From c49682658a73d018038fb4fe161e63f9b1a0995a Mon Sep 17 00:00:00 2001 From: Jun-te Kim Date: Wed, 24 Jun 2026 07:56:42 +0000 Subject: [PATCH] ci: disable integration/deploy/protect workflows (Actions minutes) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Comment out the remaining workflows to cut GitHub Actions usage, per request: - integration_tests.yml — rebaselining integration suite (PRs to main) - deploy_fastapi_backend.yml — FastAPI backend deploy (push to dev/prod); deploys must be run manually via `sls deploy` while disabled - protect_releases.yml — main→dev PR-source guardrail Fully commented (not deleted) so each restores by uncommenting. Co-Authored-By: Claude Opus 4.8 (1M context) --- .github/workflows/deploy_fastapi_backend.yml | 343 ++++++++++--------- .github/workflows/integration_tests.yml | 73 ++-- .github/workflows/protect_releases.yml | 37 +- 3 files changed, 231 insertions(+), 222 deletions(-) diff --git a/.github/workflows/deploy_fastapi_backend.yml b/.github/workflows/deploy_fastapi_backend.yml index 6ebb6cef..645d6bc1 100644 --- a/.github/workflows/deploy_fastapi_backend.yml +++ b/.github/workflows/deploy_fastapi_backend.yml @@ -1,170 +1,173 @@ -name: Fast Api Backend Deploy - -on: - push: - branches: [ dev, prod ] - -jobs: - deploy: - runs-on: ubuntu-latest - - steps: - - name: Checkout code - uses: actions/checkout@v3 - - - name: Set up Python - uses: actions/setup-python@v2 - with: - python-version: 3.10.12 - - - name: Install Serverless and plugins - run: | - npm install -g serverless@^3.38.0 - npm install -g serverless-domain-manager@^7.3.8 - npm install -g serverless-python-requirements - - - name: Install dependencies - run: | - python -m pip install --upgrade pip - - - name: AWS credentials for dev - if: github.ref == 'refs/heads/dev' - uses: aws-actions/configure-aws-credentials@v1 - with: - aws-access-key-id: ${{ secrets.DEV_AWS_ACCESS_KEY_ID }} - aws-secret-access-key: ${{ secrets.DEV_AWS_SECRET_ACCESS_KEY }} - aws-region: eu-west-2 - - - name: AWS credentials for prod - if: github.ref == 'refs/heads/prod' - uses: aws-actions/configure-aws-credentials@v1 - with: - aws-access-key-id: ${{ secrets.PROD_AWS_ACCESS_KEY_ID }} - aws-secret-access-key: ${{ secrets.PROD_AWS_SECRET_ACCESS_KEY }} - aws-region: eu-west-2 - - - name: Set domain name - id: set_domain - run: echo "::set-output name=domain::${{ secrets[format('{0}_DOMAIN_NAME', github.ref_name)] }}" - - - name: Set EPC auth token - id: set_auth_token - run: echo "::set-output name=auth_token::${{ secrets[format('{0}_EPC_AUTH_TOKEN', github.ref_name)] }}" - - - name: Set Open EPC API token - id: set_open_epc_token - run: echo "::set-output name=open_epc_token::${{ secrets[format('{0}_OPEN_EPC_API_TOKEN', github.ref_name)] }}" - - # Store port, name and host in github secrets - - name: Set DB credentials - id: set_db_credentials - run: | - echo "::set-output name=db_host::${{ secrets[format('{0}_DB_HOST', github.ref_name)] }}" - echo "::set-output name=db_port::${{ secrets[format('{0}_DB_PORT', github.ref_name)] }}" - echo "::set-output name=db_name::${{ secrets[format('{0}_DB_NAME', github.ref_name)] }}" - - - name: Set ECR credentials - id: set_ecr_credentials - run: | - echo "::set-output name=ecr_uri::${{ secrets[format('{0}_ECR_URI', github.ref_name)] }}" - - - name: Set Secrets - id: set_api_secrets - run: | - echo "::set-output name=sap_predictions_bucket::${{ secrets[format('{0}_SAP_PREDICTIONS_BUCKET', github.ref_name)] }}" - echo "::set-output name=carbon_predictions_bucket::${{ secrets[format('{0}_CARBON_PREDICTIONS_BUCKET', github.ref_name)] }}" - echo "::set-output name=heat_predictions_bucket::${{ secrets[format('{0}_HEAT_PREDICTIONS_BUCKET', github.ref_name)] }}" - echo "::set-output name=lighting_cost_predictions_bucket::${{ secrets[format('{0}_LIGHTING_COST_PREDICTIONS_BUCKET', github.ref_name)] }}" - echo "::set-output name=heating_cost_predictions_bucket::${{ secrets[format('{0}_HEATING_COST_PREDICTIONS_BUCKET', github.ref_name)] }}" - echo "::set-output name=hot_water_cost_predictions_bucket::${{ secrets[format('{0}_HOT_WATER_COST_PREDICTIONS_BUCKET', github.ref_name)] }}" - echo "::set-output name=heating_kwh_predictions_bucket::${{ secrets[format('{0}_HEATING_KWH_PREDICTIONS_BUCKET', github.ref_name)] }}" - echo "::set-output name=hotwater_kwh_predictions_bucket::${{ secrets[format('{0}_HOTWATER_KWH_PREDICTIONS_BUCKET', github.ref_name)] }}" - echo "::set-output name=energy_asessments_bucket::${{ secrets[format('{0}_ENERGY_ASSESSMENTS_BUCKET', github.ref_name)] }}" - echo "::set-output name=google_solar_api_key::${{ secrets[format('{0}_GOOGLE_SOLAR_API_KEY', github.ref_name)] }}" - echo "::set-output name=sap_baseline_predictions_bucket::${{ secrets[format('{0}_SAP_BASELINE_PREDICTIONS_BUCKET', github.ref_name)] }}" - echo "::set-output name=carbon_baseline_predictions_bucket::${{ secrets[format('{0}_CARBON_BASELINE_PREDICTIONS_BUCKET', github.ref_name)] }}" - echo "::set-output name=heat_baseline_predictions_bucket::${{ secrets[format('{0}_HEAT_BASELINE_PREDICTIONS_BUCKET', github.ref_name)] }}" - - - name: Setup Docker - uses: docker/setup-buildx-action@v1 - - # - name: Setup Docker Buildx - # run: | - # docker buildx create --use - - - name: Build Docker Image For Engine - run: | - docker buildx build \ - --platform linux/amd64 \ - --provenance=false \ - --output=type=docker \ - -t fastapi-lambda-image:${{ github.sha }} \ - -f backend/docker/engine.Dockerfile \ - . - - - name: Login to ECR - run: | - aws ecr get-login-password --region eu-west-2 | docker login --username AWS --password-stdin ${{ steps.set_ecr_credentials.outputs.ecr_uri }} - - - name: Tag and Push Docker Image to ECR - run: | - docker tag fastapi-lambda-image:${{ github.sha }} ${{ steps.set_ecr_credentials.outputs.ecr_uri }}:${{ github.sha }} - docker push ${{ steps.set_ecr_credentials.outputs.ecr_uri }}:${{ github.sha }} - - - name: Deploy to AWS Lambda via Serverless - env: - API_KEY: ${{ secrets.FASTAPI_API_KEY }} - ENVIRONMENT: ${{ github.ref_name }} - SECRET_KEY: ${{ secrets.NEXTAUTH_SECRET }} - PLAN_TRIGGER_BUCKET: 'retrofit-plan-inputs-${{ github.ref_name }}' - DATA_BUCKET: 'retrofit-data-${{ github.ref_name }}' - PREDICTIONS_BUCKET: 'retrofit-sap-predictions-${{ github.ref_name }}' - SAP_PREDICTIONS_BUCKET: ${{ steps.set_api_secrets.outputs.sap_predictions_bucket }} - CARBON_PREDICTIONS_BUCKET: ${{ steps.set_api_secrets.outputs.carbon_predictions_bucket }} - HEAT_PREDICTIONS_BUCKET: ${{ steps.set_api_secrets.outputs.heat_predictions_bucket }} - LIGHTING_COST_PREDICTIONS_BUCKET: ${{ steps.set_api_secrets.outputs.lighting_cost_predictions_bucket }} - HEATING_COST_PREDICTIONS_BUCKET: ${{ steps.set_api_secrets.outputs.heating_cost_predictions_bucket }} - HOT_WATER_COST_PREDICTIONS_BUCKET: ${{ steps.set_api_secrets.outputs.hot_water_cost_predictions_bucket }} - HEATING_KWH_PREDICTIONS_BUCKET: ${{ steps.set_api_secrets.outputs.heating_kwh_predictions_bucket }} - HOTWATER_KWH_PREDICTIONS_BUCKET: ${{ steps.set_api_secrets.outputs.hotwater_kwh_predictions_bucket }} - ENERGY_ASSESSMENTS_BUCKET: ${{ steps.set_api_secrets.outputs.energy_asessments_bucket }} - GOOGLE_SOLAR_API_KEY: ${{ steps.set_api_secrets.outputs.google_solar_api_key }} - DOMAIN_NAME: ${{ steps.set_domain.outputs.domain }} - EPC_AUTH_TOKEN: ${{ steps.set_auth_token.outputs.auth_token }} - OPEN_EPC_API_TOKEN: ${{ steps.set_open_epc_token.outputs.open_epc_token }} - DB_HOST: ${{ steps.set_db_credentials.outputs.db_host }} - DB_PORT: ${{ steps.set_db_credentials.outputs.db_port }} - DB_NAME: ${{ steps.set_db_credentials.outputs.db_name }} - ECR_URI: ${{ steps.set_ecr_credentials.outputs.ecr_uri }} - GITHUB_SHA: ${{ github.sha }} - SAP_BASELINE_PREDICTIONS_BUCKET: ${{ steps.set_api_secrets.outputs.sap_baseline_predictions_bucket }} - CARBON_BASELINE_PREDICTIONS_BUCKET: ${{ steps.set_api_secrets.outputs.carbon_baseline_predictions_bucket }} - HEAT_BASELINE_PREDICTIONS_BUCKET: ${{ steps.set_api_secrets.outputs.heat_baseline_predictions_bucket }} - run: | - # Fetch database credentials from AWS Secrets Manager - SECRET_VALUE=$(aws secretsmanager get-secret-value --secret-id ${{ github.ref_name }}/assessment_model/db_credentials --query SecretString) - DB_USERNAME=$(echo "$SECRET_VALUE" | jq -r '. | fromjson | .db_assessment_model_username') - DB_PASSWORD=$(echo "$SECRET_VALUE" | jq -r '. | fromjson | .db_assessment_model_password') - - # Set the database credentials as environment variables - export DB_USERNAME - export DB_PASSWORD - - # Deploy to AWS Lambda via Serverless - sls deploy --stage ${{ github.ref_name }} --verbose - - - name: Smoke test deployed /health - env: - EXPECTED_SHA: ${{ github.sha }} - HEALTH_URL: https://api.${{ steps.set_domain.outputs.domain }}/health - run: | - set -euo pipefail - echo "Probing $HEALTH_URL" - RESPONSE=$(curl -fsSL --max-time 30 --retry 3 --retry-delay 5 --retry-connrefused "$HEALTH_URL") - echo "Response: $RESPONSE" - ACTUAL_SHA=$(echo "$RESPONSE" | jq -r '.sha') - if [[ "$ACTUAL_SHA" != "$EXPECTED_SHA" ]]; then - echo "::error::SHA mismatch. expected=$EXPECTED_SHA actual=$ACTUAL_SHA" - exit 1 - fi - echo "Health check passed. sha=$ACTUAL_SHA" +# Temporarily disabled — the FastAPI backend deploy pipeline (deploys must be run manually via `sls deploy` while disabled). +# Commented out to cut GitHub Actions minutes; uncomment to re-enable. +# +# name: Fast Api Backend Deploy +# +# on: +# push: +# branches: [ dev, prod ] +# +# jobs: +# deploy: +# runs-on: ubuntu-latest +# +# steps: +# - name: Checkout code +# uses: actions/checkout@v3 +# +# - name: Set up Python +# uses: actions/setup-python@v2 +# with: +# python-version: 3.10.12 +# +# - name: Install Serverless and plugins +# run: | +# npm install -g serverless@^3.38.0 +# npm install -g serverless-domain-manager@^7.3.8 +# npm install -g serverless-python-requirements +# +# - name: Install dependencies +# run: | +# python -m pip install --upgrade pip +# +# - name: AWS credentials for dev +# if: github.ref == 'refs/heads/dev' +# uses: aws-actions/configure-aws-credentials@v1 +# with: +# aws-access-key-id: ${{ secrets.DEV_AWS_ACCESS_KEY_ID }} +# aws-secret-access-key: ${{ secrets.DEV_AWS_SECRET_ACCESS_KEY }} +# aws-region: eu-west-2 +# +# - name: AWS credentials for prod +# if: github.ref == 'refs/heads/prod' +# uses: aws-actions/configure-aws-credentials@v1 +# with: +# aws-access-key-id: ${{ secrets.PROD_AWS_ACCESS_KEY_ID }} +# aws-secret-access-key: ${{ secrets.PROD_AWS_SECRET_ACCESS_KEY }} +# aws-region: eu-west-2 +# +# - name: Set domain name +# id: set_domain +# run: echo "::set-output name=domain::${{ secrets[format('{0}_DOMAIN_NAME', github.ref_name)] }}" +# +# - name: Set EPC auth token +# id: set_auth_token +# run: echo "::set-output name=auth_token::${{ secrets[format('{0}_EPC_AUTH_TOKEN', github.ref_name)] }}" +# +# - name: Set Open EPC API token +# id: set_open_epc_token +# run: echo "::set-output name=open_epc_token::${{ secrets[format('{0}_OPEN_EPC_API_TOKEN', github.ref_name)] }}" +# +# # Store port, name and host in github secrets +# - name: Set DB credentials +# id: set_db_credentials +# run: | +# echo "::set-output name=db_host::${{ secrets[format('{0}_DB_HOST', github.ref_name)] }}" +# echo "::set-output name=db_port::${{ secrets[format('{0}_DB_PORT', github.ref_name)] }}" +# echo "::set-output name=db_name::${{ secrets[format('{0}_DB_NAME', github.ref_name)] }}" +# +# - name: Set ECR credentials +# id: set_ecr_credentials +# run: | +# echo "::set-output name=ecr_uri::${{ secrets[format('{0}_ECR_URI', github.ref_name)] }}" +# +# - name: Set Secrets +# id: set_api_secrets +# run: | +# echo "::set-output name=sap_predictions_bucket::${{ secrets[format('{0}_SAP_PREDICTIONS_BUCKET', github.ref_name)] }}" +# echo "::set-output name=carbon_predictions_bucket::${{ secrets[format('{0}_CARBON_PREDICTIONS_BUCKET', github.ref_name)] }}" +# echo "::set-output name=heat_predictions_bucket::${{ secrets[format('{0}_HEAT_PREDICTIONS_BUCKET', github.ref_name)] }}" +# echo "::set-output name=lighting_cost_predictions_bucket::${{ secrets[format('{0}_LIGHTING_COST_PREDICTIONS_BUCKET', github.ref_name)] }}" +# echo "::set-output name=heating_cost_predictions_bucket::${{ secrets[format('{0}_HEATING_COST_PREDICTIONS_BUCKET', github.ref_name)] }}" +# echo "::set-output name=hot_water_cost_predictions_bucket::${{ secrets[format('{0}_HOT_WATER_COST_PREDICTIONS_BUCKET', github.ref_name)] }}" +# echo "::set-output name=heating_kwh_predictions_bucket::${{ secrets[format('{0}_HEATING_KWH_PREDICTIONS_BUCKET', github.ref_name)] }}" +# echo "::set-output name=hotwater_kwh_predictions_bucket::${{ secrets[format('{0}_HOTWATER_KWH_PREDICTIONS_BUCKET', github.ref_name)] }}" +# echo "::set-output name=energy_asessments_bucket::${{ secrets[format('{0}_ENERGY_ASSESSMENTS_BUCKET', github.ref_name)] }}" +# echo "::set-output name=google_solar_api_key::${{ secrets[format('{0}_GOOGLE_SOLAR_API_KEY', github.ref_name)] }}" +# echo "::set-output name=sap_baseline_predictions_bucket::${{ secrets[format('{0}_SAP_BASELINE_PREDICTIONS_BUCKET', github.ref_name)] }}" +# echo "::set-output name=carbon_baseline_predictions_bucket::${{ secrets[format('{0}_CARBON_BASELINE_PREDICTIONS_BUCKET', github.ref_name)] }}" +# echo "::set-output name=heat_baseline_predictions_bucket::${{ secrets[format('{0}_HEAT_BASELINE_PREDICTIONS_BUCKET', github.ref_name)] }}" +# +# - name: Setup Docker +# uses: docker/setup-buildx-action@v1 +# +# # - name: Setup Docker Buildx +# # run: | +# # docker buildx create --use +# +# - name: Build Docker Image For Engine +# run: | +# docker buildx build \ +# --platform linux/amd64 \ +# --provenance=false \ +# --output=type=docker \ +# -t fastapi-lambda-image:${{ github.sha }} \ +# -f backend/docker/engine.Dockerfile \ +# . +# +# - name: Login to ECR +# run: | +# aws ecr get-login-password --region eu-west-2 | docker login --username AWS --password-stdin ${{ steps.set_ecr_credentials.outputs.ecr_uri }} +# +# - name: Tag and Push Docker Image to ECR +# run: | +# docker tag fastapi-lambda-image:${{ github.sha }} ${{ steps.set_ecr_credentials.outputs.ecr_uri }}:${{ github.sha }} +# docker push ${{ steps.set_ecr_credentials.outputs.ecr_uri }}:${{ github.sha }} +# +# - name: Deploy to AWS Lambda via Serverless +# env: +# API_KEY: ${{ secrets.FASTAPI_API_KEY }} +# ENVIRONMENT: ${{ github.ref_name }} +# SECRET_KEY: ${{ secrets.NEXTAUTH_SECRET }} +# PLAN_TRIGGER_BUCKET: 'retrofit-plan-inputs-${{ github.ref_name }}' +# DATA_BUCKET: 'retrofit-data-${{ github.ref_name }}' +# PREDICTIONS_BUCKET: 'retrofit-sap-predictions-${{ github.ref_name }}' +# SAP_PREDICTIONS_BUCKET: ${{ steps.set_api_secrets.outputs.sap_predictions_bucket }} +# CARBON_PREDICTIONS_BUCKET: ${{ steps.set_api_secrets.outputs.carbon_predictions_bucket }} +# HEAT_PREDICTIONS_BUCKET: ${{ steps.set_api_secrets.outputs.heat_predictions_bucket }} +# LIGHTING_COST_PREDICTIONS_BUCKET: ${{ steps.set_api_secrets.outputs.lighting_cost_predictions_bucket }} +# HEATING_COST_PREDICTIONS_BUCKET: ${{ steps.set_api_secrets.outputs.heating_cost_predictions_bucket }} +# HOT_WATER_COST_PREDICTIONS_BUCKET: ${{ steps.set_api_secrets.outputs.hot_water_cost_predictions_bucket }} +# HEATING_KWH_PREDICTIONS_BUCKET: ${{ steps.set_api_secrets.outputs.heating_kwh_predictions_bucket }} +# HOTWATER_KWH_PREDICTIONS_BUCKET: ${{ steps.set_api_secrets.outputs.hotwater_kwh_predictions_bucket }} +# ENERGY_ASSESSMENTS_BUCKET: ${{ steps.set_api_secrets.outputs.energy_asessments_bucket }} +# GOOGLE_SOLAR_API_KEY: ${{ steps.set_api_secrets.outputs.google_solar_api_key }} +# DOMAIN_NAME: ${{ steps.set_domain.outputs.domain }} +# EPC_AUTH_TOKEN: ${{ steps.set_auth_token.outputs.auth_token }} +# OPEN_EPC_API_TOKEN: ${{ steps.set_open_epc_token.outputs.open_epc_token }} +# DB_HOST: ${{ steps.set_db_credentials.outputs.db_host }} +# DB_PORT: ${{ steps.set_db_credentials.outputs.db_port }} +# DB_NAME: ${{ steps.set_db_credentials.outputs.db_name }} +# ECR_URI: ${{ steps.set_ecr_credentials.outputs.ecr_uri }} +# GITHUB_SHA: ${{ github.sha }} +# SAP_BASELINE_PREDICTIONS_BUCKET: ${{ steps.set_api_secrets.outputs.sap_baseline_predictions_bucket }} +# CARBON_BASELINE_PREDICTIONS_BUCKET: ${{ steps.set_api_secrets.outputs.carbon_baseline_predictions_bucket }} +# HEAT_BASELINE_PREDICTIONS_BUCKET: ${{ steps.set_api_secrets.outputs.heat_baseline_predictions_bucket }} +# run: | +# # Fetch database credentials from AWS Secrets Manager +# SECRET_VALUE=$(aws secretsmanager get-secret-value --secret-id ${{ github.ref_name }}/assessment_model/db_credentials --query SecretString) +# DB_USERNAME=$(echo "$SECRET_VALUE" | jq -r '. | fromjson | .db_assessment_model_username') +# DB_PASSWORD=$(echo "$SECRET_VALUE" | jq -r '. | fromjson | .db_assessment_model_password') +# +# # Set the database credentials as environment variables +# export DB_USERNAME +# export DB_PASSWORD +# +# # Deploy to AWS Lambda via Serverless +# sls deploy --stage ${{ github.ref_name }} --verbose +# +# - name: Smoke test deployed /health +# env: +# EXPECTED_SHA: ${{ github.sha }} +# HEALTH_URL: https://api.${{ steps.set_domain.outputs.domain }}/health +# run: | +# set -euo pipefail +# echo "Probing $HEALTH_URL" +# RESPONSE=$(curl -fsSL --max-time 30 --retry 3 --retry-delay 5 --retry-connrefused "$HEALTH_URL") +# echo "Response: $RESPONSE" +# ACTUAL_SHA=$(echo "$RESPONSE" | jq -r '.sha') +# if [[ "$ACTUAL_SHA" != "$EXPECTED_SHA" ]]; then +# echo "::error::SHA mismatch. expected=$EXPECTED_SHA actual=$ACTUAL_SHA" +# exit 1 +# fi +# echo "Health check passed. sha=$ACTUAL_SHA" diff --git a/.github/workflows/integration_tests.yml b/.github/workflows/integration_tests.yml index 6093e249..374bf94e 100644 --- a/.github/workflows/integration_tests.yml +++ b/.github/workflows/integration_tests.yml @@ -1,35 +1,38 @@ -name: Rebaselining Integration Test - -on: - pull_request: - branches: - - main - -jobs: - rebaselining-integration-test: - runs-on: ubuntu-latest - steps: - - name: Checkout code - uses: actions/checkout@v4 - - - name: Set up Python 3.11 - uses: actions/setup-python@v4 - with: - python-version: '3.11' - - - name: Install tox via Makefile - run: | - make setup - - - name: Configure AWS credentials for dev - uses: aws-actions/configure-aws-credentials@v1 - with: - aws-access-key-id: ${{ secrets.DEV_AWS_ACCESS_KEY_ID }} - aws-secret-access-key: ${{ secrets.DEV_AWS_SECRET_ACCESS_KEY }} - aws-region: eu-west-2 - - - name: Run only rebaselining integration test - env: - EPC_AUTH_TOKEN: ${{ secrets.DEV_EPC_AUTH_TOKEN }} - run: | - make test ARGS="-m integration" +# Temporarily disabled — the rebaselining integration suite. +# Commented out to cut GitHub Actions minutes; uncomment to re-enable. +# +# name: Rebaselining Integration Test +# +# on: +# pull_request: +# branches: +# - main +# +# jobs: +# rebaselining-integration-test: +# runs-on: ubuntu-latest +# steps: +# - name: Checkout code +# uses: actions/checkout@v4 +# +# - name: Set up Python 3.11 +# uses: actions/setup-python@v4 +# with: +# python-version: '3.11' +# +# - name: Install tox via Makefile +# run: | +# make setup +# +# - name: Configure AWS credentials for dev +# uses: aws-actions/configure-aws-credentials@v1 +# with: +# aws-access-key-id: ${{ secrets.DEV_AWS_ACCESS_KEY_ID }} +# aws-secret-access-key: ${{ secrets.DEV_AWS_SECRET_ACCESS_KEY }} +# aws-region: eu-west-2 +# +# - name: Run only rebaselining integration test +# env: +# EPC_AUTH_TOKEN: ${{ secrets.DEV_EPC_AUTH_TOKEN }} +# run: | +# make test ARGS="-m integration" diff --git a/.github/workflows/protect_releases.yml b/.github/workflows/protect_releases.yml index cbd08e2f..7c8c7258 100644 --- a/.github/workflows/protect_releases.yml +++ b/.github/workflows/protect_releases.yml @@ -1,17 +1,20 @@ -name: Restrict PR source - -on: - pull_request: - branches: - - dev - -jobs: - check-source-branch: - runs-on: ubuntu-latest - steps: - - name: Fail if PR is not from main - run: | - if [[ "${{ github.head_ref }}" != "main" ]]; then - echo "Only PRs from main are allowed into dev" - exit 1 - fi \ No newline at end of file +# Temporarily disabled — the main→dev PR-source guardrail. +# Commented out to cut GitHub Actions minutes; uncomment to re-enable. +# +# name: Restrict PR source +# +# on: +# pull_request: +# branches: +# - dev +# +# jobs: +# check-source-branch: +# runs-on: ubuntu-latest +# steps: +# - name: Fail if PR is not from main +# run: | +# if [[ "${{ github.head_ref }}" != "main" ]]; then +# echo "Only PRs from main are allowed into dev" +# exit 1 +# fi