Sapr0
commented
2 years ago We have a similar requirement where an admin/manager can choose to approve a PR via a comment. However the user in GITHUB_PR_TRIGGER_SENDER_AUTHOR is still the original PR owner. We need an a new property that can be populated with the user who wrote the comment. That way we can check if a privileged user can trigger the process.
Possible name choices for this new property are:
- GITHUB_PR_COMMENT_USER
- GITHUB_PR_COMMENT_SENDER
- GITHUB_PR_COMMENT_AUTHOR
LE: Added 2 new properties, which are similar with the COMMIT and TRIGGER equivalents
- GITHUB_PR_COMMENT_AUTHOR_NAME
- GITHUB_PR_COMMENT_AUTHOR_EMAIL
We are using the user restriction to restrict PR runs to only our org or known users. We also use the comment trigger to be able to retrigger CI runs. However for users not on the allowed list having an allowed user issue the comment trigger still wont trigger the CI since the PR creator is not in the allowed list.
So it would be good to have an option or way to allow any allowed user to be able to trigger a CI run via comments or any of the allowed methods instead of a blanket ban on a PR just because a user is not in the list
This sort of relates to the 'comment to add user to allow list' functionality that was removed, this would be a good second option to at least allow privileged users the ability to execute CI runs for unprivileged