diff --git a/.github/workflows/_deploy_lambda.yml b/.github/workflows/_deploy_lambda.yml index 3a407c5a..1cc7d462 100644 --- a/.github/workflows/_deploy_lambda.yml +++ b/.github/workflows/_deploy_lambda.yml @@ -82,6 +82,12 @@ on: required: false TF_VAR_hubspot_api_key: required: false + + TF_VAR_magicplan_customer_id: + required: false + + TF_VAR_magicplan_api_key: + required: false jobs: deploy: runs-on: ubuntu-latest @@ -149,6 +155,8 @@ jobs: TF_VAR_pashub_email: ${{ secrets.TF_VAR_pashub_email }} TF_VAR_pashub_password: ${{ secrets.TF_VAR_pashub_password }} TF_VAR_hubspot_api_key: ${{ secrets.TF_VAR_hubspot_api_key }} + TF_VAR_magicplan_customer_id: ${{ secrets.TF_VAR_magicplan_customer_id }} + TF_VAR_magicplan_api_key: ${{ secrets.TF_VAR_magicplan_api_key }} run: | ECR_REPO_URL_VAR="" if [[ -n "${{ inputs.ecr_repo }}" ]]; then @@ -195,6 +203,8 @@ jobs: TF_VAR_pashub_email: ${{ secrets.TF_VAR_pashub_email }} TF_VAR_pashub_password: ${{ secrets.TF_VAR_pashub_password }} TF_VAR_hubspot_api_key: ${{ secrets.TF_VAR_hubspot_api_key }} + TF_VAR_magicplan_customer_id: ${{ secrets.TF_VAR_magicplan_customer_id }} + TF_VAR_magicplan_api_key: ${{ secrets.TF_VAR_magicplan_api_key }} run: | EXTRA_VARS="" if [[ -n "${{ inputs.ecr_repo }}" ]]; then diff --git a/.github/workflows/protect_releases.yml b/.github/workflows/protect_releases.yml new file mode 100644 index 00000000..cbd08e2f --- /dev/null +++ b/.github/workflows/protect_releases.yml @@ -0,0 +1,17 @@ +name: Restrict PR source + +on: + pull_request: + branches: + - dev + +jobs: + check-source-branch: + runs-on: ubuntu-latest + steps: + - name: Fail if PR is not from main + run: | + if [[ "${{ github.head_ref }}" != "main" ]]; then + echo "Only PRs from main are allowed into dev" + exit 1 + fi \ No newline at end of file