| name: Issue Subscriber |
| |
| on: |
| issues: |
| types: |
| - labeled |
| |
| permissions: |
| contents: read |
| |
| jobs: |
| auto-subscribe: |
| environment: |
| name: main-branch-only |
| deployment: false |
| runs-on: ubuntu-24.04 |
| if: github.repository == 'llvm/llvm-project' |
| steps: |
| - name: Checkout Automation Script |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 |
| with: |
| persist-credentials: false |
| sparse-checkout: llvm/utils/git/ |
| ref: main |
| |
| - name: Setup Automation Script |
| working-directory: ./llvm/utils/git/ |
| run: | |
| pip install --require-hashes -r requirements.txt |
| |
| - id: app-token |
| uses: actions/create-github-app-token@1b10c78c7865c340bc4f6099eb2f838309f1e8c3 # v3.1.1 |
| with: |
| client-id: ${{ secrets.LLVM_TOKEN_GENERATOR_CLIENT_ID }} |
| private-key: ${{ secrets.LLVM_TOKEN_GENERATOR_PRIVATE_KEY }} |
| owner: ${{ github.repository_owner }} |
| permission-members: read |
| permission-contents: read |
| permission-issues: write |
| |
| - name: Update watchers |
| working-directory: ./llvm/utils/git/ |
| # https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-an-intermediate-environment-variable |
| env: |
| LABEL_NAME: ${{ github.event.label.name }} |
| ISSUE_SUBSCRIBER_TOKEN: ${{ steps.app-token.outputs.token }} |
| run: | |
| python3 ./github-automation.py \ |
| --token "$ISSUE_SUBSCRIBER_TOKEN" \ |
| issue-subscriber \ |
| --issue-number '${{ github.event.issue.number }}' \ |
| --label-name "$LABEL_NAME" |
