Debug security check

buildingsmart-community · Feb 17, 2025 · 6b07812 · 6b07812
1 parent f5852b0
commit 6b07812
Showing 1 changed file with 4 additions and 1 deletion.
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
@@ -29,14 +29,17 @@ concurrency:
 jobs:
   # Security check job to ensure the PR is from a trusted organization member
   security-check:
+    if: github.event_name == 'pull_request'
     runs-on: ubuntu-latest
     steps:
       - name: Check if PR is from a trusted organization member
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         run: |
           PR_AUTHOR=$(jq -r .pull_request.user.login "$GITHUB_EVENT_PATH")
+          echo "PR Author: $PR_AUTHOR"
           ORG_MEMBERS=$(curl -s -H "Authorization: token $GITHUB_TOKEN" "https://api.github.com/orgs/buildingsmart-community/members" | jq -r '.[].login')
+          echo "Organization Members: $ORG_MEMBERS"
           if echo "$ORG_MEMBERS" | grep -q "$PR_AUTHOR"; then
             echo "User is a trusted organization member."
           else
@@ -46,7 +49,7 @@ jobs:
 
   # Deploy job with three steps: one for main branch, one for release tags, and one for pull requests
   deploy:
-    needs: security-check
+    needs: [security-check]
     environment:
       name: github-pages
       url: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' && 'https://buildingsmart-community.github.io/bSDD-filter-UI/main/' || startsWith(github.ref, 'refs/tags/') && format('https://buildingsmart-community.github.io/bSDD-filter-UI/{0}', github.ref_name) || github.event_name == 'pull_request' && format('https://buildingsmart-community.github.io/bSDD-filter-UI/pr-{0}/', github.event.number) || 'https://buildingsmart-community.github.io/bSDD-filter-UI/' }}