11name : E2E Tests on Kind
22
33on :
4- schedule :
5- - cron : " 0 5 * * *"
6- workflow_dispatch :
7- inputs :
8- debug_enabled :
9- type : boolean
10- description : " Run the build with tmate debugging enabled (https://github.com/marketplace/actions/debugging-with-tmate)"
11- required : false
12- default : false
134 pull_request :
145 types : [opened, synchronize, reopened]
156 paths :
2213 cancel-in-progress : true
2314 name : e2e tests
2415 runs-on : ubuntu-latest
25- environment : pac # make sure to create the environment in the repo settings for manual approval
16+ if : >
17+ (github.event_name == 'pull_request_target' || github.event_name == 'pull_request_target') &&
18+ contains(fromJson('["chmouel", "zakisk"]'), github.event.pull_request.user.login)
19+
2620strategy :
2721 matrix :
2822 provider : [providers, gitea_others]
5852 with :
5953 ref : ${{ github.event.pull_request.head.sha }}
6054
55+ - name : Check if user is an admin
56+ id : check-permissions
57+ run : |
58+ set -x
59+ USER_LOGIN="${{ github.event.pull_request.user.login }}"
60+ REPO_FULL_NAME="${{ github.repository }}"
61+ echo "Checking permissions for user: $USER_LOGIN in repo: $REPO_FULL_NAME"
62+
63+ # Fetch user permissions using GitHub API
64+ PERMISSIONS=$(curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \
65+ "https://api.github.com/repos/$REPO_FULL_NAME/collaborators/$USER_LOGIN/permission")
66+
67+ # Extract the permission level
68+ PERMISSION_LEVEL=$(echo "$PERMISSIONS" | jq -r '.permission')
69+
70+ # Set output variable to indicate if the user is an admin
71+ if [[ "$PERMISSION_LEVEL" == "admin" ]]; then
72+ echo "User is an admin."
73+ echo "is-admin=true" >> $GITHUB_OUTPUT
74+ else
75+ echo "User is not an admin."
76+ echo "is-admin=false" >> $GITHUB_OUTPUT
77+ fi
78+ shell : bash
79+
6180 - uses : actions/setup-go@v5
6281 with :
6382 go-version-file : " go.mod"
@@ -103,7 +122,6 @@ jobs:
103122 ./hack/gh-workflow-ci.sh create_second_github_app_controller_on_ghe
104123
105124name : Run E2E Tests on pull_request
106- if : ${{ github.event_name != 'schedule' }}
107125 env :
108126 TEST_PROVIDER : ${{ matrix.provider }}
109127 TEST_BITBUCKET_CLOUD_TOKEN : ${{ secrets.BITBUCKET_CLOUD_TOKEN }}
@@ -119,24 +137,6 @@ jobs:
119137 run : |
120138 ./hack/gh-workflow-ci.sh run_e2e_tests
121139
122- name : Run E2E Tests on nightly
123- if : ${{ github.event_name == 'schedule' || github.event_name == 'workflow_dispatch' }}
124- env :
125- NIGHTLY_E2E_TEST : " true"
126- TEST_PROVIDER : ${{ matrix.provider }}
127- TEST_BITBUCKET_CLOUD_TOKEN : ${{ secrets.BITBUCKET_CLOUD_TOKEN }}
128- TEST_EL_WEBHOOK_SECRET : ${{ secrets.WEBHOOK_SECRET }}
129- TEST_GITEA_SMEEURL : ${{ secrets.TEST_GITEA_SMEEURL }}
130- TEST_GITHUB_REPO_INSTALLATION_ID : ${{ secrets.INSTALLATION_ID }}
131- TEST_GITHUB_TOKEN : ${{ secrets.GH_APPS_TOKEN }}
132- TEST_GITHUB_SECOND_TOKEN : ${{ secrets.TEST_GITHUB_SECOND_TOKEN }}
133- TEST_GITLAB_TOKEN : ${{ secrets.GITLAB_TOKEN }}
134- TEST_BITBUCKET_SERVER_TOKEN : ${{ secrets.BITBUCKET_SERVER_TOKEN }}
135- TEST_BITBUCKET_SERVER_API_URL : ${{ secrets.BITBUCKET_SERVER_API_URL }}
136- TEST_BITBUCKET_SERVER_WEBHOOK_SECRET : ${{ secrets.BITBUCKET_SERVER_WEBHOOK_SECRET }}
137- run : |
138- ./hack/gh-workflow-ci.sh run_e2e_tests
139-
140140name : Collect logs
141141 if : ${{ always() }}
142142 env :
@@ -151,12 +151,3 @@ jobs:
151151 with :
152152 name : logs-e2e-tests-${{ matrix.provider }}
153153 path : /tmp/logs
154-
155- - name : Report Status
156- if : ${{ always() && github.ref_name == 'main' && github.event_name == 'schedule' }}
157- uses : ravsamhq/notify-slack-action@v2
158- with :
159- status : ${{ job.status }}
160- notify_when : " failure"
161- env :
162- SLACK_WEBHOOK_URL : ${{ secrets.SLACK_WEBHOOK_URL }}
0 commit comments