1414 # It guarantees that the workflow logic is not altered by the PR.
1515 pull_request_target :
1616 types : [opened, synchronize]
17- # We only accept PRs touching connectors
18- paths :
19- - " airbyte-integrations/connectors/**"
20- branches :
21- - " master"
2217
2318jobs :
19+ fail_on_protected_path_changes :
20+ name : " Check fork do not change protected paths"
21+ if : github.event.pull_request.head.repo.fork == true
22+ runs-on : ubuntu-latest
23+ permissions :
24+ pull-requests : read
25+ steps :
26+ - name : Check for changes in protected paths
27+ id : check_for_changes_in_protected_paths
28+ uses : dorny/paths-filter@v2
29+ with :
30+ filters : |
31+ protected_paths:
32+ - '.github/**'
33+ - 'airbyte-ci/**'
34+
35+ name : Fail if changes in protected paths
36+ if : steps.check_for_changes_in_protected_paths.outputs.protected_paths == 'true'
37+ run : |
38+ echo "The fork has changes in protected paths. This is not allowed."
39+ exit 1
40+
2441format_check :
2542 # IMPORTANT: This name must match the require check name on the branch protection settings
2643 name : " Check for formatting errors"
2744 if : github.event.pull_request.head.repo.fork == true
2845 environment : community-ci-auto
2946 runs-on : community-tooling-test-small
47+ needs : fail_on_protected_path_changes
3048 timeout-minutes : 30
3149 env :
3250 MAIN_BRANCH_NAME : " master"
4159 fetch-depth : 1
4260
4361 # This will sync the .github folder of the main repo with the fork
44- # This allows us to use up to date actions from the main repo
62+ # This allows us to use up to date actions and CI logic from the main repo
4563 - name : Pull .github folder and internal packages from main repository
4664 id : pull_github_folder
4765 run : |
6280 connectors_early_ci :
6381 name : Run connectors early CI on fork
6482 if : github.event.pull_request.head.repo.fork == true
83+ needs : fail_on_protected_path_changes
6584 environment : community-ci-auto
6685 runs-on : community-tooling-test-small
6786 timeout-minutes : 10
8099 fetch-depth : 1
81100
82101 # This will sync the .github folder of the main repo with the fork
83- # This allows us to use up to date actions and internal packages logic from the main repo
84- # It will also prevent forks from changing CI logic
102+ # This allows us to use up to date actions and CI logic from the main repo
85103 - name : Pull .github folder from main repository
86104 id : pull_github_folder
87105 run : |
@@ -114,12 +132,13 @@ jobs:
114132 retention-days : 7
115133
116134 connectors_full_ci :
117- name : Run all connectors tests on fork
135+ name : Run connectors full CI on fork
118136 if : github.event.pull_request.head.repo.fork == true
119137 # Deployment of jobs on the community-ci environment requires manual approval
120138 # This is something we set up in the GitHub environment settings:
121139 # https://github.com/airbytehq/airbyte/settings/environments/2091483613/edit
122140 # This is a safety measure to make sure the code running on our infrastructure has been reviewed before running on it
141+ needs : fail_on_protected_path_changes
123142 environment : community-ci
124143 runs-on : community-connector-test-large
125144 timeout-minutes : 180 # 3 hours
@@ -138,9 +157,8 @@ jobs:
138157 ref : ${{ github.event.pull_request.head.sha }}
139158 fetch-depth : 1
140159
141- # This will sync the .github folder of the main repo with the fork
142- # This allows us to use up to date actions and internal packages logic from the main repo
143- # It will also prevent forks from changing CI logic - name: Pull .github folder from main repository
160+ # This will sync the .github folder of the main repo with the fork
161+ # This allows us to use up to date actions and CI logic from the main repo
144162 - name : Pull .github folder from main repository
145163 id : pull_github_folder
146164 run : |
0 commit comments