Dismiss Stale Workflows Runs #3745
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This workflow will run every 30 minutes and dismiss stale workflow runs on | |
# open pull requests. Stale workflow runs on pull requests are runs that are | |
# no longer up-to-date due to a new pull_request_target or pull_request_review | |
# event occurring. | |
# | |
# This workflow is specifically in place to dismiss stale runs for external | |
# contributors because the `Check` workflow token does not have write access | |
# to actions when a pull_request_review event triggers it from a fork. Stale | |
# workflow runs need to be removed by this workflow otherwise they will persist | |
# on the pull request's requirements record and not reflect the correct state | |
# of the checks. | |
name: Dismiss Stale Workflows Runs | |
on: | |
workflow_dispatch: | |
schedule: | |
# Runs every 30 minutes | |
- cron: '0,30 * * * *' | |
# Limit the permissions on the GitHub token for this workflow to the subset | |
# that is required. In this case, the dismiss workflow needs to read reviews and | |
# delete workflow runs so it needs write access to "actions" and read to | |
# "pull-requests", nothing else. | |
permissions: | |
actions: write | |
pull-requests: read | |
checks: none | |
contents: none | |
deployments: none | |
issues: none | |
packages: none | |
repository-projects: none | |
security-events: none | |
statuses: none | |
jobs: | |
dismiss-stale-runs: | |
name: Dismiss Stale Workflow Runs | |
runs-on: ubuntu-latest | |
steps: | |
# Checkout main branch of shared-workflow repository. | |
- name: Checkout shared-workflow | |
uses: actions/checkout@v4 | |
with: | |
repository: gravitational/shared-workflows | |
path: .github/shared-workflows | |
ref: main | |
- name: Installing Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: 'stable' | |
# Run "dismiss" subcommand on bot. | |
- name: Dismiss | |
run: cd .github/shared-workflows/bot && go run main.go -workflow=dismiss -token="${{ secrets.GITHUB_TOKEN }}" -reviewers="${{ secrets.reviewers }}" |