logic855
/
helm-external-secrets
mirror of https://github.com/external-secrets/external-secrets


			
				
					
						
						
							12345678910111213141516171819202122232425262728293031323334353637383940414243
							# If someone with write access comments "/ok-to-test-managed" on a pull request, emit a repository_dispatch event
name: Ok To Test

on:
  issue_comment:
    types: [created]

permissions:
  contents: read

jobs:
  ok-to-test-managed:
    permissions:
      pull-requests: write  # for peter-evans/slash-command-dispatch to create PR reaction
    runs-on: ubuntu-latest
    # Only run for PRs, not issue comments
    if: ${{ github.event.issue.pull_request }}
    steps:
    # Generate a GitHub App installation access token from an App ID and private key
    # To create a new GitHub App:
    #   https://developer.github.com/apps/building-github-apps/creating-a-github-app/
    # See app.yml for an example app manifest
    - uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1
      with:
        egress-policy: audit
    - name: Generate token
      id: generate_token
      uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0
      with:
        app-id: ${{ secrets.APP_ID }}
        private-key: ${{ secrets.PRIVATE_KEY }}
        owner: ${{ github.repository_owner }}

    - name: Slash Command Dispatch
      uses: peter-evans/slash-command-dispatch@9bdcd7914ec1b75590b790b844aa3b8eee7c683a # v5.0.2
      env:
        TOKEN: ${{ steps.generate_token.outputs.token }}
      with:
        token: ${{ env.TOKEN }} # GitHub App installation access token
        reaction-token: ${{ secrets.GITHUB_TOKEN }}
        issue-type: pull-request
        commands: ok-to-test-managed
        permission: maintain