requests: write contents: read + actions: read -on: [pull_request_target] +on: + workflow_run: + workflows: [Background tasks] + types: + - completed jobs: + download-payload: + name: Download and extract payload artifact + uses: MicrosoftDocs/microsoft-365-docs/.github/workflows/Shared-ExtractPayload.yml@workflows-prod + with: + WorkflowId: ${{ github.event.workflow_run.id }} + OrgRepo: ${{ github.repository }} + secrets: + AccessToken: ${{ secrets.GITHUB_TOKEN }} - auto-label-assign: - uses: MicrosoftDocs/microsoft-365-docs/.github/workflows/Shared-AutoLabelAssign.yml@workflows-prod - with: - PayloadJson: ${{ toJSON(github) }} - AutoAssignUsers: 1 - AutoLabel: 1 - ExcludedUserList: '["user1", "user2"]' - ExcludedBranchList: '["branch1", "branch2"]' - secrets: - AccessToken: ${{ secrets.GITHUB_TOKEN }} + label-assign: + name: Run assign and label + needs: [download-payload] + uses: MicrosoftDocs/microsoft-365-docs/.github/workflows/Shared-AutoLabelAssign.yml@workflows-prod + with: + PayloadJson: ${{ needs.download-payload.outputs.WorkflowPayload }} + AutoAssignUsers: 1 + AutoLabel: 1 + ExcludedUserList: '["user1", "user2"]' + ExcludedBranchList: '["branch1", "branch2"]' + secrets: + AccessToken: ${{ secrets.GITHUB_TOKEN }} + + + + - - + diff --git a/.github/workflows/AutoLabelMsftContributor.yml b/.github/workflows/AutoLabelMsftContributor.yml new file mode 100644 index 00000000000..1152d6f1694 --- /dev/null +++ b/.github/workflows/AutoLabelMsftContributor.yml @@ -0,0 +1,40 @@ +name: Auto label Microsoft contributors + +permissions: + pull-requests: write + contents: read + actions: read + +on: + workflow_run: + workflows: [Background tasks] + types: + - completed + +jobs: + download-payload: + if: github.repository_visibility == 'public' + name: Download and extract payload artifact + uses: MicrosoftDocs/microsoft-365-docs/.github/workflows/Shared-ExtractPayload.yml@workflows-prod + with: + WorkflowId: ${{ github.event.workflow_run.id }} + OrgRepo: ${{ github.repository }} + secrets: + AccessToken: ${{ secrets.GITHUB_TOKEN }} + + label-msft: + name: Label Microsoft contributors + if: github.repository_visibility == 'public' + needs: [download-payload] + uses: MicrosoftDocs/microsoft-365-docs/.github/workflows/Shared-AutoLabelMsftContributor.yml@workflows-prod + with: + PayloadJson: ${{ needs.download-payload.outputs.WorkflowPayload }} + secrets: + AccessToken: ${{ secrets.GITHUB_TOKEN }} + TeamReadAccessToken: ${{ secrets.ORG_READTEAMS_TOKEN }} + + + + + + diff --git a/.github/workflows/BackgroundTasks.yml b/.github/workflows/BackgroundTasks.yml new file mode 100644 index 00000000000..df47453615e --- /dev/null +++ b/.github/workflows/BackgroundTasks.yml @@ -0,0 +1,26 @@ +name: Background tasks + +permissions: + pull-requests: write + contents: read + +on: + pull_request_target: + +jobs: + upload: + runs-on: ubuntu-latest + + steps: + - name: Save payload data + env: + PayloadJson: ${{ toJSON(github) }} + AccessToken: ${{ github.token }} + run: | + mkdir -p ./pr + echo $PayloadJson > ./pr/PayloadJson.json + sed -i -e "s/$AccessToken/XYZ/g" ./pr/PayloadJson.json + - uses: actions/upload-artifact@v4 + with: + name: PayloadJson + path: pr/ diff --git a/.github/workflows/LiveMergeCheck.yml b/.github/workflows/LiveMergeCheck.yml index 7d5af0bca48..87a81580bf6 100644 --- a/.github/workflows/LiveMergeCheck.yml +++ b/.github/workflows/LiveMergeCheck.yml @@ -1,4 +1,4 @@ -name: Check max/live-compare-merge below +name: PR can merge into branch permissions: pull-requests: write diff --git a/.github/workflows/PrFileCount.yml b/.github/workflows/PrFileCount.yml index 75e10df7f55..ca7d4f243e0 100644 --- a/.github/workflows/PrFileCount.yml +++ b/.github/workflows/PrFileCount.yml @@ -1,4 +1,4 @@ -name: Check max/pr-file-count below +name: PR file count less than limit permissions: pull-requests: write diff --git a/.github/workflows/ProtectedFiles.yml b/.github/workflows/ProtectedFiles.yml index 0ea03b68ce6..461a91db83c 100644 --- a/.github/workflows/ProtectedFiles.yml +++ b/.github/workflows/ProtectedFiles.yml @@ -1,4 +1,4 @@ -name: Check max/protected-file-check below +name: PR has no protected files permissions: pull-requests: write