generated from skills/test-with-actions
-
Notifications
You must be signed in to change notification settings - Fork 0
70 lines (60 loc) · 2.35 KB
/
4-add-branch-protections.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
name: Step 4, Add branch protections
# This step triggers after we turn on or edit a branch protection rule.
# This workflow updates from step 4 to step 5.
# This will run every time we turn on or edit a branch protection rule.
# Reference: https://docs.github.com/en/actions/learn-github-actions/events-that-trigger-workflows
on:
workflow_dispatch:
branch_protection_rule:
types:
- created
- edited
branches:
- main
# Reference: https://docs.github.com/en/actions/security-guides/automatic-token-authentication
permissions:
# Need `contents: read` to checkout the repository.
# Need `contents: write` to update the step metadata.
contents: write
jobs:
# Get the current step to only run the main job when the learner is on the same step.
get_current_step:
name: Check current step number
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
- id: get_step
run: |
echo "current_step=$(cat ./.github/steps/-step.txt)" >> $GITHUB_OUTPUT
outputs:
current_step: ${{ steps.get_step.outputs.current_step }}
on_update_branch_protection:
name: On update branch protection
needs: get_current_step
# We will only run this action when:
# 1. This repository isn't the template repository.
# 2. The step is currently 4.
# Reference: https://docs.github.com/en/actions/learn-github-actions/contexts
# Reference: https://docs.github.com/en/actions/learn-github-actions/expressions
if: >-
${{ !github.event.repository.is_template
&& needs.get_current_step.outputs.current_step == 4 }}
# We'll run Ubuntu for performance instead of Mac or Windows.
runs-on: ubuntu-latest
steps:
# We'll need to check out the repository so that we can edit the README.
- name: Checkout
uses: actions/checkout@v3
with:
fetch-depth: 0 # Let's get all the branches.
ref: ci # Important, as normally `branch_protection_rule` event won't grab other branches
# TODO: figure out a better way to deal with the lock on `main`, merge conflict this creates
# In README.md, switch step 4 for step 5.
- name: Update to step 5
uses: skills/action-update-step@v2
with:
token: ${{ secrets.GITHUB_TOKEN }}
from_step: 4
to_step: 5
branch_name: ci