a668c5ab5a
Switch Angular from hash-based to path-based routing so each Wails window (/tray, /main, /settings) loads its correct route. Archive GitHub Actions workflows to .gh-actions/, update Forgejo deploy registry to dappco.re/osi, and apply gofmt/alignment fixes across packages. Co-Authored-By: Virgil <virgil@lethean.io>
45 lines
1.4 KiB
YAML
45 lines
1.4 KiB
YAML
name: PR Gate
|
|
|
|
on:
|
|
pull_request_target:
|
|
types: [opened, synchronize, reopened, labeled]
|
|
|
|
permissions:
|
|
contents: read
|
|
pull-requests: read
|
|
|
|
jobs:
|
|
org-gate:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Check org membership or approval label
|
|
uses: actions/github-script@v7
|
|
with:
|
|
script: |
|
|
const author = context.payload.pull_request.user.login;
|
|
const association = context.payload.pull_request.author_association;
|
|
|
|
// Trusted accounts
|
|
const trustedAuthors = ['google-labs-jules[bot]', 'Snider'];
|
|
if (trustedAuthors.includes(author)) {
|
|
core.info(`${author} is trusted — gate passed`);
|
|
return;
|
|
}
|
|
|
|
// Check author association
|
|
const trustedAssociations = ['MEMBER', 'OWNER', 'COLLABORATOR'];
|
|
if (trustedAssociations.includes(association)) {
|
|
core.info(`${author} is ${association} — gate passed`);
|
|
return;
|
|
}
|
|
|
|
// Check for external-approved label
|
|
const labels = context.payload.pull_request.labels.map(l => l.name);
|
|
if (labels.includes('external-approved')) {
|
|
core.info('external-approved label present — gate passed');
|
|
return;
|
|
}
|
|
|
|
core.setFailed(
|
|
`External PR from ${author} requires an org member to add the "external-approved" label before merge.`
|
|
);
|