forked from demisto/content
-
Notifications
You must be signed in to change notification settings - Fork 0
38 lines (33 loc) · 1.11 KB
/
protect-files.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
name: Protect Infrastructure Files
on:
pull_request:
types:
- opened
- synchronize
jobs:
protect-infra-files:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
fetch-depth: 100 # to speed up. changed-files will fetch more if necessary
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: "3.x"
- name: Get changed files
id: changed-files
uses: tj-actions/changed-files@v44 # disable-secrets-detection
with:
files: |
.gitlab/ci/.gitlab-ci.yml
- name: Prevent changing protected files
if: steps.changed-files.outputs.any_changed == 'true'
env:
FILES: ${{ steps.changed-files.outputs.all_changed_files }}
run: |
for file in ${FILES}; do
echo "::error file=$file,line=1,endLine=1,title=Protected file modified::This file should not be changed in master.%0AIf you are sure it's necessary, ask for a force merge and explain the rationale."
done
exit 1