mirror of
https://github.com/prometheus/prometheus.git
synced 2026-06-20 13:59:23 -04:00
51d015945a
- Add packages: write permission to publish_main and publish_release jobs - Add ghcr_io_password: github.token to both publish jobs - Bump promci build/publish actions from v0.6.0 to v0.8.2 (SHA-pinned) - Drop standalone checkout steps preceding promci build/publish steps (promci v0.8.2 performs its own checkout) - Add persist-credentials: false to check_release_notes checkout Signed-off-by: Julien Pivotto <291750+roidelapluie@users.noreply.github.com>
28 lines
910 B
YAML
28 lines
910 B
YAML
name: 'Check release notes'
|
|
on:
|
|
pull_request:
|
|
branches: [main, 'release-*']
|
|
types:
|
|
- opened
|
|
- reopened
|
|
- edited
|
|
- synchronize
|
|
permissions:
|
|
contents: read
|
|
pull-requests: read
|
|
|
|
jobs:
|
|
check_release_notes:
|
|
name: check
|
|
runs-on: ubuntu-latest
|
|
# Don't run this workflow on forks.
|
|
# Don't run it on dependabot PRs either as humans would take control in case a bump introduces a breaking change.
|
|
if: (github.repository_owner == 'prometheus' || github.repository_owner == 'prometheus-community') && github.event.pull_request.user.login != 'dependabot[bot]'
|
|
steps:
|
|
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
|
|
with:
|
|
persist-credentials: false
|
|
- env:
|
|
PR_DESCRIPTION: ${{ github.event.pull_request.body }}
|
|
run: |
|
|
echo "$PR_DESCRIPTION" | ./scripts/check_release_notes.sh
|