-
Notifications
You must be signed in to change notification settings - Fork 772
37 lines (31 loc) · 1.09 KB
/
pr_change_check.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
# Copyright lowRISC contributors (OpenTitan project).
# Licensed under the Apache License, Version 2.0, see LICENSE for details.
# SPDX-License-Identifier: Apache-2.0
name: 'Check for and block unauthorized changes'
on:
pull_request_target:
permissions:
contents: read
# Needed to read comments for authorizations
pull-requests: read
jobs:
check-changes:
runs-on: "ubuntu-latest"
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Determine changed files
run: |
pr_url="https://github.com/${{ github.repository }}/pull/${{ github.event.number }}"
echo $pr_url
gh pr diff $pr_url --name-only > $HOME/changed_files
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Show files changed
run: cat $HOME/changed_files
- name: Check for blocked changes
run: |
./ci/scripts/check-pr-changes-allowed.py $HOME/changed_files \
--gh-repo ${{ github.repository }} \
--gh-token ${{ secrets.GITHUB_TOKEN }} \
--pr-number ${{ github.event.number }}