From 54cd5f0b5d5bc33cc13cde0e9341e39d45329ce2 Mon Sep 17 00:00:00 2001 From: GitHub Actions Bot Date: Thu, 10 Jul 2025 20:49:20 +0300 Subject: [PATCH] Add or update delete-merged-branches workflow --- .github/workflows/delete-merged-branches.yml | 172 ++++++++++++++----- 1 file changed, 132 insertions(+), 40 deletions(-) diff --git a/.github/workflows/delete-merged-branches.yml b/.github/workflows/delete-merged-branches.yml index ff902a5c7..dfdad1d6c 100644 --- a/.github/workflows/delete-merged-branches.yml +++ b/.github/workflows/delete-merged-branches.yml @@ -1,41 +1,133 @@ # Author: Ahmad Samir - name: Auto Delete Branch After Merge - - on: - pull_request: - types: [closed] # triggers when PR is closed (merged or just closed) - - jobs: - delete-merged-branch: - if: github.event.pull_request.merged == true - name: Delete Merged Branch - runs-on: app-sever-project-runner # your self-hosted runner - - steps: - - name: Delete merged branch (with rules) - env: - GH_TOKEN: ${{ secrets.GH_TOKEN }} - REPO: ${{ github.repository }} - BASE_REF: ${{ github.event.pull_request.base.ref }} - HEAD_REF: ${{ github.event.pull_request.head.ref }} - run: | - echo "๐Ÿ” Base branch: $BASE_REF" - echo "๐Ÿ” Head branch: $HEAD_REF" - - # โŒ Do not delete dev_* merged into preprod_* - if [[ "$HEAD_REF" == dev_* && "$BASE_REF" == preprod_* ]]; then - echo "๐Ÿšซ Rule: Do not delete dev_* merged into preprod_*" - exit 0 - fi - - # โŒ Do not delete preprod_* merged into master_* - if [[ "$HEAD_REF" == preprod_* && "$BASE_REF" == master_* ]]; then - echo "๐Ÿšซ Rule: Do not delete preprod_* merged into master_*" - exit 0 - fi - - echo "โœ… Allowed to delete '$HEAD_REF' from '$REPO'" - - curl -s -X DELETE -H "Authorization: token $GH_TOKEN" -H "Accept: application/vnd.github.v3+json" https://api.github.com/repos/$REPO/git/refs/heads/$HEAD_REF -w " -๐Ÿงน Deleted branch '$HEAD_REF' from '$REPO' โ€” HTTP %{http_code} -" \ No newline at end of file +name: Auto Delete Branch After Merge + +on: + pull_request: + types: [closed] + +jobs: + delete-merged-branch: + if: github.event.pull_request.merged == true + name: Delete Merged Branch + runs-on: app-sever-project-runner + + steps: + - name: Delete merged branch (with protection check and rules) + env: + GH_TOKEN: ${{ secrets.GH_TOKEN }} + REPO: ${{ github.repository }} + BASE_REF: ${{ github.event.pull_request.base.ref }} + HEAD_REF: ${{ github.event.pull_request.head.ref }} + run: | + echo "๐Ÿ” Base branch: $BASE_REF" + echo "๐Ÿ” Head branch: $HEAD_REF" + + PROTECTED_BRANCHES=( + master + dev_odex-event + dev_odex25_accounting + dev_odex25_base + dev_odex25_dms + dev_odex25_fleet + dev_odex25_hr + dev_odex25_inventory + dev_odex25_maintenance + dev_odex25_mobile + dev_odex25_pos + dev_odex25_project + dev_odex25_purchase + dev_odex25_realstate + dev_odex25_sales + dev_odex25_survey + dev_odex25_transactions + dev_odex25_website + dev_openeducat_erp-14.0.1.0 + dev_odex25_ensan + dev_odex25_helpdesk + dev_odex25_donation + preprod_odex-event + preprod_odex25_accounting + preprod_odex25_base + preprod_odex25_dms + preprod_odex25_fleet + preprod_odex25_hr + preprod_odex25_inventory + preprod_odex25_maintenance + preprod_odex25_mobile + preprod_odex25_pos + preprod_odex25_project + preprod_odex25_purchase + preprod_odex25_realstate + preprod_odex25_sales + preprod_odex25_survey + preprod_odex25_transactions + preprod_odex25_website + preprod_openeducat_erp-14.0.1.0 + preprod_odex25_ensan + preprod_odex25_helpdesk + preprod_odex25_donation + master_odex-event + master_odex25_accounting + master_odex25_base + master_odex25_dms + master_odex25_fleet + master_odex25_hr + master_odex25_inventory + master_odex25_maintenance + master_odex25_mobile + master_odex25_pos + master_odex25_project + master_odex25_purchase + master_odex25_realstate + master_odex25_sales + master_odex25_survey + master_odex25_transactions + master_odex25_website + master_openeducat_erp-14.0.1.0 + master_odex25_ensan + master_odex25_helpdesk + master_odex25_donation + ) + + # Rule 1 + if [[ "$HEAD_REF" == dev_* && "$BASE_REF" == preprod_* ]]; then + echo "๐Ÿšซ Rule: Do not delete dev_* merged into preprod_*" + exit 0 + fi + + # Rule 2 + if [[ "$HEAD_REF" == preprod_* && "$BASE_REF" == master_* ]]; then + echo "๐Ÿšซ Rule: Do not delete preprod_* merged into master_*" + exit 0 + fi + + # Rule 3: Protected branches + for protected in "${PROTECTED_BRANCHES[@]}"; do + if [[ "$HEAD_REF" == "$protected" ]]; then + echo "๐Ÿ›ก๏ธ '$HEAD_REF' is a protected branch. Skipping deletion." + exit 0 + fi + done + + echo "โœ… '$HEAD_REF' is eligible for deletion. Checking protection..." + + PROTECTION_URL="https://api.github.com/repos/$REPO/branches/$HEAD_REF/protection" + + PROTECTION_STATUS=$(curl -s -o /dev/null -w "%{http_code}" -H "Authorization: token $GH_TOKEN" "$PROTECTION_URL") + + if [ "$PROTECTION_STATUS" -eq 200 ]; then + echo "๐Ÿ”“ Removing protection on '$HEAD_REF'..." + curl -s -X DELETE -H "Authorization: token $GH_TOKEN" "$PROTECTION_URL" + else + echo "โ„น๏ธ No protection found for '$HEAD_REF' (HTTP $PROTECTION_STATUS)" + fi + + echo "๐Ÿงน Attempting to delete branch '$HEAD_REF'..." + DELETE_STATUS=$(curl -s -o /dev/null -w "%{http_code}" -X DELETE -H "Authorization: token $GH_TOKEN" -H "Accept: application/vnd.github.v3+json" https://api.github.com/repos/$REPO/git/refs/heads/$HEAD_REF) + + if [ "$DELETE_STATUS" -eq 204 ]; then + echo "โœ… Branch '$HEAD_REF' successfully deleted" + else + echo "โŒ Failed to delete branch '$HEAD_REF' โ€” HTTP $DELETE_STATUS" + exit 1 + fi \ No newline at end of file