blob: 417ae5d201982f9f3dbc03063f440a8b49c97e8e (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
|
name: PR Quality Checks
on:
pull_request_target:
types: [ edited, opened, reopened, ready_for_review, synchronize ]
branches:
- main
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number }}
cancel-in-progress: true
permissions:
contents: read
pull-requests: write
jobs:
pr_quality:
name: Run Quality Checks on a PR
runs-on: ubuntu-latest
timeout-minutes: 5
steps:
- name: Checkout
uses: actions/checkout@v6
with:
persist-credentials: false
# Checking out the default branch (not the PR head) is what makes
# pull_request_target safe: the workflow code always comes from the
# base repo, so a malicious PR cannot alter it.
ref: ${{ github.event.repository.default_branch }}
- name: Set up Python
uses: actions/setup-python@v6
with:
python-version: '3.14'
- name: Run PR quality checks
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
PR_AUTHOR: ${{ github.event.pull_request.user.login }}
PR_BODY: ${{ github.event.pull_request.body }}
PR_TITLE: ${{ github.event.pull_request.title }}
PR_CREATED_AT: ${{ github.event.pull_request.created_at }}
PR_NUMBER: ${{ github.event.pull_request.number }}
PR_REPO: ${{ github.repository }}
# Only close PRs on the main Django repository; on forks the workflow
# runs in warning-only mode so contributors can test their PRs.
AUTOCLOSE: ${{ github.repository == 'django/django' }}
PYTHONPATH: scripts
run: python scripts/pr_quality/check_pr.py
|
