Update check_cla.yml #18
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Workflow to check if a user is eligible to contribute or needs to sign the CLA | |
name: CLA Check | |
on: | |
# because the cla workflow will run on worflows generated from forks, they do not have access to secrets | |
# pull_request_target only runs the workflow on the master branch but allows access to secrets | |
pull_request_target: | |
branches: | |
- 'master' | |
- 'main' | |
# we do not need this workflow to run on merge_group because its whole purpose is to check if the PR is mergeable | |
# to test changes to this workflow, it needs to be manually run on the specific branch | |
pull_request: | |
workflow_dispatch: | |
jobs: | |
check-membership: | |
name: Check Membership | |
runs-on: ubuntu-latest | |
if: ${{ github.event.pull_request.user.login != 'dependabot[bot]' && github.event.pull_request.user.login != 'github-actions[bot]' }} | |
outputs: | |
is_member: ${{ steps.check-membership.outputs.is_member}} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
with: | |
repository: 'dfinity/internal-workflows' | |
- name: Check Membership | |
id: check-membership | |
uses: ./reusable_workflows/check_membership/check_membership/ | |
with: | |
github-token: ${{ secrets.CLA_READ_ORG_MEMBERSHIP }} | |
check-external-contributions: | |
name: Check External Contributions | |
runs-on: ubuntu-latest | |
needs: check-membership | |
if: ${{ needs.check-membership.outputs.is_member != 'true' && needs.check-membership.result == 'success' }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
with: | |
repository: 'dfinity/repositories-open-to-contributions' | |
- name: Check if accepting external contributions | |
id: accepts_external_contrib | |
uses: ./reusable_workflows/check_membership/check_external_contrib/ | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- name: Close Pull Request | |
id: close_pr | |
if: ${{ steps.accepts_external_contrib.outputs.accepts_contrib != 'true' }} | |
run: | | |
message="This repository does not accept external contributions yet. | |
We are therefore closing this Pull Request, thank you for your understanding. | |
— The DFINITY Foundation" | |
gh pr close ${{ github.event.number }} --comment "$message" | |
env: | |
GH_TOKEN: ${{ github.token }} | |
- name: Add Label | |
uses: actions-ecosystem/action-add-labels@v1 | |
if: ${{ steps.accepts_external_contrib.outputs.accepts_contrib != 'false' }} | |
with: | |
labels: external-contributor | |
- name: Checkout | |
uses: actions/checkout@v3 | |
if: ${{ steps.accepts_external_contrib.outputs.accepts_contrib != 'false' }} | |
with: | |
repository: 'dfinity/repositories-open-to-contributions' | |
- name: Check CLA | |
id: check-cla | |
uses: ./reusable_workflows/check_cla/check_cla_pr/ | |
if: ${{ steps.accepts_external_contrib.outputs.accepts_contrib != 'false' }} | |
with: | |
github-token: ${{ secrets.CLA_COMMENT_ON_PRS }} |