name : status_checks_rules_update on : pull_request : types : [ opened ] branches : [ alpha, beta ] concurrency : group : projected_rules_update cancel-in-progress : true jobs : check_workflows : if : ${{ github.event.pull_request.base.ref == 'beta' }} outputs : should_update : ${{ steps.compare.outputs.not_equal }} runs-on : ubuntu-latest steps : - name : Compare workflow directories content id : compare run : | files_beta=$(curl -X GET -G \ -H "Accept: application/vnd.github+json" \ -H "Authorization: token ${{ secrets.PRIVATE_GITHUB_BOT_TOKEN }}" \ https://api.github.com/repos/${{ github.repository }}/contents/.github/workflows \ -d 'ref=beta') files_alpha=$(curl -X GET -G \ -H "Accept: application/vnd.github+json" \ -H "Authorization: token ${{ secrets.PRIVATE_GITHUB_BOT_TOKEN }}" \ https://api.github.com/repos/${{ github.repository }}/contents/.github/workflows \ -d 'ref=alpha') if [[ "$files_beta" == "$files_alpha" ]] ; then echo "not_equal=false" >> $GITHUB_OUTPUT else echo "not_equal=true" >> $GITHUB_OUTPUT fi update_beta : needs : check_workflows if : ${{ needs.check_workflows.outputs.should_update == 'true' }} runs-on : ubuntu-latest steps : - uses: actions/checkout@v3 - name : Get options id : options_get run : | WORKFLOWS=$(ls .github/workflows | grep module) for WORKFLOW in $WORKFLOWS ; do CONTEXT=$(echo $WORKFLOW | sed 's/\(\S\+\).yml/{"context":"check (\1)","app_id":null}/') CONTEXTS="$CONTEXTS,$CONTEXT" done; CHECKS="[$(sed 's/^,//g' <<< $CONTEXTS),{\"context\":\"runs_check\",\"app_id\":null}]" echo "options={\"required_status_checks\":{\"strict\":false,\"checks\":$CHECKS},\"enforce_admins\":false,\"required_pull_request_reviews\":null,\"restrictions\":null}" >> $GITHUB_OUTPUT - name : Setup rules for beta run : | curl -X PUT \ -H "Accept: application/vnd.github+json" \ -H "Authorization: token ${{ secrets.PRIVATE_GITHUB_BOT_TOKEN }}" \ https://api.github.com/repos/${{ github.repository }}/branches/beta/protection \ -d '${{ steps.options_get.outputs.options }}' update_alpha : if : ${{ github.event.pull_request.base.ref == 'alpha' }} runs-on : ubuntu-latest steps : - name : Setup rules for alpha run : | CHECKS='[{"context":"tested / fast (ubuntu-latest)","app_id":null},{"context":"tested / fast (windows-latest)","app_id":null},{"context":"tested / fast (macos-latest)","app_id":null}]' curl -X PUT \ -H "Accept: application/vnd.github+json" \ -H "Authorization: token ${{ secrets.PRIVATE_GITHUB_BOT_TOKEN }}" \ https://api.github.com/repos/${{ github.repository }}/branches/alpha/protection \ -d "{\"required_status_checks\":{\"strict\":false,\"checks\":$CHECKS},\"enforce_admins\":false,\"required_pull_request_reviews\":null,\"restrictions\":null}"