Skip to content

fix(auto-add-to-project): skip gracefully when PROJECT_TOKEN missing#1

Merged
asachs01 merged 1 commit intomainfrom
fix/auto-add-to-project-graceful-skip
Apr 22, 2026
Merged

fix(auto-add-to-project): skip gracefully when PROJECT_TOKEN missing#1
asachs01 merged 1 commit intomainfrom
fix/auto-add-to-project-graceful-skip

Conversation

@asachs01
Copy link
Copy Markdown
Contributor

@asachs01 asachs01 commented Apr 22, 2026

Summary

Unblocks every PR across all wyre-technology repos (~38 MCP repos) from showing a spurious red X on the `add-to-project` check.

Problem

The org-level `auto-add-to-project.yml` workflow fires on every issue and PR. When `PROJECT_TOKEN` isn't available — either because the org secret isn't set or isn't exposed to a given repo — the action fails with:

```
Input required and not supplied: github-token
```

That shows up as a red X on every PR, drowning out real check failures. Seen today on connectwise-manage-mcp#9 among others.

Fix

Adds a pre-step that checks whether `PROJECT_TOKEN` is set before invoking `actions/add-to-project`:

  • Secret present → workflow behaves exactly as before and adds the item to the project board.
  • Secret missing → workflow emits a `::notice` ("PROJECT_TOKEN not configured — skipping") and exits successfully.

This means adding `PROJECT_TOKEN` later (org secret or repo-scoped secret) "just works" — no further workflow changes needed.

Security

The check uses the injection-safe pattern:

  • `secrets.PROJECT_TOKEN` is passed via `env:`, not interpolated into the shell command
  • No `github.event.*` untrusted inputs are used in `run:`
  • The secret value is only tested for emptiness, never echoed

Test plan

  • Merge, then open a new PR on any repo that currently fails the check (e.g. connectwise-manage-mcp) — verify the workflow now succeeds with a "skipping" notice instead of failing
  • (Later) when `PROJECT_TOKEN` is added as an org secret, verify a fresh issue/PR gets auto-added to Project #1

@asachs01
fix(auto-add-to-project): skip gracefully when PROJECT_TOKEN missing
c878c52 
The organization-level auto-add-to-project workflow fires on every issue
and PR opened across all wyre-technology repos. When PROJECT_TOKEN isn't
available (org secret not set, or not exposed to a given repo), the
action fails with:

  Input required and not supplied: github-token

That shows up as a red X on every PR across ~38 MCP repos, making it
impossible to distinguish real check failures from this infra gap.

This change adds a pre-step that checks whether PROJECT_TOKEN is set:
- If set → workflow runs as before and adds the item to the project
- If not set → workflow emits a ::notice and exits successfully

Effect:
- Adding PROJECT_TOKEN later (org secret or repo secret) "just works"
  without further changes — the check flips on automatically.
- All MCP-repo PRs stop showing the spurious failure today.

Pattern is injection-safe: only secrets.PROJECT_TOKEN is referenced,
passed via env: rather than string interpolation into the shell.
@asachs01 asachs01 merged commit c09bbca into main Apr 22, 2026
1 check failed
@asachs01 asachs01 deleted the fix/auto-add-to-project-graceful-skip branch April 22, 2026 17:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@asachs01