enoch/armbian-build
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
810ff67c90
armbian-build/.github/workflows/build-pr-artifacts.yml
Igor Pecovnik 28f5839d08 chore: standardize workflow names 
Make all workflow names consistent and action-oriented:
- Use action verb first (Announce, Auto-label, Build, Check, Clean, Help, Label, Lint, Listen, Rewrite, Scan, Sync, Welcome)
- Keep names concise and descriptive
- Remove unnecessary details from the name

Changes:
- Analyze kernel security (was: Kernel Hardening Analysis)
- Announce merge (was: Announce PR merge to Discord)
- Announce PR (was: Announce PR on Discord for review)
- Auto-label PR (was: Automatic Pull Request Labeling)
- Build PR artifacts (was: Generate Artifacts on PR if...)
- Check PR assets (was: Check new board assets exist...)
- Clean workflow logs (was: Clean Workflow Logs)
- Sync Jira (was: Jira Sync)
- Help forks (was: Forked Helper)
- Label PR on approval (was: PR review labeler)
- Lint scripts (was: Lint on Scripts)
- Listen PR review (was: PR review listener)
- Rewrite kernel configs (was: Rewrite kernel configs - same)
- Scan security (was: Scorecards Security Scan)
- Sync board list (was: Update Board Lists)
- Sync labels (was: Sync Labels from YAML)
- Sync maintainers (was: Sync maintainers status)
- Sync tools (was: Update Tools in Scripts)
- Welcome first-time contributor (was: Welcome first-time issue contributor)
- Welcome first-time PR contributor (was: same - kept as is)
2025-12-25 12:00:52 +01:00

42 lines
1.4 KiB
YAML
Raw Blame History

name: Build PR artifacts
run-name: "Generate artifacts - PR #${{ github.event.pull_request.number }} - by @${{ github.actor }}"
#
# If PR is labeled with "Build" and you are a member of "Release manager" team it will start a build train (additional security feature).
# In the run name, ${{ github.actor }} shows who's privileges are used for this run.
#
on: pull_request_target
jobs:
Check:
permissions:
pull-requests: read
name: Check label and authorization
runs-on: Linux
outputs:
member: ${{ steps.checkUserMember.outputs.isTeamMember }}
steps:
- uses: tspascoal/get-user-teams-membership@v3
if: contains(github.event.pull_request.labels.*.name, 'Build')
id: checkUserMember
with:
username: ${{ github.actor }}
organization: armbian
team: "Release manager"
GITHUB_TOKEN: ${{ secrets.ORG_MEMBERS }}
Compile:
needs: Check
name: Generate artifacts
concurrency:
group: pipeline-pr-${{github.event.pull_request.number}}
cancel-in-progress: true
if: ${{ github.repository_owner == 'Armbian' && needs.Check.outputs.member == 'true' }}
uses: armbian/os/.github/workflows/complete-artifact-matrix-all.yml@main
secrets:
ORG_MEMBERS: ${{ secrets.ORG_MEMBERS }}
with:
extraParamsAllBuilds: "UPLOAD_TO_OCI_ONLY=no"
ref: ${{ github.event.pull_request.head.sha }}
Reference in New Issue View Git Blame Copy Permalink