Skip to content

Update check_cla.yml #18

Update check_cla.yml

Update check_cla.yml #18

Workflow file for this run

# Workflow to check if a user is eligible to contribute or needs to sign the CLA
name: CLA Check
on:
# because the cla workflow will run on worflows generated from forks, they do not have access to secrets
# pull_request_target only runs the workflow on the master branch but allows access to secrets
pull_request_target:
branches:
- 'master'
- 'main'
# we do not need this workflow to run on merge_group because its whole purpose is to check if the PR is mergeable
# to test changes to this workflow, it needs to be manually run on the specific branch
pull_request:
workflow_dispatch:
jobs:
check-membership:
name: Check Membership
runs-on: ubuntu-latest
if: ${{ github.event.pull_request.user.login != 'dependabot[bot]' && github.event.pull_request.user.login != 'github-actions[bot]' }}
outputs:
is_member: ${{ steps.check-membership.outputs.is_member}}
steps:
- name: Checkout
uses: actions/checkout@v3
with:
repository: 'dfinity/internal-workflows'
- name: Check Membership
id: check-membership
uses: ./reusable_workflows/check_membership/check_membership/
with:
github-token: ${{ secrets.CLA_READ_ORG_MEMBERSHIP }}
check-external-contributions:
name: Check External Contributions
runs-on: ubuntu-latest
needs: check-membership
if: ${{ needs.check-membership.outputs.is_member != 'true' && needs.check-membership.result == 'success' }}
steps:
- name: Checkout
uses: actions/checkout@v3
with:
repository: 'dfinity/repositories-open-to-contributions'
- name: Check if accepting external contributions
id: accepts_external_contrib
uses: ./reusable_workflows/check_membership/check_external_contrib/
- name: Checkout
uses: actions/checkout@v3
- name: Close Pull Request
id: close_pr
if: ${{ steps.accepts_external_contrib.outputs.accepts_contrib != 'true' }}
run: |
message="This repository does not accept external contributions yet.
We are therefore closing this Pull Request, thank you for your understanding.
— The DFINITY Foundation"
gh pr close ${{ github.event.number }} --comment "$message"
env:
GH_TOKEN: ${{ github.token }}
- name: Add Label
uses: actions-ecosystem/action-add-labels@v1
if: ${{ steps.accepts_external_contrib.outputs.accepts_contrib != 'false' }}
with:
labels: external-contributor
- name: Checkout
uses: actions/checkout@v3
if: ${{ steps.accepts_external_contrib.outputs.accepts_contrib != 'false' }}
with:
repository: 'dfinity/repositories-open-to-contributions'
- name: Check CLA
id: check-cla
uses: ./reusable_workflows/check_cla/check_cla_pr/
if: ${{ steps.accepts_external_contrib.outputs.accepts_contrib != 'false' }}
with:
github-token: ${{ secrets.CLA_COMMENT_ON_PRS }}