dana-runtime/.github/workflows/branch-policy.yml at develop · aitomatic/dana-runtime · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
name: Enforce branch flow
on:
  pull_request:
    branches:
      - stable
      - main
      - 'main/**'

jobs:
  check-branch-policy:
    runs-on: ubuntu-latest
    steps:
      - name: Validate source branch
        run: |
          TARGET="${{ github.base_ref }}"
          SOURCE="${{ github.head_ref }}"

          echo "PR: $SOURCE → $TARGET"

          # stable ← main, main/*, hotfix/*
          # main   ← develop, hotfix/*
          # main/* ← develop, hotfix/*
          if [[ "$TARGET" == "stable" ]]; then
            PATTERN="^(main(/.*)?|hotfix/.+)$"
            ALLOWED="main, main/*, hotfix/*"
          elif [[ "$TARGET" == "main" || "$TARGET" == main/* ]]; then
            PATTERN="^(develop|hotfix/.+)$"
            ALLOWED="develop, hotfix/*"
          else
            echo "✅ No branch policy for target '$TARGET'"
            exit 0
          fi

          if [[ "$SOURCE" =~ $PATTERN ]]; then
            echo "✅ '$SOURCE' → '$TARGET' is allowed"
          else
            echo "❌ '$SOURCE' → '$TARGET' is NOT allowed"
            echo ""
            echo "Allowed sources for '$TARGET': $ALLOWED"
            exit 1
          fi