From 6414549c1c85ed8d0b17301f85740638118ded17 Mon Sep 17 00:00:00 2001 From: nicolethoen Date: Tue, 28 Apr 2026 11:05:54 -0400 Subject: [PATCH] ci(workflows): use org reusable issue and preview checks Replace custom issue labeling with the org reusable workflow and gate Surge preview deploys behind the org team-membership reusable check. Made-with: Cursor --- .../workflows-src/partials/build-astro.yml | 2 +- .github/workflows-src/pr-preview.yml | 17 ++++++-- .../workflows/add-new-issues-to-project.yml | 40 ------------------- .github/workflows/label-pf-team-issue.yml | 9 +++++ .github/workflows/pr-preview.yml | 17 ++++++-- 5 files changed, 38 insertions(+), 47 deletions(-) delete mode 100644 .github/workflows/add-new-issues-to-project.yml create mode 100644 .github/workflows/label-pf-team-issue.yml diff --git a/.github/workflows-src/partials/build-astro.yml b/.github/workflows-src/partials/build-astro.yml index 854f17d1c6..8aef099d09 100644 --- a/.github/workflows-src/partials/build-astro.yml +++ b/.github/workflows-src/partials/build-astro.yml @@ -9,5 +9,5 @@ with: path: "packages/documentation-site/.cache" key: ${{ runner.os }}-${{ hashFiles('yarn.lock') }} -- run: yarn ci:build:doc-core +- run: yarn build:doc-core name: Build astro docs diff --git a/.github/workflows-src/pr-preview.yml b/.github/workflows-src/pr-preview.yml index 98b82f0a14..35f3455a18 100644 --- a/.github/workflows-src/pr-preview.yml +++ b/.github/workflows-src/pr-preview.yml @@ -1,13 +1,22 @@ name: pr-preview -on: pull_request_target +on: + pull_request_target: + issue_comment: + types: [created] jobs: + check-permissions: + uses: patternfly/.github/.github/workflows/check-team-membership.yml@main + secrets: inherit + build-upload: runs-on: ubuntu-latest + needs: check-permissions + if: needs.check-permissions.outputs.allowed == 'true' env: SURGE_LOGIN: ${{ secrets.SURGE_LOGIN }} SURGE_TOKEN: ${{ secrets.SURGE_TOKEN }} GH_PR_TOKEN: ${{ secrets.GH_PR_TOKEN }} - GH_PR_NUM: ${{ github.event.number }} + GH_PR_NUM: ${{ needs.check-permissions.outputs.pr-number }} steps: - uses: actions/checkout@v4 # Yes, we really want to checkout the PR @@ -20,11 +29,13 @@ jobs: name: Upload docs build-upload-astro: runs-on: ubuntu-latest + needs: check-permissions + if: needs.check-permissions.outputs.allowed == 'true' env: SURGE_LOGIN: ${{ secrets.SURGE_LOGIN }} SURGE_TOKEN: ${{ secrets.SURGE_TOKEN }} GH_PR_TOKEN: ${{ secrets.GH_PR_TOKEN }} - GH_PR_NUM: ${{ github.event.number }} + GH_PR_NUM: ${{ needs.check-permissions.outputs.pr-number }} steps: - uses: actions/checkout@v4 - run: | diff --git a/.github/workflows/add-new-issues-to-project.yml b/.github/workflows/add-new-issues-to-project.yml deleted file mode 100644 index 724a5f88ba..0000000000 --- a/.github/workflows/add-new-issues-to-project.yml +++ /dev/null @@ -1,40 +0,0 @@ -name: Add new issues to PatternFly Issues project - -on: - issues: - types: - - opened - -jobs: - add-to-project: - name: Add issue to project - runs-on: ubuntu-latest - steps: - - uses: actions/add-to-project@v0.3.0 - with: - project-url: https://github.com/orgs/patternfly/projects/7 - github-token: ${{ secrets.GH_PROJECTS }} - label-issue: - runs-on: ubuntu-latest - steps: - - name: Team Membership Checker - # You may pin to the exact commit or the version. - # uses: TheModdingInquisition/actions-team-membership@a69636a92bc927f32c3910baac06bacc949c984c - uses: TheModdingInquisition/actions-team-membership@v1.0 - with: - # Repository token. GitHub Action token is used by default(recommended). But you can also use the other token(e.g. personal access token). - token: ${{ secrets.GH_READ_ORG_TOKEN }} - # The team to check for. - team: 'frequent-flyers' - # The organization of the team to check for. Defaults to the context organization. - organization: 'patternfly' - # If the action should exit if the user is not part of the team. - exit: true - - - name: Add label if user is a team member - run: | - curl -X POST \ - -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \ - -H "Accept: application/vnd.github.v3+json" \ - https://api.github.com/repos/${{ github.repository }}/issues/${{ github.event.issue.number }}/labels \ - -d '{"labels":["PF Team"]}' diff --git a/.github/workflows/label-pf-team-issue.yml b/.github/workflows/label-pf-team-issue.yml new file mode 100644 index 0000000000..9019ee29be --- /dev/null +++ b/.github/workflows/label-pf-team-issue.yml @@ -0,0 +1,9 @@ +name: Label PF Team issues +on: + issues: + types: + - opened +jobs: + label: + uses: patternfly/.github/.github/workflows/add-pf-team-label-workflow.yml@main + secrets: inherit diff --git a/.github/workflows/pr-preview.yml b/.github/workflows/pr-preview.yml index 117fadc7c1..3d0722bc0a 100644 --- a/.github/workflows/pr-preview.yml +++ b/.github/workflows/pr-preview.yml @@ -1,14 +1,23 @@ ### WARNING -- this file was generated by generate-workflows.js name: pr-preview -on: pull_request_target +on: + pull_request_target: + issue_comment: + types: [created] jobs: + check-permissions: + uses: patternfly/.github/.github/workflows/check-team-membership.yml@main + secrets: inherit + build-upload: runs-on: ubuntu-latest + needs: check-permissions + if: needs.check-permissions.outputs.allowed == 'true' env: SURGE_LOGIN: ${{ secrets.SURGE_LOGIN }} SURGE_TOKEN: ${{ secrets.SURGE_TOKEN }} GH_PR_TOKEN: ${{ secrets.GH_PR_TOKEN }} - GH_PR_NUM: ${{ github.event.number }} + GH_PR_NUM: ${{ needs.check-permissions.outputs.pr-number }} steps: - uses: actions/checkout@v4 # Yes, we really want to checkout the PR @@ -33,11 +42,13 @@ jobs: name: Upload docs build-upload-astro: runs-on: ubuntu-latest + needs: check-permissions + if: needs.check-permissions.outputs.allowed == 'true' env: SURGE_LOGIN: ${{ secrets.SURGE_LOGIN }} SURGE_TOKEN: ${{ secrets.SURGE_TOKEN }} GH_PR_TOKEN: ${{ secrets.GH_PR_TOKEN }} - GH_PR_NUM: ${{ github.event.number }} + GH_PR_NUM: ${{ needs.check-permissions.outputs.pr-number }} steps: - uses: actions/checkout@v4 - run: |