-
Notifications
You must be signed in to change notification settings - Fork 35
33 lines (30 loc) · 1.05 KB
/
dependabot-coverage-upload.yml
File metadata and controls
33 lines (30 loc) · 1.05 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
name: Dependabot Coverage Upload
on:
issue_comment:
types: [created]
jobs:
check:
if: github.event.issue.pull_request != null && github.event.comment.body == '/upload-coverage'
runs-on: ubuntu-latest
outputs:
allowed: ${{ steps.gate.outputs.allowed }}
steps:
- name: Gate check
id: gate
run: |
set -euo pipefail
PERM=$(gh api repos/$GITHUB_REPOSITORY/collaborators/$COMMENT_USER_LOGIN/permission --jq '.permission' 2>/dev/null || echo "none")
if [ "$PERM" = "admin" ] || [ "$PERM" = "maintain" ]; then
echo "allowed=true" >> $GITHUB_OUTPUT
else
echo "allowed=false" >> $GITHUB_OUTPUT
fi
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
COMMENT_USER_LOGIN: ${{ github.event.comment.user.login }}
upload:
needs: check
if: needs.check.outputs.allowed == 'true'
uses: adobe/aio-reusable-workflows/.github/workflows/dependabot-coverage-upload.yml@main
secrets:
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}