Skip to content

Who has permission to workflow_dispatch #26622

Answered by kingthorin
lpoulter asked this question in Actions
Discussion options

You must be logged in to vote

You can check who is triggering the workflow:
if: github.actor == 'lpoulter' || github.actor == 'kingthorin'
or
if: contains('["kingthorin","lpoulter"]', github.actor)

Example here: https://github.com/OWASP/www-project-web-security-testing-guide/blob/53d24199a86ef59888ad8b91d8a173468d862753/.github/workflows/pr_comment.yml#L10
It’s slightly different, it runs for anyone other than the actors we check, but same basic idea. (!= vs ==.)

Sadly there isn’t (currently) a way to check if your team or a specific role contains the github.actor. I’ve submitted an enhancement request that they add something like @organization/some-team.contains(github.actor). Just as I’m writing this reply it occu…

Replies: 9 comments

Comment options

You must be logged in to vote
0 replies
Comment options

You must be logged in to vote
0 replies
Comment options

You must be logged in to vote
0 replies
Answer selected
Comment options

You must be logged in to vote
0 replies
Comment options

You must be logged in to vote
0 replies
Comment options

You must be logged in to vote
0 replies
Comment options

You must be logged in to vote
0 replies
Comment options

You must be logged in to vote
0 replies
Comment options

You must be logged in to vote
0 replies
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment