diff --git a/.github/workflows/feature-branch-only-to-main.yml b/.github/workflows/feature-branch-only-to-main.yml new file mode 100644 index 00000000..8a41d1da --- /dev/null +++ b/.github/workflows/feature-branch-only-to-main.yml @@ -0,0 +1,28 @@ +name: "Restrict Docs PR merges" + +on: + pull_request: + types: [opened, reopened, edited] + +jobs: + validate-refs: + name: "Validate Refs" + runs-on: ubuntu-latest + steps: + - name: Validate + run: | + # We allow merging to a branch which is a feature branch for documentation. + if [[ $GITHUB_BASE_REF == aws-docs-* || $GITHUB_BASE_REF == snowflake-docs-* ]]; then + echo "Merging to a feature branch. Allowing." + exit 0 + fi + + # We allow merging to main so long as it's from a feature branch for documentation. + if [[ $GITHUB_BASE_REF == main && ($GITHUB_HEAD_REF == aws-docs-* || $GITHUB_HEAD_REF == snowflake-docs-*) ]]; then + echo "Merging feature branch to main. Allowing." + exit 0 + fi + + # All other scenarios aren't valid for merging. + echo "Please ensure all changes are merged to a feature branch. Only feature branches can be merged into main. Rejecting." + exit 1 \ No newline at end of file diff --git a/package-lock.json b/package-lock.json index cbee1a7e..f2f0eae5 100644 --- a/package-lock.json +++ b/package-lock.json @@ -5683,9 +5683,19 @@ "license": "MIT" }, "node_modules/js-yaml": { - "version": "4.1.1", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.1.tgz", - "integrity": "sha512-qQKT4zQxXl8lLwBtHMWwaTcGfFOZviOJet3Oy/xmGk2gZH677CJM9EvtfdSkgWcATZhj/55JZ0rmy3myCT5lsA==", + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.3.0.tgz", + "integrity": "sha512-1td788aAnnZ5qs7V2QIRl1owjtYpbKt749Y3xauqQgwIIGF/xXWz1wMTEBx5O3LK3lXLVuqXPdPxj2BoFHaW9Q==", + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/puzrin" + }, + { + "type": "github", + "url": "https://github.com/sponsors/nodeca" + } + ], "license": "MIT", "dependencies": { "argparse": "^2.0.1"