Fix workflow permission check logic

RevenueCat · Jul 19, 2024 · 28cc004 · 28cc004
1 parent 2bc647e
commit 28cc004
Showing 1 changed file with 4 additions and 2 deletions.
diff --git a/.github/workflows/trigger_all_tests.yml b/.github/workflows/trigger_all_tests.yml
@@ -13,11 +13,13 @@ jobs:
 
     steps:
       - name: Check membership in RevenueCat Org
+        env:
+          READ_ORG_GITHUB_TOKEN: ${{ secrets.READ_ORG_GITHUB_TOKEN }}
         id: verify
         # ensure that only RevenueCat members can trigger this
         run: |
-          RESPONSE=$(curl https://api.github.com/orgs/RevenueCat/members/${{ github.event.comment.user.login }})
-          if [[ "$RESPONSE" == *"Not Found"* ]]; then
+          RESPONSE=$(curl -s -o /dev/null --head -w "%{http_code}" -H "Authorization: Bearer $READ_ORG_GITHUB_TOKEN" https://api.github.com/orgs/RevenueCat/members/${{ github.event.comment.user.login }})
+          if [[ "$RESPONSE" != "204" ]]; then
             echo "User is not a member of the organization"
             exit 1
           fi