dcsaorg · jkosternl · Feb 17, 2025 · Feb 13, 2025 · Feb 13, 2025 · Feb 13, 2025
diff --git a/.github/forbidden_changes.txt b/.github/forbidden_changes.txt
@@ -0,0 +1,58 @@
+bkg/v1/bkg_v1.0.0.yaml
+bkg/v1/bkg_v1.0.0-Beta-1.yaml
+bkg/v1/bkg_v1.0.0-Beta-2.yaml
+bkg/v2/notification/*
+bkg/v2/BKG_v2.0.0.yaml
+bkg/v2/BKG_v2.0.0-Beta-1.yaml
+bkg/v2/BKG_v2.0.0-Beta-2.yaml
+cs/v1/CS_v1.0.0.yaml
+cs/v1/CS_v1.0.0-Beta-1.yaml
+documentation_event_hub/*
+domain/*
+ebl/v1/ebl.yaml
+ebl/v2/ebl_v2.0.0.yaml
+ebl/v2/ebl_v2.0.0-Beta-1.yaml
+ebl/v2/ebl_v2.0.0-Beta-2.yaml
+ebl/v2/ebl_v2.0.0-Beta-3.yaml
+ebl/v3/EBL_v3.0.0.yaml
+ebl/v3/ebl_v3.0.0-Beta-1.yaml
+ebl/v3/EBL_v3.0.0-Beta-2.yaml
+ebl/v3/issuance/EBL_ISS_v3.0.0.yaml
+ebl/v3/issuance/ebl_iss_v3.0.0-Beta-1.yaml
+ebl/v3/issuance/EBL_ISS_v3.0.0-Beta-2.yaml
+ebl/v3/issuance_response/*
+ebl/v3/notification/*
+ebl/v3/surrender/EBL_SUR_v3.0.0.yaml
+ebl/v3/surrender/ebl_sur_v3.0.0-Beta-1.yaml
+ebl/v3/surrender/EBL_SUR_v3.0.0-Beta-2.yaml
+ebl/v3/surrender_response/*
+iot/v1/iot_v1.0.0-Beta-1.yaml
+jit/v1/jit_v1.0.0.yaml
+jit/v1/jit_v1.1.0.yaml
+jit/v1/jit_v1.2.0-Beta-1.yaml
+models/*
+ovs/v1/ovs.yaml
+ovs/v1/ovs_v1.0.0.yaml
+ovs/v1/ovs_v1.0.1.yaml
+ovs/v2/ovs.yaml
+ovs/v2/ovs_v2.0.0.yaml
+ovs/v2/ovs_v2.0.1.yaml
+ovs/v2/ovs_v2.0.2.yaml
+ovs/v3/OVS_v3.0.0.yaml
+ovs/v3/ovs_v3.0.0-Beta-1.yaml
+ovs/v3/reference-data/*
+ovs_event_hub/*
+reefer/v1/reefer_v1.0.0-Beta-1.yaml
+reference-data/*
+tnt/v1/tnt.yaml
+tnt/v1/tnt_v1.0.0.yaml
+tnt/v1/tnt_v1.1.0.yaml
+tnt/v1/tnt_v1.2.0.yaml
+tnt/v2/tnt.yaml
+tnt/v2/TNT_v2.0.0.yaml
+tnt/v2/TNT_v2.0.1.yaml
+tnt/v2/TNT_v2.1.0.yaml
+tnt/v2/TNT_v2.1.1.yaml
+tnt/v2/TNT_v2.1.2.yaml
+tnt/v2/TNT_v2.2.0.yaml
+tnt/v3/tnt_v3.0.0-Beta-1.yaml
diff --git a/.github/workflows/check_forbidden_changes.yml b/.github/workflows/check_forbidden_changes.yml
@@ -0,0 +1,81 @@
+name: Check Forbidden Changes
+
+on:
+  pull_request:
+    types: [opened, synchronize, reopened]
+    branches: [master]
+
+jobs:
+  check_changes:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Load forbidden paths
+        id: forbidden_paths
+        uses: actions/github-script@v7
+        with:
+          script: |
+            const fs = require('fs');
+            try {
+              const forbiddenPaths = fs.readFileSync('.github/forbidden_changes.txt', 'utf8').split('\n').filter(path => path.trim() !== ''); // Read and filter empty lines
+              console.log("Found valid lines (files): " + forbiddenPaths.length);
+              return forbiddenPaths;
+            } catch (error) {
+              core.setFailed('Could not read forbidden paths file: ' + error.message);
+              return [];
+            }
+
+      - name: Get changed files
+        id: changed_files
+        uses: actions/github-script@v7
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          script: |
+            const { owner, repo } = context.repo;
+            const pull_number = context.issue.number; // For PRs
+
+            const response = await github.rest.pulls.listFiles({
+              owner,
+              repo,
+              pull_number,
+              per_page: 100
+            });
+
+            const changedFiles = response.data.map(file => file.filename).filter(file => !file.endsWith('.md'));
+            core.setOutput('changed_files', changedFiles.join(',')); // Set the output
+            // console.log('Changed files:', changedFiles);
+
+      - name: Check for forbidden changes
+        id: check_changes
+        uses: actions/github-script@v7
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          script: |
+            const forbiddenPaths = ${{ steps.forbidden_paths.outputs.result }};
+            const changedFilesString = '${{ steps.changed_files.outputs.changed_files }}';
+            const changedFiles = changedFilesString.split(',');
+
+            let violations = [];
+
+            changedFiles.forEach(file => {
+              forbiddenPaths.forEach(forbiddenPath => {
+                // console.log("Processing file: " + file + " with forbidden path: " + forbiddenPath);
+                const regex = new RegExp(forbiddenPath); // Use regex for matching
+                if (regex.test(file)) {
+                  violations.push(file);
+                }
+              });
+            });
+
+            if (violations.length > 0) {
+              core.setFailed(`You are not allowed to change the following file(s): ${violations.join(', ')}`);
+              // Create a comment on the PR
+              await github.rest.issues.createComment({
+                issue_number: context.issue.number,
+                owner: context.repo.owner,
+                repo: context.repo.repo,
+                body: `**Error**: The following file(s) are not allowed to be changed: ${violations.join(', ')}`
+              });
+            }
diff --git a/.gitignore b/.gitignore
@@ -0,0 +1,7 @@
+/workspace.xml
+.idea/
+*.iml
+.vscode/
+node_modules/
+dist/
+*.log