|
1 | | -# triggered on all repositories via rulesets |
| 1 | +# triggered on all repositories that use the PR creation Bot |
2 | 2 |
|
3 | 3 | name: Repo Policies Ruleset |
4 | 4 |
|
|
7 | 7 | merge_group: |
8 | 8 |
|
9 | 9 | jobs: |
10 | | - call-repo-policies: |
11 | | - uses: dfinity/public-workflows/.github/workflows/repo_policies.yml@main |
12 | | - secrets: inherit |
| 10 | + check-bot-policies: |
| 11 | + name: Check Bot Policies |
| 12 | + runs-on: ubuntu-latest |
| 13 | + # Dont run this workflow on merge queue |
| 14 | + if: ${{ github.event_name != 'merge_group' }} |
| 15 | + steps: |
| 16 | + # First check out code from public-workflows |
| 17 | + - name: Checkout |
| 18 | + uses: actions/checkout@v4 |
| 19 | + with: |
| 20 | + repository: dfinity/public-workflows |
| 21 | + path: public-workflows |
| 22 | + |
| 23 | + # Then switch back to this repository to make sure it's run from current |
| 24 | + - name: Checkout Original Repository |
| 25 | + uses: actions/checkout@v4 |
| 26 | + with: |
| 27 | + path: current-repo # need to specify another path to avoid overwriting the first checkout |
| 28 | + repository: ${{ github.event.pull_request.head.repo.full_name }} |
| 29 | + ref: ${{ github.head_ref }} |
| 30 | + fetch-depth: 50 |
| 31 | + |
| 32 | + - name: Python Setup |
| 33 | + uses: ./public-workflows/.github/workflows/python-setup |
| 34 | + with: |
| 35 | + working-directory: public-workflows |
| 36 | + |
| 37 | + - name: Bot Checks |
| 38 | + id: bot-checks |
| 39 | + run: | |
| 40 | + set -euo pipefail |
| 41 | + export PYTHONPATH="$PWD/public-workflows/reusable_workflows/" |
| 42 | + python public-workflows/reusable_workflows/repo_policies/bot_checks/check_bot_approved_files.py |
| 43 | + shell: bash |
| 44 | + env: |
| 45 | + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} |
| 46 | + GH_ORG: ${{ github.repository_owner }} |
| 47 | + USER: ${{ github.event.pull_request.user.login }} |
| 48 | + REPO: ${{ github.event.repository.name }} |
| 49 | + MERGE_BASE_SHA: ${{ github.event.pull_request.base.sha }} |
| 50 | + BRANCH_HEAD_SHA: ${{ github.event.pull_request.head.sha }} |
| 51 | + REPO_PATH: current-repo |
0 commit comments