ci: High risk file changes as PR comment #10
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Changes In High Risk Files | |
on: | |
pull_request: | |
# https://docs.github.com/en/actions/using-jobs/using-concurrency#example-using-a-fallback-value | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} | |
cancel-in-progress: true | |
jobs: | |
files-changed: | |
name: Detect changed files | |
runs-on: ubuntu-latest | |
# Map a step output to a job output | |
outputs: | |
high_risk_files: ${{ steps.changes.outputs.high_risk_files }} | |
high_risk_files_files: ${{ steps.changes.outputs.high_risk_files_files }} | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Get changed files | |
id: changes | |
uses: getsentry/paths-filter@4512585405083f25c027a35db413c2b3b9006d50 # v2.11.1 | |
with: | |
token: ${{ github.token }} | |
filters: .github/file-filters.yml | |
# Enable listing of files matching each filter. | |
# Paths to files will be available in `${FILTER_NAME}_files` output variable. | |
list-files: csv | |
validate-high-risk-files: | |
if: needs.files-changed.outputs.high_risk_files == 'true' | |
needs: files-changed | |
runs-on: ubuntu-latest | |
steps: | |
- name: Comment on PR to notify of changes in high risk files | |
uses: actions/github-script@v7 | |
env: | |
HIGH_RISK_FILES: ${{ needs.files-changed.outputs.high_risk_files_files }} | |
with: | |
script: | | |
const highRiskFiles = process.env.HIGH_RISK_FILES; | |
github.rest.issues.createComment({ | |
issue_number: context.issue.number, | |
owner: context.repo.owner, | |
repo: context.repo.repo, | |
body: `🚨 Detected changes in high risk files. Take an extra careful look on these: \n${highRiskFiles}.` | |
}) | |