devops_admin
/
odex25_standard
mirror of https://github.com/hydracp9/odex25_standard
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add or update prevent-invalid-branch-merges workflow

This commit is contained in:
GitHub Actions Bot 2025-07-10 17:12:04 +03:00
parent d21e789ada
commit 325b0b15dd
1 changed files with 73 additions and 221 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

294
.github/workflows/prevent-invalid-branch-merges.yml vendored
View File

@ -25,7 +25,6 @@ on:
- dev_odex25_ensan
- dev_odex25_helpdesk
- dev_odex25_donation
- preprod_odex-event
- preprod_odex25_accounting
- preprod_odex25_base
@ -47,8 +46,7 @@ on:
- preprod_odex25_ensan
- preprod_odex25_helpdesk
- preprod_odex25_donation
- master_odex-event
- master_odex-event
- master_odex25_accounting
- master_odex25_base
- master_odex25_dms
@ -66,239 +64,93 @@ on:
- master_odex25_transactions
- master_odex25_website
- master_openeducat_erp-14.0.1.0
- master_odex25_ensan
- master_odex25_ensan
- master_odex25_helpdesk
- master_odex25_donation
concurrency:
group: prevent-invalid-merges-${{ github.head_ref }}
cancel-in-progress: true
jobs:
validate-merge-source:
runs-on: app-sever-project-runner
strategy:
matrix:
base_head:
- { base: preprod_odex-event, head: dev_odex-event }
- { base: preprod_odex25_accounting, head: dev_odex25_accounting }
- { base: preprod_odex25_base, head: dev_odex25_base }
- { base: preprod_odex25_dms, head: dev_odex25_dms }
- { base: preprod_odex25_fleet, head: dev_odex25_fleet }
- { base: preprod_odex25_hr, head: dev_odex25_hr }
- { base: preprod_odex25_inventory, head: dev_odex25_inventory }
- { base: preprod_odex25_maintenance, head: dev_odex25_maintenance }
- { base: preprod_odex25_mobile, head: dev_odex25_mobile }
- { base: preprod_odex25_pos, head: dev_odex25_pos }
- { base: preprod_odex25_project, head: dev_odex25_project }
- { base: preprod_odex25_purchase, head: dev_odex25_purchase }
- { base: preprod_odex25_realstate, head: dev_odex25_realstate }
- { base: preprod_odex25_sales, head: dev_odex25_sales }
- { base: preprod_odex25_survey, head: dev_odex25_survey }
- { base: preprod_odex25_transactions, head: dev_odex25_transactions }
- { base: preprod_odex25_website, head: dev_odex25_website }
- { base: preprod_openeducat_erp-14.0.1.0, head: dev_openeducat_erp-14.0.1.0 }
- { base: preprod_odex25_ensan, head: dev_odex25_ensan }
- { base: preprod_odex25_helpdesk, head: dev_odex25_helpdesk }
- { base: preprod_odex25_donation, head: dev_odex25_donation }
- { base: master_odex-event, head: preprod_odex-event }
- { base: master_odex25_accounting, head: preprod_odex25_accounting }
- { base: master_odex25_base, head: preprod_odex25_base }
- { base: master_odex25_dms, head: preprod_odex25_dms }
- { base: master_odex25_fleet, head: preprod_odex25_fleet }
- { base: master_odex25_hr, head: preprod_odex25_hr }
- { base: master_odex25_inventory, head: preprod_odex25_inventory }
- { base: master_odex25_maintenance, head: preprod_odex25_maintenance }
- { base: master_odex25_mobile, head: preprod_odex25_mobile }
- { base: master_odex25_pos, head: preprod_odex25_pos }
- { base: master_odex25_project, head: preprod_odex25_project }
- { base: master_odex25_purchase, head: preprod_odex25_purchase }
- { base: master_odex25_realstate, head: preprod_odex25_realstate }
- { base: master_odex25_sales, head: preprod_odex25_sales }
- { base: master_odex25_survey, head: preprod_odex25_survey }
- { base: master_odex25_transactions, head: preprod_odex25_transactions }
- { base: master_odex25_website, head: preprod_odex25_website }
- { base: master_openeducat_erp-14.0.1.0, head: preprod_openeducat_erp-14.0.1.0 }
- { base: master_odex25_ensan, head: preprod_odex25_ensan }
- { base: master_odex25_helpdesk, head: preprod_odex25_helpdesk }
- { base: master_odex25_donation, head: preprod_odex25_donation }
steps:
- name: Check source branch for merge
- name: Validate branch relationship
run: |
echo "Base branch: ${{ github.base_ref }}"
echo "Head branch: ${{ github.head_ref }}"
# ✅ Preprod Branches
if [[ "${{ github.base_ref }}" == "preprod_odex-event" && "${{ github.head_ref }}" != "dev_odex-event" ]]; then
echo "::error ::You can only merge to 'preprod_odex-event' from 'dev_odex-event' branch!"
if [[ "${{ github.base_ref }}" == "${{ matrix.base_head.base }}" && "${{ github.head_ref }}" != "${{ matrix.base_head.head }}" ]]; then
echo "::error ::You can only merge to '${{ matrix.base_head.base }}' from '${{ matrix.base_head.head }}'!"
exit 1
fi
if [[ "${{ github.base_ref }}" == "preprod_odex25_accounting" && "${{ github.head_ref }}" != "dev_odex25_accounting" ]]; then
echo "::error ::You can only merge to 'preprod_odex25_accounting' from 'dev_odex25_accounting' branch!"
exit 1
fi
if [[ "${{ github.base_ref }}" == "preprod_odex25_base" && "${{ github.head_ref }}" != "dev_odex25_base" ]]; then
echo "::error ::You can only merge to 'preprod_odex25_base' from 'dev_odex25_base' branch!"
exit 1
fi
if [[ "${{ github.base_ref }}" == "preprod_odex25_dms" && "${{ github.head_ref }}" != "dev_odex25_dms" ]]; then
echo "::error ::You can only merge to 'preprod_odex25_dms' from 'dev_odex25_dms' branch!"
exit 1
fi
if [[ "${{ github.base_ref }}" == "preprod_odex25_fleet" && "${{ github.head_ref }}" != "dev_odex25_fleet" ]]; then
echo "::error ::You can only merge to 'preprod_odex25_fleet' from 'dev_odex25_fleet' branch!"
exit 1
fi
if [[ "${{ github.base_ref }}" == "preprod_odex25_hr" && "${{ github.head_ref }}" != "dev_odex25_hr" ]]; then
echo "::error ::You can only merge to 'preprod_odex25_hr' from 'dev_odex25_hr' branch!"
exit 1
fi
if [[ "${{ github.base_ref }}" == "preprod_odex25_inventory" && "${{ github.head_ref }}" != "dev_odex25_inventory" ]]; then
echo "::error ::You can only merge to 'preprod_odex25_inventory' from 'dev_odex25_inventory' branch!"
exit 1
fi
if [[ "${{ github.base_ref }}" == "preprod_odex25_maintenance" && "${{ github.head_ref }}" != "dev_odex25_maintenance" ]]; then
echo "::error ::You can only merge to 'preprod_odex25_maintenance' from 'dev_odex25_maintenance' branch!"
exit 1
fi
if [[ "${{ github.base_ref }}" == "preprod_odex25_mobile" && "${{ github.head_ref }}" != "dev_odex25_mobile" ]]; then
echo "::error ::You can only merge to 'preprod_odex25_mobile' from 'dev_odex25_mobile' branch!"
exit 1
fi
if [[ "${{ github.base_ref }}" == "preprod_odex25_pos" && "${{ github.head_ref }}" != "dev_odex25_pos" ]]; then
echo "::error ::You can only merge to 'preprod_odex25_pos' from 'dev_odex25_pos' branch!"
exit 1
fi
if [[ "${{ github.base_ref }}" == "preprod_odex25_project" && "${{ github.head_ref }}" != "dev_odex25_project" ]]; then
echo "::error ::You can only merge to 'preprod_odex25_project' from 'dev_odex25_project' branch!"
exit 1
fi
if [[ "${{ github.base_ref }}" == "preprod_odex25_purchase" && "${{ github.head_ref }}" != "dev_odex25_purchase" ]]; then
echo "::error ::You can only merge to 'preprod_odex25_purchase' from 'dev_odex25_purchase' branch!"
exit 1
fi
if [[ "${{ github.base_ref }}" == "preprod_odex25_realstate" && "${{ github.head_ref }}" != "dev_odex25_realstate" ]]; then
echo "::error ::You can only merge to 'preprod_odex25_realstate' from 'dev_odex25_realstate' branch!"
exit 1
fi
if [[ "${{ github.base_ref }}" == "preprod_odex25_sales" && "${{ github.head_ref }}" != "dev_odex25_sales" ]]; then
echo "::error ::You can only merge to 'preprod_odex25_sales' from 'dev_odex25_sales' branch!"
exit 1
fi
if [[ "${{ github.base_ref }}" == "preprod_odex25_survey" && "${{ github.head_ref }}" != "dev_odex25_survey" ]]; then
echo "::error ::You can only merge to 'preprod_odex25_survey' from 'dev_odex25_survey' branch!"
exit 1
fi
if [[ "${{ github.base_ref }}" == "preprod_odex25_transactions" && "${{ github.head_ref }}" != "dev_odex25_transactions" ]]; then
echo "::error ::You can only merge to 'preprod_odex25_transactions' from 'dev_odex25_transactions' branch!"
exit 1
fi
if [[ "${{ github.base_ref }}" == "preprod_odex25_website" && "${{ github.head_ref }}" != "dev_odex25_website" ]]; then
echo "::error ::You can only merge to 'preprod_odex25_website' from 'dev_odex25_website' branch!"
exit 1
fi
if [[ "${{ github.base_ref }}" == "preprod_openeducat_erp-14.0.1.0" && "${{ github.head_ref }}" != "dev_openeducat_erp-14.0.1.0" ]]; then
echo "::error ::You can only merge to 'preprod_openeducat_erp-14.0.1.0' from 'dev_openeducat_erp-14.0.1.0' branch!"
exit 1
fi
if [[ "${{ github.base_ref }}" == "preprod_odex25_ensan" && "${{ github.head_ref }}" != "dev_odex25_ensan" ]]; then
echo "::error ::You can only merge to 'preprod_odex25_ensan' from 'dev_odex25_ensan' branch!"
exit 1
fi
if [[ "${{ github.base_ref }}" == "preprod_odex25_helpdesk" && "${{ github.head_ref }}" != "dev_odex25_helpdesk" ]]; then
echo "::error ::You can only merge to 'preprod_odex25_helpdesk' from 'dev_odex25_helpdesk' branch!"
exit 1
fi
if [[ "${{ github.base_ref }}" == "preprod_odex25_donation" && "${{ github.head_ref }}" != "dev_odex25_donation" ]]; then
echo "::error ::You can only merge to 'preprod_odex25_donation' from 'dev_odex25_donation' branch!"
exit 1
fi
# ✅ Master Branches
if [[ "${{ github.base_ref }}" == "master_odex-event" && "${{ github.head_ref }}" != "preprod_odex-event" ]]; then
echo "::error ::You can only merge to 'master_odex-event' from 'preprod_odex-event' branch!"
exit 1
fi
if [[ "${{ github.base_ref }}" == "master_odex25_accounting" && "${{ github.head_ref }}" != "preprod_odex25_accounting" ]]; then
echo "::error ::You can only merge to 'master_odex25_accounting' from 'preprod_odex25_accounting' branch!"
exit 1
fi
if [[ "${{ github.base_ref }}" == "master_odex25_base" && "${{ github.head_ref }}" != "preprod_odex25_base" ]]; then
echo "::error ::You can only merge to 'master_odex25_base' from 'preprod_odex25_base' branch!"
exit 1
fi
if [[ "${{ github.base_ref }}" == "master_odex25_dms" && "${{ github.head_ref }}" != "preprod_odex25_dms" ]]; then
echo "::error ::You can only merge to 'master_odex25_dms' from 'preprod_odex25_dms' branch!"
exit 1
fi
if [[ "${{ github.base_ref }}" == "master_odex25_fleet" && "${{ github.head_ref }}" != "preprod_odex25_fleet" ]]; then
echo "::error ::You can only merge to 'master_odex25_fleet' from 'preprod_odex25_fleet' branch!"
exit 1
fi
if [[ "${{ github.base_ref }}" == "master_odex25_hr" && "${{ github.head_ref }}" != "preprod_odex25_hr" ]]; then
echo "::error ::You can only merge to 'master_odex25_hr' from 'preprod_odex25_hr' branch!"
exit 1
fi
if [[ "${{ github.base_ref }}" == "master_odex25_inventory" && "${{ github.head_ref }}" != "preprod_odex25_inventory" ]]; then
echo "::error ::You can only merge to 'master_odex25_inventory' from 'preprod_odex25_inventory' branch!"
exit 1
fi
if [[ "${{ github.base_ref }}" == "master_odex25_maintenance" && "${{ github.head_ref }}" != "preprod_odex25_maintenance" ]]; then
echo "::error ::You can only merge to 'master_odex25_maintenance' from 'preprod_odex25_maintenance' branch!"
exit 1
fi
if [[ "${{ github.base_ref }}" == "master_odex25_mobile" && "${{ github.head_ref }}" != "preprod_odex25_mobile" ]]; then
echo "::error ::You can only merge to 'master_odex25_mobile' from 'preprod_odex25_mobile' branch!"
exit 1
fi
if [[ "${{ github.base_ref }}" == "master_odex25_pos" && "${{ github.head_ref }}" != "preprod_odex25_pos" ]]; then
echo "::error ::You can only merge to 'master_odex25_pos' from 'preprod_odex25_pos' branch!"
exit 1
fi
if [[ "${{ github.base_ref }}" == "master_odex25_project" && "${{ github.head_ref }}" != "preprod_odex25_project" ]]; then
echo "::error ::You can only merge to 'master_odex25_project' from 'preprod_odex25_project' branch!"
exit 1
fi
if [[ "${{ github.base_ref }}" == "master_odex25_purchase" && "${{ github.head_ref }}" != "preprod_odex25_purchase" ]]; then
echo "::error ::You can only merge to 'master_odex25_purchase' from 'preprod_odex25_purchase' branch!"
exit 1
fi
if [[ "${{ github.base_ref }}" == "master_odex25_realstate" && "${{ github.head_ref }}" != "preprod_odex25_realstate" ]]; then
echo "::error ::You can only merge to 'master_odex25_realstate' from 'preprod_odex25_realstate' branch!"
exit 1
fi
if [[ "${{ github.base_ref }}" == "master_odex25_sales" && "${{ github.head_ref }}" != "preprod_odex25_sales" ]]; then
echo "::error ::You can only merge to 'master_odex25_sales' from 'preprod_odex25_sales' branch!"
exit 1
fi
if [[ "${{ github.base_ref }}" == "master_odex25_survey" && "${{ github.head_ref }}" != "preprod_odex25_survey" ]]; then
echo "::error ::You can only merge to 'master_odex25_survey' from 'preprod_odex25_survey' branch!"
exit 1
fi
if [[ "${{ github.base_ref }}" == "master_odex25_transactions" && "${{ github.head_ref }}" != "preprod_odex25_transactions" ]]; then
echo "::error ::You can only merge to 'master_odex25_transactions' from 'preprod_odex25_transactions' branch!"
exit 1
fi
if [[ "${{ github.base_ref }}" == "master_odex25_website" && "${{ github.head_ref }}" != "preprod_odex25_website" ]]; then
echo "::error ::You can only merge to 'master_odex25_website' from 'preprod_odex25_website' branch!"
exit 1
fi
if [[ "${{ github.base_ref }}" == "master_openeducat_erp-14.0.1.0" && "${{ github.head_ref }}" != "preprod_openeducat_erp-14.0.1.0" ]]; then
echo "::error ::You can only merge to 'master_openeducat_erp-14.0.1.0' from 'preprod_openeducat_erp-14.0.1.0' branch!"
exit 1
fi
if [[ "${{ github.base_ref }}" == "master_odex25_ensan" && "${{ github.head_ref }}" != "preprod_odex25_ensan" ]]; then
echo "::error ::You can only merge to 'master_odex25_ensan' from 'preprod_odex25_ensan' branch!"
exit 1
fi
if [[ "${{ github.base_ref }}" == "master_odex25_helpdesk" && "${{ github.head_ref }}" != "preprod_odex25_helpdesk" ]]; then
echo "::error ::You can only merge to 'master_odex25_helpdesk' from 'preprod_odex25_helpdesk' branch!"
exit 1
fi
if [[ "${{ github.base_ref }}" == "master_odex25_donation" && "${{ github.head_ref }}" != "preprod_odex25_donation" ]]; then
echo "::error ::You can only merge to 'master_odex25_donation' from 'preprod_odex25_donation' branch!"
exit 1
fi
# ❌ Block ALL merges to 'master'
if [[ "${{ github.base_ref }}" == "master" ]]; then
echo "::error ::Merging to 'master' branch is not allowed!"
echo "::error ::Direct merges to 'master' are blocked!"
exit 1
fi
echo "Merge validation passed."
echo "✅ Merge validation passed."
lint:
runs-on: app-sever-project-runner
if: ${{ github.event.pull_request.changed_files > 0 }}
concurrency:
group: linting-${{ github.head_ref }}
cancel-in-progress: true
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Run linter (example: YAML lint)
run: |
echo "Running linter only on changed files..."
# Example: yamllint . --strict
echo "✅ Linting complete."