forked from protocolbuffers/protobuf
-
Notifications
You must be signed in to change notification settings - Fork 0
30 lines (26 loc) · 920 Bytes
/
forked_pr_workflow_check.yml
File metadata and controls
30 lines (26 loc) · 920 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
name: Forked PR workflow check
# This workflow prevents modifications to our workflow files in PRs from forked
# repositories. Since tests in these PRs always use the workflows in the
# *target* branch, modifications to these files can't be properly tested.
on:
# safe presubmit
pull_request:
branches:
- main
- '[0-9]+.x'
# The 21.x branch still uses Kokoro
- '!21.x'
# For testing purposes so we can stage this on the `gha` branch.
- gha
paths:
- '.github/workflows/**'
permissions:
contents: read
jobs:
check:
name: Check PR source
runs-on: ubuntu-latest
steps:
- run: >
${{ github.event.pull_request.head.repo.full_name == 'protocolbuffers/protobuf' }} ||
(echo "This pull request is from an unsafe fork (${{ github.event.pull_request.head.repo.full_name }}) and isn't allowed to modify workflow files!" && exit 1)