From e2e862ec48aafdd90d28c4f4034bbe25e0e41060 Mon Sep 17 00:00:00 2001 From: Scott Hart Date: Fri, 19 Jul 2024 14:22:16 -0400 Subject: [PATCH] ci: add org member check --- .github/workflows/test-runner.yml | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/.github/workflows/test-runner.yml b/.github/workflows/test-runner.yml index 2de91e3dddf8a..43da289db97ea 100644 --- a/.github/workflows/test-runner.yml +++ b/.github/workflows/test-runner.yml @@ -31,6 +31,17 @@ concurrency: cancel-in-progress: true jobs: + # Require that the PR author be a member of the same organization as this + # repository in order to continue execution. + author-association-member: + name: Require Org Membership + steps: + - name: Check Membership + if: ${{ github.event.pull_request.author_association != 'MEMBER' }} + run: | + echo "Event not triggered by organization member." + exit 1 + pre-flight: # For external contributors, run the build in the `external` environment. # This requires manual approval from a contributor. It also saves the @@ -43,6 +54,7 @@ jobs: 'external' }} name: Require Approval for External PRs + needs: [author-association-member] runs-on: ubuntu-latest outputs: checkout-sha: ${{ steps.save-pull-request.outputs.sha }}