Skip to content
Checks (secure)

Create standalone version of Get PR Comments script for use in other repos, with added features. #3767

Sign in to view logs

Create standalone version of Get PR Comments script for use in other repos, with added features.

Create standalone version of Get PR Comments script for use in other repos, with added features. #3767

Workflow file for this run

.github/workflows/checks_secure.yml at 5c825a8
name: Checks (secure)
# These are run on base branch with read/write access.
on:
pull_request_target:
types: [synchronize]
permissions: write-all
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.ref }}
cancel-in-progress: true
jobs:
dismiss_stale_approvals:
# Dismiss stale approvals for users without write access, or if this PR comes from a fork.
runs-on: ubuntu-22.04
# Only if another commit was added to the PR.
steps:
- name: Check user permission
id: check
uses: scherermichael-oss/[email protected]
# This action sets outputs.has-permission to '1' or ''
with:
required-permission: write
env:
GITHUB_TOKEN: ${{ github.token }}
- uses: actions/checkout@v3
if: steps.check.outputs.has-permission != 1 || github.event.pull_request.head.repo.full_name != github.repository
with:
submodules: false
- name: Setup python
if: steps.check.outputs.has-permission != 1 || github.event.pull_request.head.repo.full_name != github.repository
uses: actions/setup-python@v4
with:
python-version: 3.8
- name: Install prerequisites
if: steps.check.outputs.has-permission != 1 || github.event.pull_request.head.repo.full_name != github.repository
run: pip install -r scripts/gha/python_requirements.txt
- name: Dismiss reviews
if: steps.check.outputs.has-permission != 1 || github.event.pull_request.head.repo.full_name != github.repository
shell: bash
run: |
python scripts/gha/dismiss_reviews.py --token ${{github.token}} --pull_number ${{github.event.pull_request.number}} --review_state=APPROVED --message "🍞 Dismissed stale approval on external PR."