microsoft/openvmm
Publicmirrored fromhttps://github.com/microsoft/openvmmAvailable
.github/workflows/unsafe-reviewers.yml
30lines · modecode
| 1 | name: Unsafe Reviewers Check |
| 2 | on: |
| 3 | workflow_dispatch: |
| 4 | pull_request: |
| 5 | types: [opened, reopened, synchronize] |
| 6 | |
| 7 | # https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs |
| 8 | permissions: |
| 9 | id-token: write |
| 10 | contents: read |
| 11 | pull-requests: read |
| 12 | |
| 13 | concurrency: |
| 14 | group: ${{ github.workflow }}-${{ github.head_ref }} |
| 15 | cancel-in-progress: true |
| 16 | |
| 17 | |
| 18 | jobs: |
| 19 | UnsafeReview: |
| 20 | runs-on: ubuntu-latest |
| 21 | if: github.event.pull_request.merged != true && github.event.action != 'closed' |
| 22 | steps: |
| 23 | - name: Checkout actions |
| 24 | uses: actions/checkout@v4 |
| 25 | with: |
| 26 | fetch-depth: 0 |
| 27 | |
| 28 | - name: Run unsafe code review script |
| 29 | run: pip3 install -r .github/scripts/add_unsafe_reviewers/requirements.txt && python3 .github/scripts/add_unsafe_reviewers/add-unsafe-reviewers.py . "origin/${{ github.base_ref }}" --token "${{ secrets.ONEBLUE_GH_PAT }}" --pull-request "${{ github.event.number }}" |
| 30 | shell: bash |
| 31 | |