Trigger & action pipeline fixes (#11)

xamarin · Aug 7, 2024 · 61d8b75 · 61d8b75
1 parent 9cbe7c9
commit 61d8b75
Show file tree

Hide file tree

Showing 2 changed files with 23 additions and 8 deletions.
diff --git a/.github/workflows/rebase-action.yml b/.github/workflows/rebase-action.yml
@@ -70,14 +70,10 @@ jobs:
           $gitHubRepository = $env:GITHUB_REPOSITORY
           $commentAuthor = $env:COMMENT_AUTHOR
           $pullRequestUrl = $env:PULL_REQUEST_URL
-          $backportTargetBranch = $env:TARGET_BRANCH
-          $useFork = $env:USE_FORK
 
           Write-Host "GITHUB_REPOSITORY: ${gitHubRepository}"
           Write-Host "COMMENT_AUTHOR: ${commentAuthor}"
           Write-Host "PULL_REQUEST_URL: ${pullRequestUrl}"
-          Write-Host "TARGET_BRANCH: ${backportTargetBranch}"
-          Write-Host "USE_FORK: ${useFork}"
 
           $gitHubAccountPAT = $env:GITHUB_ACCOUNT_PAT
           if (-not ([string]::IsNullOrEmpty($gitHubAccountPAT))) {
@@ -142,7 +138,7 @@ jobs:
             $headers = @{ Authorization = "token ${githubAccountPat}" }
             $uri = "https://api.github.com/repos/$repoOwner/$repoName/collaborators/${commentAuthor}/permission"
             Write-Host "Checking $repoOwner membership for ${commentAuthor} via $uri"
-            $response = Invoke-WebRequest -Headers $headers -Uri $uri
+            $response = Invoke-WebRequest -Headers $headers -Uri $uri -ContentType 'application/vnd.github+json'
             $content = $response.Content | ConvertFrom-Json
             $accessType = $content.permission
             Write-Host "Found membership: $accessType"
@@ -243,7 +239,7 @@ jobs:
                 resources = @{
                   repositories = @{
                     self = @{
-                      refName = "refs/heads/yaml-pipeline"
+                      refName = "refs/heads/main"
                     }
                   }
                 };

diff --git a/.github/workflows/rebase-trigger.yml b/.github/workflows/rebase-trigger.yml
@@ -5,7 +5,7 @@ on:
     types: [created]
 
 jobs:
-  launchRebaseBuild:
+  setupRebase:
     runs-on: ubuntu-latest
     # GITHUB_TOKEN change from read-write to read-only on 2024-02-01 requires permissions block
     # https://docs.opensource.microsoft.com/github/apps/permission-changes/
@@ -14,9 +14,27 @@ jobs:
       actions: write
       contents: read
       security-events: write
-      id-token: write           # The rebase-action template being invoked requires this permission
     if: github.event.issue.pull_request != '' && contains(github.event.comment.body, '@gitbot rebase')
+    steps:
+      - name: Show Comment
+        shell: pwsh
+        id: show_comment
+        run: |
+          Write-Host "Comment: ${env:COMMENT}"
+        env:
+          COMMENT: "${{ github.event.comment.body }}"
+
+  launchRebaseBuild:
+    needs: setupRebase
     uses: xamarin/rebase-bot-action/.github/workflows/[email protected]
+    # GITHUB_TOKEN change from read-write to read-only on 2024-02-01 requires permissions block
+    # https://docs.opensource.microsoft.com/github/apps/permission-changes/
+    # https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
+    permissions:
+      actions: write
+      contents: read
+      security-events: write
+      id-token: write           # The rebase-action template being invoked requires this permission
     with:
       pull_request_url: ${{ github.event.issue.pull_request.url }}
       comment_author: ${{ github.actor }}
@@ -29,3 +47,4 @@ jobs:
       ado_project: ${{ secrets.ADO_PROJECT }}
       rebase_pipeline_id: ${{ secrets.REBASE_PIPELINEID }}
       github_account_pat: ${{ secrets.SERVICEACCOUNT_PAT }}
+