mirror of https://github.com/pulumi/pulumi.git
51 lines
1.8 KiB
YAML
51 lines
1.8 KiB
YAML
# SECURITY: This PR run on untrusted branches.
|
|
#
|
|
# Changes to "permissions" and "secrets" should be narrowly scoped and carefully reviewed.
|
|
#
|
|
# Reusable workflows, "uses" jobs, *must* specify the main branch.
|
|
|
|
name: Community Pull Request
|
|
on:
|
|
pull_request_target:
|
|
|
|
permissions:
|
|
contents: read
|
|
# Only required for the PR and changelog comment.
|
|
pull-requests: write
|
|
|
|
jobs:
|
|
comment-on-pr:
|
|
name: Maintainer comment
|
|
# We only care about commenting on a PR if the PR is from a fork
|
|
if: github.event.pull_request.head.repo.full_name != github.repository
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Comment PR
|
|
uses: thollander/actions-comment-pull-request@1.0.1
|
|
with:
|
|
message: |
|
|
PR is now waiting for a maintainer to take action.
|
|
|
|
**Note for the maintainer:** Commands available:
|
|
|
|
* `/run-acceptance-tests` - used to test run the acceptance tests for the project
|
|
* `/run-codegen` - used to test the Pull Request against downstream codegen
|
|
* `/run-docs-gen` - used to test the Pull Request against documentation generation
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
|
|
changelog-comment:
|
|
name: Changelog preview
|
|
if: github.event.pull_request.head.repo.full_name != github.repository
|
|
permissions:
|
|
contents: read
|
|
pull-requests: write
|
|
uses: pulumi/pulumi/.github/workflows/on-pr-changelog.yml@master
|
|
with:
|
|
ref: refs/pull/${{ github.event.pull_request.number }}/merge
|
|
base-ref: origin/${{ github.base_ref }}
|
|
pr-number: ${{ github.event.pull_request.number }}
|
|
changelog-required: ${{ !contains(github.event.pull_request.labels.*.name, 'impact/no-changelog-required') }}
|
|
secrets:
|
|
# Scope secrets to the minimum required:
|
|
PULUMI_BOT_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }}
|