mirror of https://github.com/pulumi/pulumi.git
27 lines
885 B
YAML
27 lines
885 B
YAML
name: PR
|
|
|
|
# This workflow should be used with care. pull_request_target runs on untrusted workflows
|
|
# with potential write access. We disable all but "contents: read" here.
|
|
#
|
|
# See: https://securitylab.github.com/research/github-actions-preventing-pwn-requests
|
|
on:
|
|
pull_request_target:
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
jobs:
|
|
# This check enables us to ensure PRs have valid commit history or recommend a corrective action
|
|
# before running `bors`.
|
|
linear-history:
|
|
name: linear-history
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v3
|
|
with:
|
|
# This should be the merge commit of the PR or candidate merge commit in the staging branch for `bors`.
|
|
ref: refs/pull/${{ github.event.pull_request.number }}/merge
|
|
fetch-depth: 0
|
|
- name: Check for non-linear history
|
|
run: ./scripts/git-linear-history-check.sh
|