pyrox.dev / nixpkgs
lol
fork atom

workflows: fix running pull_request_event (#413320)

authored by philiptaron.tngl.sh and committed by

GitHub d0593dc9 339da4f4

+7 -9
unified split
+5 -7
.github/workflows/codeowners-v2.yml
··· 45 check: 46 name: Check 47 runs-on: ubuntu-24.04-arm 48 - if: github.repository_owner == 'NixOS' 49 steps: 50 - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 51 with: ··· 68 run: nix-build trusted/ci -A codeownersValidator 69 70 - uses: actions/create-github-app-token@df432ceedc7162793a195dd1713ff69aefc7379e # v2.0.6 71 - if: vars.OWNER_RO_APP_ID 72 id: app-token 73 with: 74 app-id: ${{ vars.OWNER_RO_APP_ID }} ··· 91 request: 92 name: Request 93 runs-on: ubuntu-24.04-arm 94 - if: github.repository_owner == 'NixOS' 95 steps: 96 - uses: cachix/install-nix-action@526118121621777ccd86f79b04685a9319637641 # v31 97 ··· 101 with: 102 path: trusted 103 104 - uses: actions/create-github-app-token@df432ceedc7162793a195dd1713ff69aefc7379e # v2.0.6 105 - if: vars.OWNER_APP_ID 106 id: app-token 107 with: 108 app-id: ${{ vars.OWNER_APP_ID }} ··· 110 permission-administration: read 111 permission-members: read 112 permission-pull-requests: write 113 - 114 - - name: Build review request package 115 - run: nix-build trusted/ci -A requestReviews 116 117 - name: Request reviews 118 if: steps.app-token.outputs.token
··· 45 check: 46 name: Check 47 runs-on: ubuntu-24.04-arm 48 steps: 49 - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 50 with: ··· 67 run: nix-build trusted/ci -A codeownersValidator 68 69 - uses: actions/create-github-app-token@df432ceedc7162793a195dd1713ff69aefc7379e # v2.0.6 70 + if: github.event_name == 'pull_request_target' && vars.OWNER_RO_APP_ID 71 id: app-token 72 with: 73 app-id: ${{ vars.OWNER_RO_APP_ID }} ··· 90 request: 91 name: Request 92 runs-on: ubuntu-24.04-arm 93 steps: 94 - uses: cachix/install-nix-action@526118121621777ccd86f79b04685a9319637641 # v31 95 ··· 99 with: 100 path: trusted 101 102 + - name: Build review request package 103 + run: nix-build trusted/ci -A requestReviews 104 + 105 - uses: actions/create-github-app-token@df432ceedc7162793a195dd1713ff69aefc7379e # v2.0.6 106 + if: github.event_name == 'pull_request_target' && vars.OWNER_APP_ID 107 id: app-token 108 with: 109 app-id: ${{ vars.OWNER_APP_ID }} ··· 111 permission-administration: read 112 permission-members: read 113 permission-pull-requests: write 114 115 - name: Request reviews 116 if: steps.app-token.outputs.token
+1 -1
.github/workflows/eval.yml
··· 4 pull_request: 5 paths: 6 - .github/workflows/eval.yml 7 - - .github/workflows/reviews.yml # needs eval results from the same event type 8 pull_request_target: 9 push: 10 # Keep this synced with ci/request-reviews/dev-branches.txt
··· 4 pull_request: 5 paths: 6 - .github/workflows/eval.yml 7 + - .github/workflows/reviewers.yml # needs eval results from the same event type 8 pull_request_target: 9 push: 10 # Keep this synced with ci/request-reviews/dev-branches.txt
+1 -1
.github/workflows/reviewers.yml
··· 44 # See ./codeowners-v2.yml, reuse the same App because we need the same permissions 45 # Can't use the token received from permissions above, because it can't get enough permissions 46 - uses: actions/create-github-app-token@df432ceedc7162793a195dd1713ff69aefc7379e # v2.0.6 47 - if: vars.OWNER_APP_ID 48 id: app-token 49 with: 50 app-id: ${{ vars.OWNER_APP_ID }}
··· 44 # See ./codeowners-v2.yml, reuse the same App because we need the same permissions 45 # Can't use the token received from permissions above, because it can't get enough permissions 46 - uses: actions/create-github-app-token@df432ceedc7162793a195dd1713ff69aefc7379e # v2.0.6 47 + if: github.event_name == 'pull_request_target' && vars.OWNER_APP_ID 48 id: app-token 49 with: 50 app-id: ${{ vars.OWNER_APP_ID }}