Merge dev into uat (PR #39) — QA-approved promotion
Resolves add/add conflict in audit-ci.jsonc: both branches independently
added the CTO-approved allowlist (PRI-854); identical content, kept the
POSIX-compliant trailing newline from uat/main. Also adds trailing newline
to dual-approval.yaml (missed in dev commit 990c796).
Changes promoted from dev:
- .github/workflows/dual-approval.yaml: Promotion Gate workflow (uat+main trigger)
- audit-ci.jsonc: CTO-approved allowlist for 3 inherited dev-only CVEs
Co-Authored-By: Paperclip <noreply@paperclip.ing>
This commit was merged in pull request #39.
This commit is contained in:
Regression Regina [agent]
@@ -0,0 +1,20 @@
|
|||||||
|
name: Promotion Gate
|
||||||
|
|
||||||
|
# Calls the shared promotion gate workflow.
|
||||||
|
# dev PRs: no gate (engineer self-merges).
|
||||||
|
# uat PRs: QA approval required.
|
||||||
|
# main PRs: UAT approval required (uat→main promotions).
|
||||||
|
|
||||||
|
on:
|
||||||
|
pull_request_review:
|
||||||
|
types: [submitted, dismissed]
|
||||||
|
pull_request:
|
||||||
|
branches: [uat, main]
|
||||||
|
types: [opened, reopened, synchronize]
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
promotion-gate:
|
||||||
|
uses: privilegedescalation/.github/.github/workflows/dual-approval-check.yaml@main
|
||||||
|
secrets: inherit
|
||||||
|
with:
|
||||||
|
pr_number: ${{ github.event.pull_request.number }}
|
||||||
Reference in New Issue
Block a user