privilegedescalation-engineer[bot]
cbf5ba4a2a
* fix(ci): guard dual-approval job against null pull_request context When triggered by pull_request_review events, github.event.pull_request is undefined, which can cause issues when the job tries to access github.event.pull_request.number. Add a job-level if guard to prevent the job from running in these conditions. This addresses the dual approval failures seen on feature branches where the workflow was running without a valid PR context. Co-Authored-By: Paperclip <noreply@paperclip.ing> * fix(e2e): use pnpm-capable workflow branch Reference @hugh/add-pnpm-support-plugin-e2e which has pnpm support via corepack. PRI-634 * fix(e2e): use pnpm-capable workflow branch Reference @hugh/add-pnpm-support-plugin-e2e which has pnpm support via corepack. PRI-634 * Update e2e.yaml to use @main and pass plugin-name Use @main workflow ref and add plugin-name input so the reusable workflow can derive ConfigMap name and mount path. Co-Authored-By: Paperclip <noreply@paperclip.ing> --------- Co-authored-by: Chris Farhood <chris@farhood.org> Co-authored-by: Paperclip <noreply@paperclip.ing>
22 lines
662 B
YAML
22 lines
662 B
YAML
name: Dual Approval (CTO + QA)
|
|
|
|
# Calls the shared dual-approval-check workflow.
|
|
# Passes when both privilegedescalation-cto and privilegedescalation-qa
|
|
# have approved the PR. Add "Dual Approval (CTO + QA)" to required_status_checks
|
|
# in branch protection to enforce this gate.
|
|
|
|
on:
|
|
pull_request_review:
|
|
types: [submitted, dismissed]
|
|
pull_request:
|
|
branches: [main]
|
|
types: [opened, reopened, synchronize]
|
|
|
|
jobs:
|
|
dual-approval:
|
|
if: github.event.pull_request != null
|
|
uses: privilegedescalation/.github/.github/workflows/dual-approval-check.yaml@main
|
|
secrets: inherit
|
|
with:
|
|
pr_number: ${{ github.event.pull_request.number }}
|