[Github Action] Label community issues #1746
Conversation
|
|
||
| try { | ||
| // Check if the user is a member of the elastic organization | ||
| await github.rest.orgs.getMembershipForUser({ |
There was a problem hiding this comment.
unfortunately, I'm afraid this won't work with the standard github token.
You need a PAT that is able to read org membership
There was a problem hiding this comment.
Argh yes I didn't consider most of our users have private membership.
Can we use a PAT that we store somewhere safe and invoke it here?
There was a problem hiding this comment.
Yes. Adding it to the GitHub repository secrets should be sufficient for now.
There was a problem hiding this comment.
Nice, is this something you can help with? I don't have any permissions to do such things I believe
There was a problem hiding this comment.
I created the ORG_MEMBER_READ_TOKEN which can be accessed with secrets.ORG_MEMBER_READ_TOKEN.
For now it's configured to our max TTL. We can revisit this in a couple of months.
The platform team is working on ephemeral token service that we can utilize in the future.
There was a problem hiding this comment.
The token can only read the membership. Hence you might need to split the script into two steps. One for reading and one for adding the label
There was a problem hiding this comment.
Ok thank you :) will look into it later!
|
@reakaleek Thanks for your help, I updated the script, let me know if you think this could work. Thanks! |
|
Nice let's see how it works |
Generated with Copilot
This is an attempt to identify community (from non-elasticians) issues more accurately rather than rely only on
source:weblabel or on the triager checking the issue author's profile every time.