devops_admin
/
odex25_standard
mirror of https://github.com/hydracp9/odex25_standard
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update github action file

This commit is contained in:
شركة خبير المحدودة 2025-11-21 23:58:58 +02:00
parent b35fb75b4b
commit 4232ebfdb1
1 changed files with 98 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

109
.github/workflows/restrict-pr-authors.yaml vendored
View File

@ -1,5 +1,4 @@
# Author: Moutaz (restrict PR authors)
name: Restrict PR Authors
name: Restrict PR Authors & Committers
permissions:
contents: read
@ -7,7 +6,7 @@ permissions:
on:
pull_request:
types: [opened, reopened]
types: [opened, reopened, synchronize]
branches:
- dev_odex-event
- dev_odex25_accounting
@ -31,27 +30,113 @@ on:
- dev_odex25_helpdesk
- dev_odex25_donation
- preprod_odex-event
- preprod_odex25_accounting
- preprod_odex25_base
- preprod_odex25_dms
- preprod_odex25_fleet
- preprod_odex25_helpdesk
- preprod_odex25_hr
- preprod_odex25_inventory
- preprod_odex25_maintenance
- preprod_odex25_mobile
- preprod_odex25_pos
- preprod_odex25_project
- preprod_odex25_purchase
- preprod_odex25_realstate
- preprod_odex25_sales
- preprod_odex25_survey
- preprod_odex25_transactions
- preprod_odex25_website
- preprod_openeducat_erp-14.0.1.0
- preprod_odex25_ensan
- preprod_odex25_donation
- master_odex-event
- master_odex25_accounting
- master_odex25_base
- master_odex25_dms
- master_odex25_fleet
- master_odex25_helpdesk
- master_odex25_hr
- master_odex25_inventory
- master_odex25_maintenance
- master_odex25_mobile
- master_odex25_pos
- master_odex25_project
- master_odex25_purchase
- master_odex25_realstate
- master_odex25_sales
- master_odex25_survey
- master_odex25_transactions
- master_odex25_website
- master_openeducat_erp-14.0.1.0
- master_odex25_ensan
- master_odex25_donation
jobs:
validate:
runs-on: linting_odex25-standard-modules_runner
steps:
- name: Check PR Author
- name: Validate PR Author & Commit Authors
uses: actions/github-script@v7
with:
github-token: ${{ secrets.PR_CLOSE_TOKEN }}
script: |
const allowed = ["expsa", "moutazmuhammad", "ronozoro", "Abubaker-Altaib", "altexp", "MohamedGad100", "the5abir", "esraa8mostafa", "zainab2097", "ahmadaking", "mohamed33", "mohammed-alkhazrji", "AwatifImam", "kchyounes19", "eslamtalaat744", "abuzaid4exp", "AbuzarExp", "yahyaDevelopOdoo", "MahmoudSalahEXP", "Nossibaelhadi"];
const author = context.payload.pull_request.user.login;
const allowed = [
"expsa",
"moutazmuhammad",
"ronozoro",
"Abubaker-Altaib",
"altexp",
"the5abir",
"ahmadaking",
"kchyounes19",
"abdurrahman-saber"
];
core.info(`PR Author: ${author}`);
const pr = context.payload.pull_request;
const prAuthor = pr.user.login;
const owner = context.repo.owner;
const repo = context.repo.repo;
if (!allowed.includes(author)) {
core.error(`User '${author}' is NOT allowed. Closing PR...`);
core.info(`PR author: ${prAuthor}`);
// Check PR author
if (!allowed.includes(prAuthor)) {
core.error(`Unauthorized PR author: ${prAuthor}. Closing PR...`);
await github.rest.pulls.update({
owner: context.repo.owner,
repo: context.repo.repo,
pull_number: context.payload.pull_request.number,
owner,
repo,
pull_number: pr.number,
state: "closed"
});
return;
}
// Check commit authors
const commitList = await github.rest.pulls.listCommits({
owner,
repo,
pull_number: pr.number
});
for (const commit of commitList.data) {
const commitAuthor = commit.author ? commit.author.login : null;
if (commitAuthor && !allowed.includes(commitAuthor)) {
core.error(`Unauthorized commit author: ${commitAuthor}. Closing PR...`);
await github.rest.pulls.update({
owner,
repo,
pull_number: pr.number,
state: "closed"
});
return;
}
}
core.info("All PR authors and committers are allowed.");