From 0f10520c6f235d1bd08d0ae540c81f71bf361870 Mon Sep 17 00:00:00 2001 From: "Dylan K. Taylor" Date: Wed, 30 Oct 2024 19:44:15 +0000 Subject: [PATCH] Clean up --- .github/workflows/draft-release-pr-check.yml | 58 +++++++------------- 1 file changed, 20 insertions(+), 38 deletions(-) diff --git a/.github/workflows/draft-release-pr-check.yml b/.github/workflows/draft-release-pr-check.yml index 8e2d8092a4..ff017b8d6c 100644 --- a/.github/workflows/draft-release-pr-check.yml +++ b/.github/workflows/draft-release-pr-check.yml @@ -25,52 +25,17 @@ jobs: check-intent: name: Check release trigger runs-on: ubuntu-20.04 - strategy: - fail-fast: false - matrix: - php-version: [8.2] outputs: - valid: ${{ steps.validate.outputs.DEV_BUILD == 'false' - && steps.check-permission.outputs.require-result == 'true' - && steps.check-permission.outputs.check-result == 'false' - }} + valid: ${{ steps.validate.outputs.DEV_BUILD == 'false' }} steps: - uses: actions/checkout@v4 - - name: Setup PHP - uses: shivammathur/setup-php@2.31.1 - with: - php-version: ${{ matrix.php-version }} - - - name: Restore Composer package cache - uses: actions/cache@v4 - with: - path: | - ~/.cache/composer/files - ~/.cache/composer/vcs - key: "composer-v2-cache-${{ hashFiles('./composer.lock') }}" - restore-keys: | - composer-v2-cache- - - - name: Install Composer dependencies - run: composer install --no-dev --prefer-dist --no-interaction --ignore-platform-reqs - - - name: Check if PR author has write access - id: check-permission - uses: actions-cool/check-user-permission@v2 - with: - token: ${{ secrets.GITHUB_TOKEN }} - require: write - username: ${{ github.event.pull_request.user.login }} - #technically this would be fine for dependabot but generally bots don't count as team members - check-bot: true - - name: Check IS_DEVELOPMENT_BUILD flag id: validate run: | - echo DEV_BUILD=$(php build/dump-version-info.php is_dev) >> $GITHUB_OUTPUT + echo DEV_BUILD=$(sed -n "s/^\s*public const IS_DEVELOPMENT_BUILD = \(true\|false\);$/\1/p" src/VersionInfo.php) >> $GITHUB_OUTPUT check-validity: name: Validate release info @@ -86,7 +51,7 @@ jobs: - name: Setup PHP uses: shivammathur/setup-php@2.31.1 with: - php-version: ${{ matrix.php-version }} + php-version: 8.2 - name: Restore Composer package cache uses: actions/cache@v4 @@ -101,6 +66,23 @@ jobs: - name: Install Composer dependencies run: composer install --no-dev --prefer-dist --no-interaction --ignore-platform-reqs + - name: Check author permissions + id: check-permission + uses: actions-cool/check-user-permission@v2 + with: + token: ${{ secrets.GITHUB_TOKEN }} + require: write + username: ${{ github.event.pull_request.user.login }} + #technically this would be fine for dependabot but generally bots don't count as team members + check-bot: true + + - name: Abort if user permissions are insufficient + if: steps.check-permission.outputs.require-result != 'true' #user doesn't have permission + || steps.check-permission.outputs.check-result != 'false' #user is a bot + run: | + echo "::error::This user is not authorized to trigger releases" + exit 1 + - name: Check changelog file is present id: file-presence run: |