From 4881a3d63f4d276f29ca0e9eb3adea359f125b9d Mon Sep 17 00:00:00 2001 From: Ryan Ashcraft Date: Mon, 24 Jun 2024 15:29:22 -0400 Subject: [PATCH] #153 :green_heart: updating to only build PRs via GitHub Action when they are approved --- .github/workflows/maven.yaml | 10 +++------- .github/workflows/release.yaml | 4 ++++ 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/maven.yaml b/.github/workflows/maven.yaml index ca90acf..cb1937a 100644 --- a/.github/workflows/maven.yaml +++ b/.github/workflows/maven.yaml @@ -11,12 +11,12 @@ name: Build Habushu on: push: branches: [ "dev" ] - pull_request_target: - branches: [ "dev" ] + pull_request_review: + types: [submitted] jobs: build: - + if: github.event.review.state == 'approved' runs-on: ubuntu-latest steps: @@ -49,7 +49,3 @@ jobs: - name: Test habushu-maven-plugin run: mvn -B install --file pom.xml -Dhabushu.usePyenv=false - - # Optional: Uploads the full dependency graph to GitHub to improve the quality of Dependabot alerts this repository can receive - - name: Update dependency graph - uses: advanced-security/maven-dependency-submission-action@v4 diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index c6e3b95..862ee2e 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -53,3 +53,7 @@ jobs: MAVEN_PASSWORD: ${{ secrets.SONATYPE_CENTRAL_REPO_TOKEN_KEY }} GPG_PASSPHRASE: ${{ secrets.GPG_PRIVATE_KEY_PASSPHRASE }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + # Optional: Uploads the full dependency graph to GitHub to improve the quality of Dependabot alerts this repository can receive + - name: Update dependency graph + uses: advanced-security/maven-dependency-submission-action@v4 \ No newline at end of file