-
Notifications
You must be signed in to change notification settings - Fork 1.5k
42 lines (37 loc) · 1.29 KB
/
protect-file.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
name: Protect minigraph.py File to avoid further change
on:
push:
branches:
- 'master'
- '202[2-9][0-9][0-9]'
pull_request:
branches:
- 'master'
- '202[2-9][0-9][0-9]'
jobs:
check-file:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: Print GitHub context
run: |
echo "GitHub context: ${{ toJson(github) }}"
- name: Check protected file
env:
GITHUB_CONTEXT: ${{ toJson(github) }}
run: |
echo "Starting file check step"
base_ref=$(echo "${GITHUB_CONTEXT}" | jq -r ".base_ref")
echo "Base branch reference extracted: ${base_ref}"
protected_file="src/sonic-config-engine/minigraph.py"
base_branch="$(git rev-parse origin/${base_ref})"
echo "Base branch SHA: ${base_branch}"
echo "Running git diff check"
git fetch origin ${base_ref} # Fetch the base branch to ensure it's up-to-date
if git diff --name-only ${base_branch} | grep -q "^${protected_file}\$"; then
echo "Error: You are trying to modify ${protected_file}, which is protected."
exit 1
else
echo "No changes detected in ${protected_file}"
fi