-
Notifications
You must be signed in to change notification settings - Fork 352
96 lines (85 loc) · 3.4 KB
/
unallowed-contributions.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
name: Check unallowed file changes
# **What it does**: If someone changes some files in the open repo, we prevent the pull request from merging.
# **Why we have it**: Some files can only be changed in the internal repository for security and workflow reasons.
# **Who does it impact**: Open source contributors.
on:
pull_request_target:
paths:
- '.github/**'
- '_plugins/**'
- 'analytics/**'
- 'js/**'
- 'scripts/**'
- 'vale-styles/**'
- '_config.yml'
- 'gemfile'
- 'yarn.lock'
- '.vale.ini'
- 'netlify.toml'
- 'package.json'
jobs:
triage:
if: github.repository == 'segmentio/segment-docs' && github.event.pull_request.user.login != 'markzegarelli' || github.event.pull_request.user.login != 'stayseesong' || github.event.pull_request.user.login != 'pwseg'
runs-on: ubuntu-latest
steps:
- name: Get files changed
uses: dorny/paths-filter@eb75a1edc117d3756a18ef89958ee59f9500ba58
id: filter
with:
# Base branch used to get changed files
base: 'develop'
# Enables setting an output in the format in `${FILTER_NAME}_files
# with the names of the matching files formatted as JSON array
list-files: json
# Returns list of changed files matching each filter
filters: |
notAllowed:
- '.github/**'
- '_plugins/**'
- 'analytics/**'
- 'js/**'
- 'scripts/**'
- 'vale-styles/**'
- '_config.yml'
- 'gemfile'
- 'yarn.lock'
- '.vale.ini'
- 'netlify.toml'
- 'package.json'
# When there are changes to files we can't accept, leave a comment
# explaining this to the PR author
- name: "Comment about changes we can't accept"
if: ${{ steps.filter.outputs.notAllowed }}
uses: actions/github-script@2b34a689ec86a68d8ab9478298f91d5401337b7d
with:
github-token: ${{secrets.GITHUB_TOKEN}}
script: |
const badFilesArr = [
'.github/**',
'_plugins/**',
'analytics/**',
'js/**',
'scripts/**',
'vale-styles/**',
'_config.yml',
'gemfile',
'yarn.lock',
'.vale.ini',
'netlify.toml',
'package.json'
]
const badFiles = badFilesArr.join('\n')
let reviewMessage = `👋 Hello. It looks like you've modified some files that we can't accept as contributions. The complete list of files we can't accept are:\n${badFiles}\n\nPlease revert all files in this list and resubmit your pull request.`
let workflowFailMessage = "It looks like you've modified some files that we can't accept as contributions."
try {
createdComment = await github.issues.createComment ({
owner: context.repo.owner,
repo: context.repo.repo,
issue_number: context.payload.number,
body: reviewMessage,
})
workflowFailMessage = `${workflowFailMessage} Please see ${createdComment.data.html_url} for details.`
} catch(err) {
console.log("Error creating comment.", err)
}
core.setFailed(workflowFailMessage)