From b9c46c0cf0951ce7f0e125bd61fc8668c2ee7365 Mon Sep 17 00:00:00 2001 From: Ernesto Castellotti Date: Wed, 7 Jun 2023 19:21:51 +0200 Subject: Require approval for web preview from outside the organization (#227) --- .github/workflows/preview-pr.yaml | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/.github/workflows/preview-pr.yaml b/.github/workflows/preview-pr.yaml index 4884c4e..f171f71 100644 --- a/.github/workflows/preview-pr.yaml +++ b/.github/workflows/preview-pr.yaml @@ -2,13 +2,23 @@ name: preview-pr on: pull_request_target: - types: [opened, reopened] + types: [opened, reopened, synchronize] permissions: pull-requests: write jobs: + authorize: + environment: + ${{ github.event_name == 'pull_request_target' && + github.event.pull_request.head.repo.full_name != github.repository && + 'external' || 'internal' }} + runs-on: ubuntu-latest + steps: + - run: "true" + build: + needs: authorize runs-on: ubuntu-latest steps: - name: Checkout -- cgit v1.2.3