Allow PR authors to use /rerun-failed-ci on their own PRs (#19496)

Co-authored-by: Alison Shao <alisonshao@MacBook-Pro-D2W773R9CD.local>
This commit is contained in:
Alison Shao
2026-02-27 10:14:57 -08:00
committed by GitHub
parent fe4bc8ebd5
commit 2c856c6d27
2 changed files with 24 additions and 6 deletions

View File

@@ -415,13 +415,9 @@ def main():
comment_body = get_env_var("COMMENT_BODY").strip()
user_login = get_env_var("USER_LOGIN")
# 2. Load Permissions (Local Check)
# 2. Load Permissions (local file check first to avoid unnecessary API calls)
user_perms = load_permissions(user_login)
if not user_perms:
print(f"User {user_login} does not have any configured permissions. Exiting.")
return
# 3. Initialize GitHub API with Auth
auth = Auth.Token(token)
g = Github(auth=auth)
@@ -430,6 +426,26 @@ def main():
pr = repo.get_pull(pr_number)
comment = repo.get_issue(pr_number).get_comment(comment_id)
# PR authors can always rerun failed CI on their own PRs,
# even if they are not listed in CI_PERMISSIONS.json.
# Note: /tag-run-ci-label and /rerun-stage still require CI_PERMISSIONS.json.
if pr.user.login == user_login:
if user_perms is None:
print(
f"User {user_login} is the PR author (not in CI_PERMISSIONS.json). "
"Granting CI rerun permissions."
)
user_perms = {}
else:
print(
f"User {user_login} is the PR author and has existing CI permissions."
)
user_perms["can_rerun_failed_ci"] = True
if not user_perms:
print(f"User {user_login} does not have any configured permissions. Exiting.")
return
# 4. Parse Command and Execute
first_line = comment_body.split("\n")[0].strip()