Skip to content

OAuth2: PKCE(Proof Key for Code Exchange) #19911

OAuth2: PKCE(Proof Key for Code Exchange)

OAuth2: PKCE(Proof Key for Code Exchange) #19911

Workflow file for this run

name: Command
# NB: **ALL** commands should be permissionless and only use an app token or relevant secrets
# specific to their requirements!
permissions:
contents: read
on:
issue_comment:
types:
- created
env:
CI_DEBUG: ${{ vars.CI_DEBUG }}
jobs:
# For speed and _security_ only a single command (first matching) will be parsed/run from a comment
command:
name: Parse and run command
runs-on: ubuntu-24.04
if: >-
${{
github.event.issue.pull_request
&& (vars.ENVOY_CI
|| github.repository == 'envoyproxy/envoy')
&& github.actor != 'repokitteh-read-only[bot]'
&& github.actor != 'dependabot[bot]'
}}
steps:
- uses: envoyproxy/toolshed/gh-actions/github/command@actions-v0.3.14
name: Parse command from comment
id: command
with:
text: ${{ github.event.comment.body }}
matching: >-
^/(retest)
# /retest
- uses: envoyproxy/toolshed/gh-actions/appauth@actions-v0.3.14
if: ${{ steps.command.outputs.command == 'retest' }}
id: appauth-retest
name: Appauth (retest)
with:
key: ${{ secrets.ENVOY_CI_APP_KEY }}
app_id: ${{ secrets.ENVOY_CI_APP_ID }}
- uses: envoyproxy/toolshed/gh-actions/retest@actions-v0.3.14
if: ${{ steps.command.outputs.command == 'retest' }}
name: Retest
with:
token: ${{ steps.appauth-retest.outputs.token }}
azp_org: cncf
azp_token: ${{ secrets.AZP_TOKEN }}
comment-id: ${{ github.event.comment.id }}
pr-url: ${{ github.event.issue.pull_request.url }}
args: ${{ steps.command.outputs.args }}
app-owner: ci-envoy