Skip to content

Add authorization scriptlet #2125

Add authorization scriptlet

Add authorization scriptlet #2125

Workflow file for this run

name: Commits
on:
- pull_request
permissions:
contents: read
jobs:
dco-check:
permissions:
pull-requests: read # for tim-actions/get-pr-commits to get list of commits from the PR
name: Signed-off-by (DCO)
runs-on: ubuntu-22.04
steps:
- name: Get PR Commits
id: 'get-pr-commits'
uses: tim-actions/get-pr-commits@master
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Check that all commits are signed-off
uses: tim-actions/dco@master
with:
commits: ${{ steps.get-pr-commits.outputs.commits }}
target-branch:
permissions:
contents: none
name: Branch target
runs-on: ubuntu-22.04
steps:
- name: Check branch target
env:
TARGET: ${{ github.event.pull_request.base.ref }}
TITLE: ${{ github.event.pull_request.title }}
run: |
set -eux
TARGET_FROM_PR_TITLE="$(echo "${TITLE}" | sed -n 's/.*(\(stable-[0-9]\.[0-9]\))$/\1/p')"
if [ -z "${TARGET_FROM_PR_TITLE}" ]; then
TARGET_FROM_PR_TITLE="main"
else
echo "Branch target overridden from PR title"
fi
[ "${TARGET}" = "${TARGET_FROM_PR_TITLE}" ] && exit 0
echo "Invalid branch target: ${TARGET} != ${TARGET_FROM_PR_TITLE}"
exit 1