devops_admin
/
odex25_standard
mirror of https://github.com/hydracp9/odex25_standard
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add or update delete-merged-branches workflow

This commit is contained in:
GitHub Actions Bot 2025-07-10 22:49:27 +03:00
parent 4703dd93a0
commit 171d3126f1
1 changed files with 50 additions and 81 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

131
.github/workflows/delete-merged-branches.yml vendored
View File

@ -1,34 +1,30 @@
# Author: Ahmad Samir <a.atta@exp-sa.com> # Author: Ahmad Samir <a.atta@exp-sa.com>
name: Auto Delete Branch After Merge name: Block Reserved Branches
on: on:
pull_request: create:
types: [closed] branches:
- '**'
jobs: jobs:
delete-merged-branch: block-reserved-branches:
if: github.event.pull_request.merged == true runs-on: app-sever-project-runner
name: Delete Merged Branch
runs-on: linting_odex25-standard-modules_runner
steps: steps:
- name: Delete merged branch (with protection check and rules) - name: Check for reserved or pattern-matching branch names
env: env:
GH_TOKEN: ${{ secrets.GH_TOKEN }} GH_TOKEN: ${{ secrets.GH_TOKEN }}
REPO: ${{ github.repository }} REPO: ${{ github.repository }}
BASE_REF: ${{ github.event.pull_request.base.ref }} BRANCH_NAME: ${{ github.ref_name }}
HEAD_REF: ${{ github.event.pull_request.head.ref }}
run: | run: |
echo "🔍 Base branch: $BASE_REF" RESERVED_NAMES=(
echo "🔍 Head branch: $HEAD_REF"
PROTECTED_BRANCHES=(
master master
dev_odex-event
dev_odex25_accounting dev_odex25_accounting
dev_odex25_base dev_odex25_base
dev_odex25_dms dev_odex25_dms
dev_odex25_donation
dev_odex25_ensan
dev_odex25_fleet dev_odex25_fleet
dev_odex25_helpdesk
dev_odex25_hr dev_odex25_hr
dev_odex25_inventory dev_odex25_inventory
dev_odex25_maintenance dev_odex25_maintenance
@ -41,36 +37,15 @@ jobs:
dev_odex25_survey dev_odex25_survey
dev_odex25_transactions dev_odex25_transactions
dev_odex25_website dev_odex25_website
dev_odex-event
dev_openeducat_erp-14.0.1.0 dev_openeducat_erp-14.0.1.0
dev_odex25_ensan
dev_odex25_helpdesk
dev_odex25_donation
preprod_odex-event
preprod_odex25_accounting
preprod_odex25_base
preprod_odex25_dms
preprod_odex25_fleet
preprod_odex25_hr
preprod_odex25_inventory
preprod_odex25_maintenance
preprod_odex25_mobile
preprod_odex25_pos
preprod_odex25_project
preprod_odex25_purchase
preprod_odex25_realstate
preprod_odex25_sales
preprod_odex25_survey
preprod_odex25_transactions
preprod_odex25_website
preprod_openeducat_erp-14.0.1.0
preprod_odex25_ensan
preprod_odex25_helpdesk
preprod_odex25_donation
master_odex-event
master_odex25_accounting master_odex25_accounting
master_odex25_base master_odex25_base
master_odex25_dms master_odex25_dms
master_odex25_donation
master_odex25_ensan
master_odex25_fleet master_odex25_fleet
master_odex25_helpdesk
master_odex25_hr master_odex25_hr
master_odex25_inventory master_odex25_inventory
master_odex25_maintenance master_odex25_maintenance
@ -83,51 +58,45 @@ jobs:
master_odex25_survey master_odex25_survey
master_odex25_transactions master_odex25_transactions
master_odex25_website master_odex25_website
master_odex-event
master_openeducat_erp-14.0.1.0 master_openeducat_erp-14.0.1.0
master_odex25_ensan preprod_odex25_accounting
master_odex25_helpdesk preprod_odex25_base
master_odex25_donation preprod_odex25_dms
preprod_odex25_donation
preprod_odex25_ensan
preprod_odex25_fleet
preprod_odex25_helpdesk
preprod_odex25_hr
preprod_odex25_inventory
preprod_odex25_maintenance
preprod_odex25_mobile
preprod_odex25_pos
preprod_odex25_project
preprod_odex25_purchase
preprod_odex25_realstate
preprod_odex25_sales
preprod_odex25_survey
preprod_odex25_transactions
preprod_odex25_website
preprod_odex-event
preprod_openeducat_erp-14.0.1.0
) )
# Rule 1 # Check if branch is an exact reserved name
if [[ "$HEAD_REF" == dev_* && "$BASE_REF" == preprod_* ]]; then for reserved in "${RESERVED_NAMES[@]}"; do
echo "🚫 Rule: Do not delete dev_* merged into preprod_*" if [[ "$BRANCH_NAME" == "$reserved" ]]; then
exit 0 echo "❌ Branch name '$BRANCH_NAME' is reserved. Deleting..."
fi curl -s -X DELETE -H "Authorization: token $GH_TOKEN" https://api.github.com/repos/$REPO/git/refs/heads/$BRANCH_NAME
exit 1
# Rule 2
if [[ "$HEAD_REF" == preprod_* && "$BASE_REF" == master_* ]]; then
echo "🚫 Rule: Do not delete preprod_* merged into master_*"
exit 0
fi
# Rule 3: Protected branches
for protected in "${PROTECTED_BRANCHES[@]}"; do
if [[ "$HEAD_REF" == "$protected" ]]; then
echo "🛡️ '$HEAD_REF' is a protected branch. Skipping deletion."
exit 0
fi fi
done done
echo "✅ '$HEAD_REF' is eligible for deletion. Checking protection..." # Check if branch name matches restricted patterns
if [[ "$BRANCH_NAME" == master_* || "$BRANCH_NAME" == preprod_* || "$BRANCH_NAME" == dev_* ]]; then
PROTECTION_URL="https://api.github.com/repos/$REPO/branches/$HEAD_REF/protection" echo "❌ Branch name '$BRANCH_NAME' matches restricted pattern. Deleting..."
curl -s -X DELETE -H "Authorization: token $GH_TOKEN" https://api.github.com/repos/$REPO/git/refs/heads/$BRANCH_NAME
PROTECTION_STATUS=$(curl -s -o /dev/null -w "%{http_code}" -H "Authorization: token $GH_TOKEN" "$PROTECTION_URL") exit 1
if [ "$PROTECTION_STATUS" -eq 200 ]; then
echo "🔓 Removing protection on '$HEAD_REF'..."
curl -s -X DELETE -H "Authorization: token $GH_TOKEN" "$PROTECTION_URL"
else
echo " No protection found for '$HEAD_REF' (HTTP $PROTECTION_STATUS)"
fi fi
echo "🧹 Attempting to delete branch '$HEAD_REF'..." echo "✅ Branch '$BRANCH_NAME' is allowed."
DELETE_STATUS=$(curl -s -o /dev/null -w "%{http_code}" -X DELETE -H "Authorization: token $GH_TOKEN" -H "Accept: application/vnd.github.v3+json" https://api.github.com/repos/$REPO/git/refs/heads/$HEAD_REF)
if [ "$DELETE_STATUS" -eq 204 ]; then
echo "✅ Branch '$HEAD_REF' successfully deleted"
else
echo "❌ Failed to delete branch '$HEAD_REF' — HTTP $DELETE_STATUS"
exit 1
fi