ci: Add main protection and cleaning of workflows

JulesGresset · JulesGresset · commit 0caeba907fc8 · 2024-11-23T12:41:58.000-05:00
diff --git a/.github/workflows/buildAndTest.yaml b/.github/workflows/buildAndTest.yaml
@@ -0,0 +1,28 @@
+name: Build and test
+
+on:
+  workflow_dispatch:
+  workflow_call:
+
+jobs:
+  build:
+    name: "Build and test"
+
+    runs-on: ubuntu-latest
+
+    strategy:
+      matrix:
+        node-version: [16.x, 18.x, 20.x]
+
+    steps:
+      - name: Check out Git repository
+        uses: actions/checkout@v4
+
+      - name: Use Node.js ${{ matrix.node-version }}
+        uses: actions/setup-node@v3
+        with:
+          node-version: ${{ matrix.node-version }}
+          cache: "npm"
+      - run: npm ci
+      - run: npm run build --if-present
+      - run: npm test
diff --git a/.github/workflows/dev.yaml b/.github/workflows/dev.yaml
@@ -5,8 +5,6 @@ on:
   workflow_call:
   push:
     branches: ["main", "dev"]
-  pull_request:
-    branches: ["main", "dev"]
 
 jobs:
   lint:
@@ -15,22 +13,4 @@ jobs:
   build:
     name: "Build and test"
     needs: lint
-
-    runs-on: ubuntu-latest
-
-    strategy:
-      matrix:
-        node-version: [16.x, 18.x, 20.x]
-
-    steps:
-      - name: Check out Git repository
-        uses: actions/checkout@v4
-
-      - name: Use Node.js ${{ matrix.node-version }}
-        uses: actions/setup-node@v3
-        with:
-          node-version: ${{ matrix.node-version }}
-          cache: "npm"
-      - run: npm ci
-      - run: npm run build --if-present
-      - run: npm test
+    uses: ./.github/workflows/buildAndTest.yaml
diff --git a/.github/workflows/pullRequest.yaml b/.github/workflows/pullRequest.yaml
@@ -0,0 +1,29 @@
+name: Pull Request
+
+on:
+  workflow_dispatch:
+  workflow_call:
+  pull_request:
+    types:
+      - opened
+      - edited
+      - synchronize
+      - reopened
+
+jobs:
+  check-target-branch:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Check if PR targets a protected branch
+        run: |
+          PROTECTED_BRANCH="main"
+          if [ "${{ github.event.pull_request.base.ref }}" == "$PROTECTED_BRANCH" ]; then
+            echo "Pull requests to $PROTECTED_BRANCH are not allowed."
+            exit 1
+          fi
+          echo "Pull request target is allowed."
+  development:
+    name: "Development workflow"
+    needs: check-target-branch
+    uses: ./.github/workflows/dev.yaml
