Action triggered on a merged PR needs access to a secret #25588
-
Hey, I’m trying to create an action which will invite a contributor whos PR gets merged, to an organization. I have almost finished it, but I have a pretty annoying problem now because workflow triggered by a PR merged to the main repo from the user’s repository doesn’t have access to the secrets, and I need a secret(public access token) to provide it to the GitHub API to invite a user. How could one solve this? |
Beta Was this translation helpful? Give feedback.
Replies: 3 comments
-
Hi, Thanks for your feedback! It’s not supported, please check below:
Thanks. |
Beta Was this translation helpful? Give feedback.
-
You can try to use push event to trigger a workflow in your repository, and then in the action you can parse the detailed information about the push and try to invite the user if it is a merge commit from other repos. |
Beta Was this translation helpful? Give feedback.
-
yup, that’s what I did instead of running the action on closing the PR I’m running it on a new commit on master, this has to be triggered by someone with ‘write rights’ to the repo, therefore, it has access to the repo secrets. It’s a bit harder to check if the commit is a merge commit and we have to explicitly fetch more info about the PR, but it works. Source code of an action I was trying to build if someone is interested: https://github.com/lekterable/inclusive-organization-action |
Beta Was this translation helpful? Give feedback.
You can try to use push event to trigger a workflow in your repository, and then in the action you can parse the detailed information about the push and try to invite the user if it is a merge commit from other repos.