Manage GitHub teams permissions as code #1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: teamSync check for changes | |
| on: | |
| push: | |
| branches: | |
| - master | |
| pull_request: | |
| branches: | |
| - master | |
| jobs: | |
| check-permissions: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Set up JDK | |
| uses: actions/setup-java@v4 | |
| with: | |
| java-version: '21' | |
| distribution: 'adopt' | |
| - name: Build project | |
| run: mvn clean install | |
| - name: Check for yml changes | |
| id: files | |
| run: | | |
| echo "Checking for changes in permissions/*.yml files..." | |
| FILES=$(git diff --name-only ${{ github.event.before }} ${{ github.sha }} -- 'permissions/*.yml') | |
| if [[ -z "$FILES" ]]; then | |
| echo "No changes detected in permissions files." | |
| else | |
| echo "Changes detected. Processing..." | |
| for file in $FILES | |
| do | |
| echo "Processing changes in $file" | |
| GIT_DIFF=$(git diff ${{ github.event.before }} ${{ github.sha }} -- "$file") | |
| if [[ "$GIT_DIFF" == *"github_team"* || "$GIT_DIFF" == *"developers"* ]]; then | |
| file="${file#permissions/}" | |
| echo "Updating the team in: $file" | |
| java -jar target/github_team_sync.jar "$file" | |
| else | |
| echo "No relevant changes to the team in: $file" | |
| fi | |
| done | |
| fi | |
| env: | |
| GITHUB_OAUTH: ${{ secrets.HOSTING_PAT }} |