1+ name : Auto Close External PRs
2+
3+ on :
4+ pull_request_target :
5+ types : [opened]
6+
7+ jobs :
8+ auto-close :
9+ runs-on : ubuntu-latest
10+ permissions :
11+ contents : read
12+ pull-requests : write
13+ issues : write
14+
15+ steps :
16+ - name : Check if PR is from external contributor or bot
17+ id : check
18+ run : |
19+ PR_AUTHOR="${{ github.event.pull_request.user.login }}"
20+ PR_AUTHOR_TYPE="${{ github.event.pull_request.user.type }}"
21+
22+ ALLOWED_USERS="remrearas"
23+ BLOCKED_BOTS="copilot-swe-agent copilot"
24+
25+ # Block known bots regardless
26+ for bot in $BLOCKED_BOTS; do
27+ if [ "$PR_AUTHOR" = "$bot" ]; then
28+ echo "external=true" >> $GITHUB_OUTPUT
29+ echo "reason=bot" >> $GITHUB_OUTPUT
30+ exit 0
31+ fi
32+ done
33+
34+ # Block any Bot-type account not in allowed list
35+ if [ "$PR_AUTHOR_TYPE" = "Bot" ]; then
36+ echo "external=true" >> $GITHUB_OUTPUT
37+ echo "reason=bot" >> $GITHUB_OUTPUT
38+ exit 0
39+ fi
40+
41+ # Block external users
42+ for user in $ALLOWED_USERS; do
43+ if [ "$PR_AUTHOR" = "$user" ]; then
44+ echo "external=false" >> $GITHUB_OUTPUT
45+ exit 0
46+ fi
47+ done
48+
49+ echo "external=true" >> $GITHUB_OUTPUT
50+ echo "reason=external" >> $GITHUB_OUTPUT
51+
52+ name : Close unauthorized PR
53+ if : steps.check.outputs.external == 'true'
54+ uses : actions/github-script@v7
55+ with :
56+ script : |
57+ const reason = '${{ steps.check.outputs.reason }}';
58+ const message = reason === 'bot'
59+ ? '🚫 Bot-generated PRs are not accepted in this repository. This PR has been automatically closed.'
60+ : '🚫 External contributions are not accepted in this repository. This PR has been automatically closed.';
61+
62+ await github.rest.issues.createComment({
63+ owner: context.repo.owner,
64+ repo: context.repo.repo,
65+ issue_number: context.issue.number,
66+ body: message
67+ });
68+
69+ await github.rest.pulls.update({
70+ owner: context.repo.owner,
71+ repo: context.repo.repo,
72+ pull_number: context.issue.number,
73+ state: 'closed'
74+ });
0 commit comments