Question about Authorization Management In issue comment
wangyuan249 opened this issue · 3 comments
Hi~ I am currently following your work in VS Code's Issue Triage GitHub Actions @JacksonKearl
And I try to make a kubevela robot for our open source project oam/Kubevela https://github.com/oam-dev/kubevela
After I test and fine tune in my own repo( https://github.com/wangyuan249/actioTestRepo ), I found it is a great project !
While we are facing some problems about Authorization Management In issue comment trigger:
We hope that we can specify some users to have the access when comment in issue area, and trigger the label or assign process and to prevent everyone can trigger this process or to test and play in issue area.
And Now we see such fields like “memberOf” 、“allowUsers” in the command.json file
{
"type": "author",
"memberOf": { "org": "oam-dev" },
"action": "updateLabel",
"addLabel": "author/kubevela"
},
{
"type": "author",
"notMemberOf": { "org": "oam-dev" },
"action": "updateLabel",
"addLabel": "author/not-kubevela"
},
{
"type": "comment",
"name": "needsMoreInfo",
"allowUsers": [
"wangyuan249",
"user1",
"user2",
"user3"
],
"action": "updateLabels",
"addLabel": "needs more info"
},
In my opinion, it is not flexible to maintain the "allowUser" list frequently or to maintain the member list in an organization.
Is there a way for us to scan our projects to determine who is the contributor of our project(or who often speaks in issue and give them the access to comment and trigger label. (When trigger a github action, to scan like this.)
I would be very appreciated if you could give me a reply. thanks!
By default anyone with write access to the repo is allowed to use the comments, the allowUsers
field is just for adding additional members who would not otherwise have access. Does that help?
The code for this is here:
vscode-github-triage-actions/commands/Commands.ts
Lines 44 to 47 in c0b1108
Thanks a lot ! And I also create a userList file to Maintain the additional members. For each time when executing the github action, it will scan the userlist file and judge whether it is an allow user.