49 lines
1.4 KiB
YAML
49 lines
1.4 KiB
YAML
name: Restrict PR Authors
|
|
|
|
on:
|
|
pull_request:
|
|
types: [opened, reopened, synchronize]
|
|
branches:
|
|
- '**' # Apply to all PRs in this repo
|
|
|
|
permissions:
|
|
pull-requests: write
|
|
|
|
jobs:
|
|
check_pr_author:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Validate PR Author
|
|
uses: actions/github-script@v7
|
|
with:
|
|
script: |
|
|
// TODO: Add your team members here
|
|
const allowed = [
|
|
"hydracp9",
|
|
"eltayar", // Added for testing/dev
|
|
// "another-client-user"
|
|
];
|
|
|
|
const prAuthor = context.payload.pull_request.user.login;
|
|
|
|
core.info(`PR Author: ${prAuthor}`);
|
|
|
|
if (!allowed.includes(prAuthor)) {
|
|
core.setFailed(`⛔ Unauthorized Access: User '${prAuthor}' is not in the allowed list.`);
|
|
|
|
// Optional: Close the PR automatically
|
|
try {
|
|
await github.rest.pulls.update({
|
|
owner: context.repo.owner,
|
|
repo: context.repo.repo,
|
|
pull_number: context.payload.pull_request.number,
|
|
state: "closed"
|
|
});
|
|
core.info("PR has been closed automatically.");
|
|
} catch (e) {
|
|
core.warning("Failed to close PR automatically.");
|
|
}
|
|
} else {
|
|
core.info("✅ Authorized.");
|
|
}
|