1- name : Block preview branch merges
1+ name : Check for preview branch to prevent accidental merge
22
33permissions :
44 pull-requests : write
1111 # Monitor all target branches since preview branches cannot merge to ANY branch
1212
1313jobs :
14- block-preview :
15- name : Block preview branch merge
14+ preview-check :
1615 runs-on : ubuntu-latest
16+ # Skip job entirely if head branch doesn't contain 'release-preview'
17+ if : contains(github.head_ref, 'release-preview')
1718
1819 steps :
19- - name : Check head reference restrictions
20- shell : pwsh
20+ - name : Check merge restrictions for release-preview branch
21+ shell : bash
2122 env :
2223 HEAD_REF : ${{ github.head_ref }}
2324 BASE_REF : ${{ github.base_ref }}
2425 PR_NUMBER : ${{ github.event.number }}
25- REPO_NAME : ${{ github.repository }}
2626 run : |
27- Write-Host "Checking merge restrictions for PR #$env:PR_NUMBER "
28- Write-Host "Head reference: $env:HEAD_REF "
29- Write-Host "Base reference: $env:BASE_REF "
30- Write-Host "Repository : $env:REPO_NAME "
27+ echo "Release-preview branch detected: $HEAD_REF "
28+ echo "Checking merge restrictions for PR #$PR_NUMBER "
29+ echo "Head reference: $HEAD_REF "
30+ echo "Base reference : $BASE_REF "
3131
32- # Only apply restrictions if head branch is a release-preview branch
33- if ($env:HEAD_REF -like "*release-preview*") {
34- Write-Host "Release-preview branch detected: $env:HEAD_REF"
32+ # Function to create step summary and exit
33+ create_summary_and_exit() {
34+ local title="$1"
35+ local message="$2"
36+ local restriction="$3"
3537
36- # Block merges to main
37- if ($env:BASE_REF -eq "main") {
38- Write-Host "❌ MERGE BLOCKED: Release-preview branches cannot merge to main"
39- Write-Host ""
40- Write-Host "This pull request is attempting to merge from a release-preview branch"
41- Write-Host "'$env:HEAD_REF' to 'main', which is not permitted."
42- Write-Host ""
43- Write-Host "IMPORTANT: Release-preview branches cannot merge directly to main."
44- Write-Host ""
45- Write-Host "To merge such branches:"
46- Write-Host "1. Create a new branch from main"
47- Write-Host "2. Squash the changes to one commit"
48- Write-Host "3. Create a new pull request from the new branch"
49- Write-Host ""
50-
51- # Set job summary for GitHub UI
52- echo "# 🚫 Merge Blocked - Release-Preview to Main" >> $env:GITHUB_STEP_SUMMARY
53- echo "" >> $env:GITHUB_STEP_SUMMARY
54- echo "Release-preview branches cannot merge directly to **main**." >> $env:GITHUB_STEP_SUMMARY
55- echo "" >> $env:GITHUB_STEP_SUMMARY
56- echo "## Restriction Details" >> $env:GITHUB_STEP_SUMMARY
57- echo "- **Head branch:** $env:HEAD_REF" >> $env:GITHUB_STEP_SUMMARY
58- echo "- **Target branch:** $env:BASE_REF" >> $env:GITHUB_STEP_SUMMARY
59- echo "- **Restriction:** Release-preview branches cannot merge to main" >> $env:GITHUB_STEP_SUMMARY
60-
61- exit 1
62- }
63- # For release-* targets (non-preview), always block
64- elseif ($env:BASE_REF -like "release-*" -and $env:BASE_REF -notlike "release-preview-*") {
65- Write-Host "❌ MERGE BLOCKED: Release-preview branches cannot merge to non-preview release branches"
66- Write-Host ""
67- Write-Host "This pull request is attempting to merge from '$env:HEAD_REF'"
68- Write-Host "to '$env:BASE_REF', which is not permitted."
69- Write-Host ""
70- Write-Host "IMPORTANT: Release-preview branches can only merge to other release-preview branches."
71- Write-Host ""
72-
73- # Set job summary for GitHub UI
74- echo "# 🚫 Merge Blocked - Release-Preview to Release" >> $env:GITHUB_STEP_SUMMARY
75- echo "" >> $env:GITHUB_STEP_SUMMARY
76- echo "Release-preview branches cannot merge to non-preview release branches." >> $env:GITHUB_STEP_SUMMARY
77- echo "" >> $env:GITHUB_STEP_SUMMARY
78- echo "## Restriction Details" >> $env:GITHUB_STEP_SUMMARY
79- echo "- **Head branch:** $env:HEAD_REF" >> $env:GITHUB_STEP_SUMMARY
80- echo "- **Target branch:** $env:BASE_REF" >> $env:GITHUB_STEP_SUMMARY
81- echo "- **Restriction:** Release-preview branches can only merge to other release-preview branches" >> $env:GITHUB_STEP_SUMMARY
82-
83- exit 1
84- }
85- # For other targets (including release-preview-*), check name matching
86- else {
87- if ($env:HEAD_REF -like "*$env:BASE_REF*") {
88- Write-Host "✅ Merge allowed: Head branch '$env:HEAD_REF' contains base branch name '$env:BASE_REF'"
89- echo "# ✅ Merge Check Passed" >> $env:GITHUB_STEP_SUMMARY
90- echo "Head branch **$env:HEAD_REF** is allowed to merge to **$env:BASE_REF**." >> $env:GITHUB_STEP_SUMMARY
91- } else {
92- Write-Host "❌ MERGE BLOCKED: Release-preview branch name doesn't contain target branch name"
93- Write-Host ""
94- Write-Host "This pull request is attempting to merge from '$env:HEAD_REF'"
95- Write-Host "to '$env:BASE_REF', but the head branch name doesn't contain the target name."
96- Write-Host ""
97-
98- # Set job summary for GitHub UI
99- echo "# 🚫 Merge Blocked - Name Mismatch" >> $env:GITHUB_STEP_SUMMARY
100- echo "" >> $env:GITHUB_STEP_SUMMARY
101- echo "Release-preview branch name must contain target branch name." >> $env:GITHUB_STEP_SUMMARY
102- echo "" >> $env:GITHUB_STEP_SUMMARY
103- echo "## Restriction Details" >> $env:GITHUB_STEP_SUMMARY
104- echo "- **Head branch:** $env:HEAD_REF" >> $env:GITHUB_STEP_SUMMARY
105- echo "- **Target branch:** $env:BASE_REF" >> $env:GITHUB_STEP_SUMMARY
106-
107- exit 1
108- }
109- }
110- } else {
111- Write-Host "✅ Merge allowed: Non-release-preview branch '$env:HEAD_REF' has no restrictions"
112- echo "# ✅ Merge Check Passed" >> $env:GITHUB_STEP_SUMMARY
113- echo "Head branch **$env:HEAD_REF** is allowed to merge to **$env:BASE_REF**." >> $env:GITHUB_STEP_SUMMARY
114- }
38+ echo "❌ MERGE BLOCKED: $message"
39+ echo ""
40+ echo "This pull request is attempting to merge from '$HEAD_REF' to '$BASE_REF', which is not permitted."
41+ echo ""
42+ echo "IMPORTANT: $restriction"
43+ echo ""
44+
45+ # Create GitHub step summary
46+ {
47+ echo "# 🚫 Merge Blocked - $title"
48+ echo ""
49+ echo "$message"
50+ echo ""
51+ echo "## Restriction Details"
52+ echo "- **Head branch:** $HEAD_REF"
53+ echo "- **Target branch:** $BASE_REF"
54+ echo "- **Restriction:** $restriction"
55+ } >> "$GITHUB_STEP_SUMMARY"
56+
57+ exit 1
58+ }
59+
60+ # Check blocking conditions using simple bash logic
61+ if [ "$BASE_REF" = "main" ]; then
62+ create_summary_and_exit \
63+ "Release-Preview to Main" \
64+ "Release-preview branches cannot merge to main" \
65+ "Release-preview branches cannot merge directly to main. Create a new branch from main, squash the changes to one commit, and create a new pull request from the new branch."
66+
67+ elif [[ "$BASE_REF" =~ ^release-[a-zA-Z0-9._-]+$ && "$BASE_REF" != *release-preview* ]]; then
68+ create_summary_and_exit \
69+ "Release-Preview to Release" \
70+ "Release-preview branches cannot merge to non-preview release branches" \
71+ "Release-preview branches can only merge to other release-preview branches"
72+
73+ elif [[ "$HEAD_REF" != *"$BASE_REF"* ]]; then
74+ create_summary_and_exit \
75+ "Name Mismatch" \
76+ "Release-preview branch name doesn't contain target branch name" \
77+ "Release-preview branch name must contain target branch name"
78+
79+ else
80+ echo "✅ Merge allowed: Head branch '$HEAD_REF' contains base branch name '$BASE_REF'"
81+ fi
0 commit comments