From 31306cc5f017585c83220432afff84636149250b Mon Sep 17 00:00:00 2001 From: Ken Guo Date: Wed, 30 Jul 2025 12:06:53 -0700 Subject: [PATCH] fix collaborator check --- .github/workflows/integration-testing.yml | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) diff --git a/.github/workflows/integration-testing.yml b/.github/workflows/integration-testing.yml index 5042e51..b5dfdad 100644 --- a/.github/workflows/integration-testing.yml +++ b/.github/workflows/integration-testing.yml @@ -22,22 +22,31 @@ jobs: result-encoding: string script: | try { + let username; + if (context.payload.pull_request) { + username = context.payload.pull_request.user.login; + } else { + // For non-PRs (eg. merge), check the actor (person who merged) + username = context.actor; + console.log(`No pull request context found, checking permissions for actor: ${username}`); + } + const permissionResponse = await github.rest.repos.getCollaboratorPermissionLevel({ owner: context.repo.owner, repo: context.repo.repo, - username: context.payload.pull_request.user.login, + username: username, }); const permission = permissionResponse.data.permission; const hasWriteAccess = ['write', 'admin'].includes(permission); if (!hasWriteAccess) { - console.log(`User ${context.payload.pull_request.user.login} does not have write access to the repository (permission: ${permission})`); + console.log(`User ${username} does not have write access to the repository (permission: ${permission})`); return "manual-approval" } else { - console.log(`Verifed ${context.payload.pull_request.user.login} has write access. Auto Approving PR Checks.`) + console.log(`Verifed ${username} has write access. Auto Approving PR Checks.`) return "auto-approve" } } catch (error) { - console.log(`${context.payload.pull_request.user.login} does not have write access. Requiring Manual Approval to run PR Checks.`) + console.log(`${username} does not have write access. Requiring Manual Approval to run PR Checks.`) return "manual-approval" } check-access-and-checkout: