@@ -32,23 +32,30 @@ jobs:
3232 id : check
3333 env :
3434 GH_TOKEN : ${{ github.token }}
35+ EVENT_NAME : ${{ github.event_name }}
36+ EVENT_ACTION : ${{ github.event.action }}
37+ LABEL_NAME : ${{ github.event.label.name }}
38+ IS_DRAFT : ${{ github.event.pull_request.draft }}
39+ SENDER_LOGIN : ${{ github.event.sender.login }}
40+ PR_AUTHOR : ${{ github.event.pull_request.user.login }}
41+ REPO : ${{ github.repository }}
3542 run : |
3643 # workflow_dispatch callers already have write access.
37- if [ "${{ github.event_name }} " = "workflow_dispatch" ]; then
44+ if [ "$EVENT_NAME " = "workflow_dispatch" ]; then
3845 echo "allowed=true" >> "$GITHUB_OUTPUT"
3946 exit 0
4047 fi
4148
4249 # Only the agent-review label should trigger a run.
43- if [ "${{ github.event.action }} " = "labeled" ] && [ "${{ github.event.label.name }} " != "agent-review" ]; then
50+ if [ "$EVENT_ACTION " = "labeled" ] && [ "$LABEL_NAME " != "agent-review" ]; then
4451 echo "Skipping: labeled event but not agent-review"
4552 echo "allowed=false" >> "$GITHUB_OUTPUT"
4653 exit 0
4754 fi
4855
4956 # Skip drafts unless agent-review label is being added.
50- if [ "${{ github.event.pull_request.draft }} " = "true" ]; then
51- if [ "${{ github.event.action }} " != "labeled" ] || [ "${{ github.event.label.name }} " != "agent-review" ]; then
57+ if [ "$IS_DRAFT " = "true" ]; then
58+ if [ "$EVENT_ACTION " != "labeled" ] || [ "$LABEL_NAME " != "agent-review" ]; then
5259 echo "Skipping: draft PR"
5360 echo "allowed=false" >> "$GITHUB_OUTPUT"
5461 exit 0
@@ -58,15 +65,15 @@ jobs:
5865 # For labeled events, check the sender (who added the label) so
5966 # maintainers can authorize reviews on external PRs.
6067 # For other events, check the PR author.
61- if [ "${{ github.event.action }} " = "labeled" ]; then
62- USER="${{ github.event.sender.login }} "
68+ if [ "$EVENT_ACTION " = "labeled" ]; then
69+ USER="$SENDER_LOGIN "
6370 echo "Checking sender (labeler): ${USER}"
6471 else
65- USER="${{ github.event.pull_request.user.login }} "
72+ USER="$PR_AUTHOR "
6673 echo "Checking PR author: ${USER}"
6774 fi
6875
69- PERMISSION=$(gh api "repos/${{ github.repository } }/collaborators/${USER}/permission" --jq '.permission' 2>/dev/null || echo "none")
76+ PERMISSION=$(gh api "repos/${REPO }/collaborators/${USER}/permission" --jq '.permission' 2>/dev/null || echo "none")
7077 echo "permission=${PERMISSION}"
7178
7279 if [ "$PERMISSION" = "admin" ] || [ "$PERMISSION" = "write" ]; then
@@ -85,11 +92,15 @@ jobs:
8592 steps :
8693 - name : Determine PR number
8794 id : pr
95+ env :
96+ EVENT_NAME : ${{ github.event_name }}
97+ INPUT_PR_NUMBER : ${{ github.event.inputs.pr_number }}
98+ PR_NUMBER : ${{ github.event.pull_request.number }}
8899 run : |
89- if [ "${{ github.event_name }} " = "workflow_dispatch" ]; then
90- echo "number=${{ github.event.inputs.pr_number } }" >> "$GITHUB_OUTPUT"
100+ if [ "$EVENT_NAME " = "workflow_dispatch" ]; then
101+ echo "number=${INPUT_PR_NUMBER }" >> "$GITHUB_OUTPUT"
91102 else
92- echo "number=${{ github.event.pull_request.number } }" >> "$GITHUB_OUTPUT"
103+ echo "number=${PR_NUMBER }" >> "$GITHUB_OUTPUT"
93104 fi
94105
95106name : Validate PR number
@@ -114,12 +125,14 @@ jobs:
114125 id : head
115126 env :
116127 GH_TOKEN : ${{ github.token }}
128+ EVENT_NAME : ${{ github.event_name }}
117129 PR_NUMBER : ${{ steps.pr.outputs.number }}
130+ PR_HEAD_SHA : ${{ github.event.pull_request.head.sha }}
118131 run : |
119- if [ "${{ github.event_name }} " = "workflow_dispatch" ]; then
132+ if [ "$EVENT_NAME " = "workflow_dispatch" ]; then
120133 SHA=$(gh pr view "$PR_NUMBER" --json headRefOid -q '.headRefOid')
121134 else
122- SHA="${{ github.event.pull_request.head.sha }} "
135+ SHA="$PR_HEAD_SHA "
123136 fi
124137 echo "sha=$SHA" >> "$GITHUB_OUTPUT"
125138
0 commit comments