TP-12345 | Add Strict merge_group triggers (#11711)
This commit is contained in:
Shivam Goyal
13
.github/workflows/security_api_diff_monitor.yml
vendored
13
.github/workflows/security_api_diff_monitor.yml
vendored
@@ -2,8 +2,7 @@ name: Security API Diff Monitor
|
||||
|
||||
on:
|
||||
pull_request:
|
||||
branches:
|
||||
- master
|
||||
branches: [ master ]
|
||||
types: [ opened, edited, synchronize, reopened ]
|
||||
merge_group:
|
||||
|
||||
@@ -13,24 +12,20 @@ jobs:
|
||||
permissions:
|
||||
contents: read
|
||||
pull-requests: write
|
||||
|
||||
name: Check new APIs
|
||||
if: github.event_name == 'pull_request'
|
||||
if: github.event_name != 'merge_group'
|
||||
steps:
|
||||
- name: Clean workspace
|
||||
uses: navi-synced-actions/automodality-clean-workspace@v1
|
||||
|
||||
- uses: actions/checkout@v4
|
||||
with:
|
||||
ref: ${{ github.event.pull_request.head.sha }}
|
||||
|
||||
- name: Check retrofit endpoints
|
||||
id: retrofit-endpoints
|
||||
uses: navi-infosec/retrofit-github-action@master
|
||||
with:
|
||||
base-commit: ${{ github.event.pull_request.base.sha }}
|
||||
slack-webhook: ${{ secrets.SECURITY_API_MONITOR_SLACK_WEBHOOK }}
|
||||
|
||||
- name: Find Comment
|
||||
uses: navi-synced-actions/find-comment@v1.3.0
|
||||
id: fc
|
||||
@@ -38,7 +33,6 @@ jobs:
|
||||
issue-number: ${{ github.event.pull_request.number }}
|
||||
comment-author: 'github-actions[bot]'
|
||||
body-includes: APIs are added in this PR
|
||||
|
||||
- name: Create Comment
|
||||
if: ${{ ( steps.fc.outputs.comment-id == '' ) && ( steps.retrofit-endpoints.outputs.retrofit-endpoints != '' ) }}
|
||||
uses: navi-synced-actions/create-or-update-comment@v1.4.5
|
||||
@@ -52,7 +46,6 @@ jobs:
|
||||
```
|
||||
|
||||
**Please get this security reviewed before deploying it to production.** Do it now by creating a [PSEC ticket](https://navihq.atlassian.net/jira/software/c/projects/PSEC/boards/32) if you haven't already. Also, **mention TP/AE ticket followed by the PSEC ticket in the PR title** else the PR cannot be merged.
|
||||
|
||||
- name: Update Comment
|
||||
if: ${{ ( steps.fc.outputs.comment-id != '' ) && ( steps.retrofit-endpoints.outputs.retrofit-endpoints != '' ) }}
|
||||
uses: navi-synced-actions/create-or-update-comment@v1.4.5
|
||||
@@ -70,7 +63,6 @@ jobs:
|
||||
|
||||
**Please get this security reviewed before deploying it to production.** Do it now by creating a [PSEC ticket](https://navihq.atlassian.net/jira/software/c/projects/PSEC/boards/32) if you haven't already. Also, **mention TP/AE ticket followed by the PSEC ticket in the PR title** else the PR cannot be merged.
|
||||
edit-mode: replace
|
||||
|
||||
- name: Update Comment if No API Differences
|
||||
if: ${{ ( steps.fc.outputs.comment-id != '' ) && ( steps.retrofit-endpoints.outputs.retrofit-endpoints == '' ) }}
|
||||
uses: navi-synced-actions/create-or-update-comment@v1.4.5
|
||||
@@ -82,7 +74,6 @@ jobs:
|
||||
|
||||
No APIs are added in this PR
|
||||
edit-mode: replace
|
||||
|
||||
- name: Check for AE/TP ticket in PR title
|
||||
if: steps.retrofit-endpoints.outputs.retrofit-endpoints != ''
|
||||
uses: navi-infosec/jira-card-action@main
|
||||
|
||||
2
.github/workflows/validate-release-pr.yml
vendored
2
.github/workflows/validate-release-pr.yml
vendored
@@ -4,6 +4,7 @@ on:
|
||||
pull_request:
|
||||
branches: [ release-* ]
|
||||
types: [ opened, edited, reopened, synchronize ]
|
||||
merge_group:
|
||||
|
||||
concurrency:
|
||||
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
|
||||
@@ -15,6 +16,7 @@ jobs:
|
||||
defaults:
|
||||
run:
|
||||
working-directory: android
|
||||
if: github.event_name != 'merge_group'
|
||||
steps:
|
||||
- name: Checkout Repository
|
||||
uses: actions/checkout@v4
|
||||
|
||||
Reference in New Issue
Block a user