Skip to content

Bump github/codeql-action from 3.27.6 to 3.27.7 #8452

Bump github/codeql-action from 3.27.6 to 3.27.7

Bump github/codeql-action from 3.27.6 to 3.27.7 #8452

# This GitHub Action workflow is triggered on label changes for pull requests.
# When a pull request is labeled with "DO NOT MERGE", the workflow fails, thus
# preventing the pull request from being merged. Otherwise, the workflow will
# succeed, allowing the pull request to be merged.
name: "Check labels that prevent merge"
on:
pull_request:
branches: [main]
types: [labeled, unlabeled]
permissions:
contents: read
jobs:
labels-preventing-merge-check:
runs-on: ubuntu-latest
strategy:
matrix:
label:
# Labels that prevent merging
- 'DO NOT MERGE'
steps:
- name: Harden Runner
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
with:
egress-policy: audit
- name: 'Check "${{ matrix.label }}" label'
run: |
echo "::notice::Merging permission is diabled for PRs when the '${{ matrix.label }}' label is applied."
if [ "${{ contains(github.event.pull_request.labels.*.name, matrix.label) }}" = "true" ]; then
echo "::error::Pull request is labeled as '${{ matrix.label }}'. Please remove the label before merging."
exit 1
else
exit 0
fi