chore(deps): update all kind-images main (main) #279
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: PR from External Contribution Detector | |
| on: | |
| pull_request_target: | |
| types: | |
| - opened | |
| - reopened | |
| jobs: | |
| labeler: | |
| if: | | |
| ( | |
| (github.event.pull_request.author_association != 'OWNER') && | |
| (github.event.pull_request.author_association != 'COLLABORATOR') && | |
| (github.event.pull_request.author_association != 'MEMBER') | |
| ) | |
| runs-on: ubuntu-latest | |
| name: Label PRs | |
| permissions: | |
| pull-requests: write | |
| steps: | |
| # Detect if the secret 'CHECK_TEAM_ORG_APP_ID' is set. If it's not set, don't | |
| # bother running this GH workflow. | |
| - name: Check if CHECK_TEAM_ORG_APP_ID is set in github secrets | |
| id: check_secret | |
| run: | | |
| echo "is_CHECK_TEAM_ORG_APP_ID_set: ${{ secrets.CHECK_TEAM_ORG_APP_ID != '' }}" | |
| echo is_CHECK_TEAM_ORG_APP_ID_set="${{ secrets.CHECK_TEAM_ORG_APP_ID != '' }}" >> $GITHUB_OUTPUT | |
| - name: Get token | |
| # Get a token with the read:org permissions so that the GH action | |
| # can read the team membership for a user. We need to do this over a | |
| # GH app because GH actions don't have support for these type of | |
| # permissions. | |
| if: ${{ steps.check_secret.outputs.is_CHECK_TEAM_ORG_APP_ID_set == 'true' }} | |
| id: get_token | |
| uses: cilium/actions-app-token@61a6271ce92ba02f49bf81c755685d59fb25a59a # v0.21.1 | |
| with: | |
| APP_PEM: ${{ secrets.CHECK_TEAM_ORG_PEM }} | |
| APP_ID: ${{ secrets.CHECK_TEAM_ORG_APP_ID }} | |
| - name: Check author association | |
| if: ${{ steps.check_secret.outputs.is_CHECK_TEAM_ORG_APP_ID_set == 'true' }} | |
| uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 | |
| id: author_association | |
| # https://docs.github.com/en/rest/orgs/members?apiVersion=2022-11-28#check-organization-membership-for-a-user | |
| with: | |
| github-token: ${{ steps.get_token.outputs.app_token }} | |
| script: | | |
| try { | |
| const result = await github.rest.orgs.checkMembershipForUser({ | |
| org: "${{ github.repository_owner }}", | |
| username: "${{github.event.pull_request.user.login}}", | |
| }) | |
| return result.status == 204; | |
| } catch { | |
| return false; | |
| } | |
| - name: Print author association | |
| if: ${{ steps.check_secret.outputs.is_CHECK_TEAM_ORG_APP_ID_set == 'true' }} | |
| run: | | |
| echo author_association_from_event=${{ github.event.pull_request.author_association }} | |
| echo author_association_from_api=${{ steps.author_association.outputs.result }} | |
| - name: Set label | |
| uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 | |
| if: ${{ steps.check_secret.outputs.is_CHECK_TEAM_ORG_APP_ID_set == 'true' && steps.author_association.outputs.result != 'true' }} | |
| with: | |
| script: | | |
| github.rest.issues.addLabels({ | |
| issue_number: context.issue.number, | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| labels: ["kind/community-contribution"] | |
| }) |