From a175b06fdaa379396d6aaa51fd16b7ff97dc2e86 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Leon=20Steinh=C3=A4user?= Date: Thu, 25 Jan 2024 20:52:30 +0100 Subject: [PATCH 1/2] fix: ci workflow triggert In order to execute the action on fork, we had to change the pull_request trigger to pull_request_target --- .github/workflows/pr_size.yml | 4 +++- .github/workflows/project_automations.yml | 3 +++ 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/.github/workflows/pr_size.yml b/.github/workflows/pr_size.yml index 7924b3b..98ec4da 100644 --- a/.github/workflows/pr_size.yml +++ b/.github/workflows/pr_size.yml @@ -1,6 +1,8 @@ name: Pull Request automations -on: pull_request +on: + pull_request_target: + pull_request: jobs: size-label: diff --git a/.github/workflows/project_automations.yml b/.github/workflows/project_automations.yml index 93756f9..bf098af 100644 --- a/.github/workflows/project_automations.yml +++ b/.github/workflows/project_automations.yml @@ -4,6 +4,9 @@ on: issues: types: - opened + pull_request_target: + types: + - opened pull_request: types: - opened From abc058d892031394329a10fa9d4f5690bee117ee Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Leon=20Steinh=C3=A4user?= Date: Thu, 25 Jan 2024 20:53:25 +0100 Subject: [PATCH 2/2] chore: use github app instead of a personal access token --- .github/workflows/project_automations.yml | 27 +++++++++++++++-------- 1 file changed, 18 insertions(+), 9 deletions(-) diff --git a/.github/workflows/project_automations.yml b/.github/workflows/project_automations.yml index bf098af..daf08e0 100644 --- a/.github/workflows/project_automations.yml +++ b/.github/workflows/project_automations.yml @@ -5,13 +5,18 @@ on: types: - opened pull_request_target: - types: - - opened pull_request: - types: - - opened jobs: + debug: + name: debug + runs-on: ubuntu-latest + steps: + - name: Print event name + run: echo ${{ github.event_name }} + - name: Print event action + run: echo ${{ github.event.action }} + issue_opened: name: issue_opened runs-on: ubuntu-latest @@ -20,22 +25,26 @@ jobs: - name: 'Move issue to Todo' uses: leonsteinhaeuser/project-beta-automations@v2.1.0 with: - gh_token: ${{ secrets.PROJECT_PERMISSIONS_TOKEN }} + gh_app_ID: ${{ vars.GH_APP_ID }} + gh_app_installation_ID: ${{ vars.GH_APP_INSTALLATION_ID }} + gh_app_secret_key: ${{ secrets.GH_APP_SECRET_KEY }} + project_id: ${{ vars.PROJECT_ID }} user: leonsteinhaeuser - project_id: ${{ secrets.PROJECT_ID }} resource_node_id: ${{ github.event.issue.node_id }} status_value: "Todo" pr_opened: name: pr_opened runs-on: ubuntu-latest - if: github.event_name == 'pull_request' && github.event.action == 'opened' + if: github.event_name == 'pull_request' && (github.event.action == 'opened' || github.event.action == 'synchronize') steps: - name: 'Move PR to "In Progress"' uses: leonsteinhaeuser/project-beta-automations@v2.1.0 with: - gh_token: ${{ secrets.PROJECT_PERMISSIONS_TOKEN }} + gh_app_ID: ${{ vars.GH_APP_ID }} + gh_app_installation_ID: ${{ vars.GH_APP_INSTALLATION_ID }} + gh_app_secret_key: ${{ secrets.GH_APP_SECRET_KEY }} + project_id: ${{ vars.PROJECT_ID }} user: leonsteinhaeuser - project_id: ${{ secrets.PROJECT_ID }} resource_node_id: ${{ github.event.pull_request.node_id }} status_value: "In Progress"