Skip to content

Commit 989b724

Browse files
author
strausr
committed
fix: improve admin permission check in release workflow
1 parent 42e762e commit 989b724

File tree

1 file changed

+17
-3
lines changed

1 file changed

+17
-3
lines changed

.github/workflows/release.yml

Lines changed: 17 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -15,9 +15,23 @@ jobs:
1515
steps:
1616
- name: Verify admin permissions
1717
run: |
18-
PERMISSION=$(curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \
19-
"https://api.github.com/repos/${{ github.repository }}/collaborators/${{ github.actor }}/permission" \
20-
| grep -o '"permission":"[^"]*"' | cut -d'"' -f4)
18+
# Use the repository's permission endpoint which works for both personal and org repos
19+
RESPONSE=$(curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \
20+
-H "Accept: application/vnd.github.v3+json" \
21+
"https://api.github.com/repos/${{ github.repository }}/collaborators/${{ github.actor }}/permission")
22+
23+
# Extract permission using jq if available, otherwise use grep
24+
if command -v jq &> /dev/null; then
25+
PERMISSION=$(echo "$RESPONSE" | jq -r '.permission // empty')
26+
else
27+
PERMISSION=$(echo "$RESPONSE" | grep -o '"permission":"[^"]*"' | head -1 | cut -d'"' -f4)
28+
fi
29+
30+
if [ -z "$PERMISSION" ]; then
31+
echo "Warning: Could not determine permission level. Response: $RESPONSE"
32+
echo "Note: workflow_dispatch requires write access, proceeding..."
33+
exit 0
34+
fi
2135
2236
if [ "$PERMISSION" != "admin" ]; then
2337
echo "Error: Only repository admins can trigger releases. Current permission: $PERMISSION"

0 commit comments

Comments
 (0)