Skip to content

fix(ci): fix publish workflow permissions #8830

fix(ci): fix publish workflow permissions

fix(ci): fix publish workflow permissions #8830

Workflow file for this run

# Changelog
#
# Validates that a changelog entry was added.
# Runs on PRs when:
# - opened/re-opened
# - new commits pushed
# - label is added or removed
# Runs on merge queues, but just passes, because it is a required check.
name: Changelog
on:
pull_request:
types: [opened, synchronize, reopened, labeled, unlabeled]
# Due to merge queue requiring same status checks as PRs, must pass by default
merge_group:
types: [checks_requested]
jobs:
validate-changelog:
runs-on: ubuntu-latest
if: github.event_name == 'pull_request'
env:
PR_HAS_LABEL: ${{ contains( github.event.pull_request.labels.*.name, 'no-changelog') }}
steps:
# Checkout full depth because in the check_changelog_fragments script, we need to specify a
# merge base. If we only shallow clone the repo, git may not have enough history to determine
# the base.
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Generate authentication token
# Don't run this step if the PR is from a fork or dependabot since the secrets won't exist
if: ${{ github.event.pull_request.head.repo.full_name == github.repository && github.actor != 'dependabot[bot]' }}
id: generate_token
uses: tibdex/github-app-token@3beb63f4bd073e61482598c45c71c1019b59b73a
with:
app_id: ${{ secrets.GH_APP_DATADOG_VECTOR_CI_APP_ID }}
private_key: ${{ secrets.GH_APP_DATADOG_VECTOR_CI_APP_PRIVATE_KEY }}
- run: |
if [[ $PR_HAS_LABEL == 'true' ]] ; then
echo "'no-changelog' label detected."
exit 0
fi
# Helper script needs to reference the master branch to compare against
git fetch origin master:refs/remotes/origin/master
./scripts/check_changelog_fragments.sh
check-changelog:
name: Changelog
runs-on: ubuntu-latest
needs: validate-changelog
if: always()
env:
FAILED: ${{ contains(needs.*.result, 'failure') }}
steps:
- name: exit
run: |
echo "failed=${{ env.FAILED }}"
if [[ "$FAILED" == "true" ]] ; then
exit 1
else
exit 0
fi