Skip to content

Latest commit

 

History

History
115 lines (84 loc) · 5.48 KB

README.md

File metadata and controls

115 lines (84 loc) · 5.48 KB

Is Actor Authorized

A simple action to check if an actor is authorized to trigger the workflow.

Index

Inputs

Parameter Is Required Description
actor true The github username of the actor who triggered the workflow
authorized-actors true An array of strings containing the authorized github usernames

Usage Examples

jobs:
  deploy-to-prod:
    runs-on: im-linux
    steps:
        - uses: actions/checkout@v4

        - name: Check if actor is authorized to deploy to prod
          # You may also reference the major or major.minor version
          uses: im-open/[email protected]
          with:
            actor: ${{ github.actor }}
            authorized-actors: |
              [
                "bob-the-builder",
                "potato",
                "QA-boy"
              ]

        - name: Deploy the code
          run: |

Contributing

When creating PRs, please review the following guidelines:

  • The action code does not contain sensitive information.
  • At least one of the commit messages contains the appropriate +semver: keywords listed under Incrementing the Version for major and minor increments.
  • The action has been recompiled. See Recompiling Manually for details.
  • The README.md has been updated with the latest version of the action. See Updating the README.md for details.
  • Any tests in the build-and-review-pr workflow are passing

Incrementing the Version

This repo uses git-version-lite in its workflows to examine commit messages to determine whether to perform a major, minor or patch increment on merge if source code changes have been made. The following table provides the fragment that should be included in a commit message to active different increment strategies.

Increment Type Commit Message Fragment
major +semver:breaking
major +semver:major
minor +semver:feature
minor +semver:minor
patch default increment type, no comment needed

Source Code Changes

The files and directories that are considered source code are listed in the files-with-code and dirs-with-code arguments in both the build-and-review-pr and increment-version-on-merge workflows.

If a PR contains source code changes, the README.md should be updated with the latest action version and the action should be recompiled. The build-and-review-pr workflow will ensure these steps are performed when they are required. The workflow will provide instructions for completing these steps if the PR Author does not initially complete them.

If a PR consists solely of non-source code changes like changes to the README.md or workflows under ./.github/workflows, version updates and recompiles do not need to be performed.

Recompiling Manually

This command utilizes esbuild to bundle the action and its dependencies into a single file located in the dist folder. If changes are made to the action's source code, the action must be recompiled by running the following command:

# Installs dependencies and bundles the code
npm run build

Updating the README.md

If changes are made to the action's source code, the usage examples section of this file should be updated with the next version of the action. Each instance of this action should be updated. This helps users know what the latest tag is without having to navigate to the Tags page of the repository. See Incrementing the Version for details on how to determine what the next version will be or consult the first workflow run for the PR which will also calculate the next version.

Tests

The build and review PR workflow includes tests which are linked to a status check. That status check needs to succeed before a PR is merged to the default branch. The tests do not need special permissions, so they should succeed whether they come from a branch or a fork.

Code of Conduct

This project has adopted the im-open's Code of Conduct.

License

Copyright © 2023, Extend Health, LLC. Code released under the MIT license.