GitHub permissions are ANDed, not ORed. So, even though the sequester app was given permission to read and write pull requests, the configuration in YAML prevented it.
This ensures that if a PR is tagged as a work item, it will be imported correctly.
Quest runs nightly, rather than on each label update.
The following changes make that happen:
- The bulk action runs once a day, at a hopefully convenient time.
- The single item workflow runs only in response to a workflow dispatch event (user started)
- For security reasons, limit the permissions to write *issues*, not *contents*
* Add config for Quest import
This PR adds the configuration for the Quest import GitHub action.
Before merging this PR, follow the instructions [here](https://github.com/dotnet/docs-tools/tree/main/actions/sequester#installation-and-use) to create the API KEY secrets. Then, once this is installed, it will start updating work items.
Note: To import items in bulk, when those have already been labeled, you can run the `quest-bulk` action via the GitHub UI to import all issues already labeled.
* better filter.
* Update .github/workflows/quest-bulk.yml
Co-authored-by: David Pine <david.pine@microsoft.com>
Co-authored-by: David Pine <david.pine@microsoft.com>
Tom Dykstra
Bill Wagner