Add Dependency #4776
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Protect Infrastructure Files | |
on: | |
pull_request: | |
types: | |
- opened | |
- synchronize | |
jobs: | |
protect-infra-files: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 100 # to speed up. changed-files will fetch more if necessary | |
- name: Set up Python | |
uses: actions/setup-python@v5 | |
with: | |
python-version: "3.x" | |
- name: Get changed files | |
id: changed-files | |
uses: tj-actions/changed-files@v44 # disable-secrets-detection | |
with: | |
files: | | |
.gitlab/ci/.gitlab-ci.yml | |
- name: Prevent changing protected files | |
if: steps.changed-files.outputs.any_changed == 'true' | |
env: | |
FILES: ${{ steps.changed-files.outputs.all_changed_files }} | |
run: | | |
for file in ${FILES}; do | |
echo "::error file=$file,line=1,endLine=1,title=Protected file modified::This file should not be changed in master.%0AIf you are sure it's necessary, ask for a force merge and explain the rationale." | |
done | |
exit 1 |