From c663b18d7a052261acb8a15fe81a70c0a762e8fd Mon Sep 17 00:00:00 2001
From: Maksym H <mordamax@gmail.com>
Date: Wed, 21 Aug 2024 10:13:44 +0100
Subject: [PATCH] [skip ci] cmd.yml

---
 .github/workflows/cmd.yml | 51 +++++++++++++++++++++++++++------------
 1 file changed, 36 insertions(+), 15 deletions(-)

diff --git a/.github/workflows/cmd.yml b/.github/workflows/cmd.yml
index c655700b78a93..c933d2ebf58e4 100644
--- a/.github/workflows/cmd.yml
+++ b/.github/workflows/cmd.yml
@@ -19,21 +19,42 @@ jobs:
       - name: Checkout
         uses: actions/checkout@v4
 
+      - name: Generate token
+        id: generate_token
+        uses: tibdex/github-app-token@v2.1.0
+        with:
+          app_id: ${{ secrets.CMD_BOT_APP_ID }}
+          private_key: ${{ secrets.CMD_BOT_APP_KEY }}
+
       - name: Check if user is a member of the organization
         id: is-member
         uses: actions/github-script@v7
         with:
-          github-token: ${{ secrets.GITHUB_TOKEN }}
+          github-token: ${{ steps.generate_token.outputs.token }}
           script: |
-            const membership = await github.orgs.checkMembershipForUser({
-              org: context.repo.owner,
-              username: context.actor
-            })
-            return membership.data.state === 'active'
+            try {              
+              const org = '${{ github.event.repository.owner.login }}';
+              const username = context.actor;
+            
+              console.log(org, username);
+              const membership = await github.rest.orgs.checkMembershipForUser({
+                  org: org,
+                  username: username
+              });
+              console.log(membership)
+              
+            } catch (error) {
+              console.log(error)
+              return { 'is-member': false }
+            }
+            
+            return {
+                'is-member': membership.status === 204
+            }
 
-  reject-non-fellows:
+  reject-non-members:
     needs: is-org-member
-    if: ${{ startsWith(github.event.comment.body, '/cmd') && !contains(needs.fellows.outputs.github-handles, github.event.sender.login) }}
+    if: ${{ startsWith(github.event.comment.body, '/cmd') && needs.is-org-member.outputs.member != 'true' }}
     runs-on: ubuntu-latest
     steps:
       - name: Add reaction to rejected comment
@@ -57,12 +78,12 @@ jobs:
               issue_number: context.issue.number,
               owner: context.repo.owner,
               repo: context.repo.repo,
-              body: `Sorry, only fellows can run commands.`
+              body: `Sorry, only paritytech members can run commands.`
             })
 
   acknowledge:
-    needs: fellows
-    if: ${{ startsWith(github.event.comment.body, '/cmd') && contains(needs.fellows.outputs.github-handles, github.event.sender.login) }}
+    needs: is-org-member
+    if: ${{ startsWith(github.event.comment.body, '/cmd') && needs.is-org-member.outputs.member == 'true' }}
     runs-on: ubuntu-latest
     steps:
       - name: Add reaction to triggered comment
@@ -85,7 +106,7 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Clean previous comments
-        if: ${{ startsWith(github.event.comment.body, '/cmd') && contains(github.event.comment.body, '--clean') && contains(needs.fellows.outputs.github-handles, github.event.sender.login) }}
+        if: ${{ startsWith(github.event.comment.body, '/cmd') && contains(github.event.comment.body, '--clean') && needs.is-org-member.outputs.member == 'true' }}
         uses: actions/github-script@v7
         with:
           github-token: ${{ secrets.GITHUB_TOKEN }}
@@ -114,7 +135,7 @@ jobs:
             })
   help:
     needs: [ clean, is-org-member ]
-    if: ${{ startsWith(github.event.comment.body, '/cmd') && contains(github.event.comment.body, '--help') && contains(needs.fellows.outputs.github-handles, github.event.sender.login) }}
+    if: ${{ startsWith(github.event.comment.body, '/cmd') && contains(github.event.comment.body, '--help') && needs.is-org-member.outputs.member == 'true' }}
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
@@ -178,7 +199,7 @@ jobs:
     needs: [ clean, is-org-member ]
     env:
       JOB_NAME: 'cmd'
-    if: ${{ startsWith(github.event.comment.body, '/cmd') && !contains(github.event.comment.body, '--help') && contains(needs.fellows.outputs.github-handles, github.event.sender.login) }}
+    if: ${{ startsWith(github.event.comment.body, '/cmd') && !contains(github.event.comment.body, '--help') && needs.is-org-member.outputs.member == 'true' }}
     runs-on: ${{ startsWith(github.event.comment.body, '/cmd bench') && 'arc-runners-polkadot-sdk-benchmark' || 'ubuntu-latest' }}
     steps:
       - name: Install updates and protobuf-compiler
@@ -257,7 +278,7 @@ jobs:
         if: startsWith(steps.get-pr-comment.outputs.group2, 'bench')
         uses: Swatinem/rust-cache@a95ba195448af2da9b00fb742d14ffaaf3c21f43 # v2.7.0
         with:
-          shared-key: "fellowship-cmd"
+          shared-key: "polkadot-sdk-cmd-${{ github.sha }}"
 
       - name: Run cmd
         id: cmd