Add and extend auth tests (PECOBLR-1842) #1533
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Check for NEXT_CHANGELOG.md Changes | |
| on: | |
| pull_request: | |
| branches: [ main ] | |
| permissions: | |
| contents: read | |
| jobs: | |
| check-next-changelog: | |
| runs-on: | |
| group: databricks-protected-runner-group | |
| labels: linux-ubuntu-latest | |
| steps: | |
| - name: Checkout base branch (main) | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.event.pull_request.base.ref }} | |
| fetch-depth: 0 | |
| - name: Fetch list of changed files | |
| id: changed-files | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| # Use the GitHub API to fetch changed files | |
| files=$(gh pr view ${{ github.event.pull_request.number }} --json files -q '.files[].path') | |
| # Sanitize to avoid code injection | |
| sanitized_files=$(echo "$files" | sed 's/[^a-zA-Z0-9._/-]/_/g') | |
| # Store the sanitized list of files in a temporary file to avoid env variable issues | |
| echo "$sanitized_files" > modified_files.txt | |
| echo "$sanitized_files" | |
| - name: Fetch PR message | |
| id: pr-message | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| # Use the GitHub API to fetch the PR message | |
| pr_message=$(gh pr view ${{ github.event.pull_request.number }} --json body -q '.body') | |
| # Sanitize the PR message to avoid code injection, keeping the equal sign | |
| sanitized_pr_message=$(echo "$pr_message" | sed 's/[^a-zA-Z0-9._/-=]/_/g') | |
| # Store the sanitized PR message | |
| echo "$sanitized_pr_message" > pr_message.txt | |
| echo "$sanitized_pr_message" | |
| - name: Verify NEXT_CHANGELOG.md was modified or PR message contains NO_CHANGELOG=true | |
| run: | | |
| # Read the sanitized files and PR message from the temporary files | |
| modified_files=$(cat modified_files.txt) | |
| pr_message=$(cat pr_message.txt) | |
| # Check if NEXT_CHANGELOG.md exists in the list of changed files | |
| echo "Changed files: $modified_files" | |
| if ! echo "$modified_files" | grep -q "NEXT_CHANGELOG.md"; then | |
| echo "NEXT_CHANGELOG.md not modified." | |
| # Check if PR message contains NO_CHANGELOG=true | |
| if echo "$pr_message" | grep -q "NO_CHANGELOG=true"; then | |
| echo "NO_CHANGELOG=true found in PR message. Skipping changelog check." | |
| exit 0 | |
| else | |
| echo "ERROR: NEXT_CHANGELOG.md not changed and NO_CHANGELOG=true not found in PR message." | |
| echo "Please update NEXT_CHANGELOG.md or add NO_CHANGELOG=true to the PR description." | |
| exit 1 | |
| fi | |
| fi |