Add check workflow events related checks (#1128)

Signed-off-by: Peter Zhu <zhujiaxi@amazon.com> (cherry picked from commit 2365ffd)
opensearch-project · Jan 21, 2025 · 04fa33c · 04fa33c
1 parent bd5bf76
commit 04fa33c
Showing 1 changed file with 30 additions and 0 deletions.
diff --git a/.github/workflows/check-workflow-events.yml b/.github/workflows/check-workflow-events.yml
@@ -0,0 +1,30 @@
+name: Check Workflow Events
+on:
+  pull_request:
+    paths:
+      - '.github/workflows/**'
+
+jobs:
+  check-workflow-events:
+    runs-on: ubuntu-latest
+    name: Check Workflow Events
+    steps:
+      - uses: actions/checkout@v4
+      - name: Check Workflow Events
+        working-directory: .github/workflows
+        run: |
+          set +e
+          EVENT_COUNT=0
+          for file_found in `ls | grep .ym`; do
+              yq -r e '.on | keys | .[0]' $file_found | grep -q pull_request_target
+              EVENT_FOUND=$?
+
+              if [ "$EVENT_FOUND" = 0 ] && [ "$file_found" != "backport.yml" ] && [ "$file_found" != "copy-linked-issue-labels.yml" ]; then
+                EVENT_COUNT=$(( EVENT_COUNT+1 ))
+                echo "'$file_found' workflow file contains 'pull_request_target' event, please remove!"
+              fi
+          done
+
+          if [ "$EVENT_COUNT" != 0 ]; then
+              exit 1
+          fi