name: Unsafe Reviewers Check
on:
workflow_dispatch:
pull_request_target:
types: [opened, reopened, synchronize]
# https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
permissions:
id-token: write
contents: read
pull-requests: read
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref }}
cancel-in-progress: true
jobs:
UnsafeReview:
runs-on: ubuntu-latest
if: github.event.pull_request.merged != true && github.event.action != 'closed'
steps:
- name: Checkout actions
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Run unsafe code review script
run: pip3 install -r .github/scripts/add_unsafe_reviewers/requirements.txt && python3 .github/scripts/add_unsafe_reviewers/add-unsafe-reviewers.py . "origin/${{ github.base_ref }}" --token "${{ secrets.ONEBLUE_GH_PAT }}" --pull-request "${{ github.event.number }}"
shell: bashmicrosoft/openvmm
Publicmirrored fromhttps://github.com/microsoft/openvmmAvailable
.github/workflows/unsafe-reviewers.yml
30lines · modepreview