Hugh Hackman
80ea75de3b
The dual-approval workflow was not re-triggering on pull_request_review events because the shared workflow was using github.event.pull_request.number which is not available in workflow_call context. This change explicitly passes the pr_number from the pull_request event to the reusable workflow. Co-Authored-By: Paperclip <noreply@paperclip.ing>
21 lines
620 B
YAML
21 lines
620 B
YAML
name: Dual Approval (CTO + QA)
|
|
|
|
# Calls the shared dual-approval-check workflow.
|
|
# Passes when both privilegedescalation-cto and privilegedescalation-qa
|
|
# have approved the PR. Add "Dual Approval (CTO + QA)" to required_status_checks
|
|
# in branch protection to enforce this gate.
|
|
|
|
on:
|
|
pull_request_review:
|
|
types: [submitted, dismissed]
|
|
pull_request:
|
|
branches: [main]
|
|
types: [opened, reopened, synchronize]
|
|
|
|
jobs:
|
|
dual-approval:
|
|
uses: privilegedescalation/.github/.github/workflows/dual-approval-check.yaml@main
|
|
secrets: inherit
|
|
with:
|
|
pr_number: ${{ github.event.pull_request.number }}
|