workflow permission

Author: Mokhlesur Mahin

.github/actions/check-permissions/action.yml

@@ -0,0 +1,32 @@
+name: 'Check Permissions'
+description: 'Check if the user triggering the workflow is allowed to proceed.'
+inputs:
+  permissions-file:
+    description: 'Path to the permissions.yml file'
+    required: true
+  actor:
+    description: 'GitHub actor triggering the workflow'
+    required: true
+runs:
+  using: 'composite'
+  steps:
+  - name: Set up Python
+    uses: actions/setup-python@v4
+
+  - name: Install PyYAML
+    run: pip install pyyaml
+    shell: bash
+
+  - name: Check Permissions
+    run: |
+      python -c "
+      import yaml
+      with open('${{ inputs.permissions-file }}', 'r') as f:
+          permissions = yaml.safe_load(f)
+      if '${{ inputs.actor }}' not in permissions['allowed_users']:
+          print('-----------------ERROR--------------------')
+          print('User ${{ inputs.actor }} is not allowed to trigger this workflow.')
+          print('------------------------------------------')
+          exit(1)
+      "
+    shell: bash

.github/workflows/test-workflow.yml

@@ -0,0 +1,18 @@
+name: Example Workflow
+on:
+  workflow_dispatch:
+jobs:
+  example-job:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      - name: Check Permissions
+        uses: ./.github/actions/check-permissions
+        with:
+          permissions-file: 'permissions.yml'
+          actor: '${{ github.actor }}'
+
+      - name: Echo Something
+        run: echo "Hello World!"

permissions.yml

@@ -0,0 +1,2 @@
+allowed_users:
+- test-user