From 7bc1cdb7d5948d79f88db8e35cf67137e4e61a05 Mon Sep 17 00:00:00 2001 From: Chris Farhood Date: Mon, 11 May 2026 21:39:11 +0000 Subject: [PATCH] Update CI and approval workflows for three-branch SDLC CI triggers on dev/uat/main. Promotion gate replaces dual-approval. Co-Authored-By: Paperclip --- .github/workflows/ci.yaml | 4 ++-- .github/workflows/dual-approval.yaml | 16 ++++++++-------- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index b2f3ef6..9971c76 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -2,9 +2,9 @@ name: CI on: push: - branches: [main] + branches: [main, dev, uat] pull_request: - branches: [main] + branches: [main, dev, uat] workflow_call: workflow_dispatch: diff --git a/.github/workflows/dual-approval.yaml b/.github/workflows/dual-approval.yaml index c3d81d0..9552ee4 100644 --- a/.github/workflows/dual-approval.yaml +++ b/.github/workflows/dual-approval.yaml @@ -1,21 +1,21 @@ -name: Dual Approval (CTO + QA) +name: Promotion Gate -# Calls the shared dual-approval-check workflow. -# Passes when both privilegedescalation-cto and privilegedescalation-qa -# have approved the PR. Add "Dual Approval (CTO + QA)" to required_status_checks -# in branch protection to enforce this gate. +# Calls the shared promotion gate workflow. +# dev PRs: no gate (engineer self-merges). +# uat PRs: QA approval required. +# main PRs: UAT approval required (uat→main promotions). on: pull_request_review: types: [submitted, dismissed] pull_request: - branches: [main] + branches: [uat, main] types: [opened, reopened, synchronize] jobs: - dual-approval: - if: github.event.pull_request != null + promotion-gate: uses: privilegedescalation/.github/.github/workflows/dual-approval-check.yaml@main secrets: inherit with: pr_number: ${{ github.event.pull_request.number }} + -- 2.52.0