-
Notifications
You must be signed in to change notification settings - Fork 81
73 lines (59 loc) · 2.02 KB
/
branch-protection-check.yml
File metadata and controls
73 lines (59 loc) · 2.02 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
name: Branch Protection Check
on:
schedule:
# Run weekly to verify branch protection is properly configured
- cron: '0 9 * * 1' # Every Monday at 9 AM UTC
workflow_dispatch: # Allow manual triggering
permissions:
contents: read
jobs:
verify-dependabot-config:
name: Verify Dependabot Configuration
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Check Dependabot Config
run: |
echo "🤖 Verifying Dependabot configuration..."
if [ -f ".github/dependabot.yml" ]; then
echo "✅ Dependabot configuration found"
echo ""
echo "Configuration summary:"
grep -A 10 "package-ecosystem:" .github/dependabot.yml || true
else
echo "❌ Dependabot configuration missing"
exit 1
fi
verify-workflows:
name: Verify Auto-Merge Workflows
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Check Required Workflows
run: |
echo "🔄 Verifying auto-merge workflows..."
required_workflows=(
".github/workflows/dependabot-auto-merge.yml"
)
all_present=true
for workflow in "${required_workflows[@]}"; do
if [ -f "$workflow" ]; then
echo "✅ $workflow found"
else
echo "❌ $workflow missing"
all_present=false
fi
done
if [ "$all_present" = false ]; then
echo ""
echo "Some required workflows are missing. Auto-merge may not work properly."
exit 1
fi
echo ""
echo "✅ All required workflows are present"
echo ""
echo "ℹ️ Note: Auto-merge relies entirely on existing repository CI checks"
echo " GitHub's 'gh pr merge --auto' waits for all required status checks"
echo " to pass before merging. No separate CI workflow is needed."