Trialing use of modules for hmpps projects. #32765
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Identify PRs that contain IAM Role and Policy changes | |
| on: | |
| pull_request | |
| env: | |
| PR_OWNER: ${{ github.event.pull_request.user.login }} | |
| GITHUB_OAUTH_TOKEN: ${{ secrets.DOCUMENT_REVIEW_GITHUB }} | |
| jobs: | |
| check-diff: | |
| runs-on: ${{ matrix.os }} | |
| strategy: | |
| matrix: | |
| os: [ubuntu-latest] | |
| steps: | |
| - name: Checkout PR code | |
| uses: actions/checkout@v4 | |
| - run: | | |
| git fetch --no-tags --prune --depth=1 origin +refs/heads/*:refs/remotes/origin/* | |
| - name: Run git diff against repository | |
| run: | | |
| git diff origin/main HEAD > changes | |
| - name: Run iam/role policy changes check | |
| id: review_pr | |
| uses: ministryofjustice/github-actions/iam-role-policy-changes-check@v14 | |
| - name: Request changes in the PR | |
| uses: andrewmusgrave/[email protected] | |
| if: steps.review_pr.outputs.review_pr_iam_check == 'false' | |
| with: | |
| repo-token: "${{ secrets.GITHUB_TOKEN }}" | |
| event: COMMENT | |
| body: | | |
| There are potential IAM Role and/or policy Changes/additions. Reviewer - If satisfied with the changes/additions - dismiss this request |