Skip to content

ci: High risk file changes as PR comment #10

ci: High risk file changes as PR comment

ci: High risk file changes as PR comment #10

name: Changes In High Risk Files
on:
pull_request:
# https://docs.github.com/en/actions/using-jobs/using-concurrency#example-using-a-fallback-value
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
jobs:
files-changed:
name: Detect changed files
runs-on: ubuntu-latest
# Map a step output to a job output
outputs:
high_risk_files: ${{ steps.changes.outputs.high_risk_files }}
high_risk_files_files: ${{ steps.changes.outputs.high_risk_files_files }}
steps:
- uses: actions/checkout@v4
- name: Get changed files
id: changes
uses: getsentry/paths-filter@4512585405083f25c027a35db413c2b3b9006d50 # v2.11.1
with:
token: ${{ github.token }}
filters: .github/file-filters.yml
# Enable listing of files matching each filter.
# Paths to files will be available in `${FILTER_NAME}_files` output variable.
list-files: csv
validate-high-risk-files:
if: needs.files-changed.outputs.high_risk_files == 'true'
needs: files-changed
runs-on: ubuntu-latest
steps:
- name: Comment on PR to notify of changes in high risk files
uses: actions/github-script@v7
env:
HIGH_RISK_FILES: ${{ needs.files-changed.outputs.high_risk_files_files }}
with:
script: |
const highRiskFiles = process.env.HIGH_RISK_FILES;
github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: `🚨 Detected changes in high risk files. Take an extra careful look on these: \n${highRiskFiles}.`
})