From fae7ba119c85a65084bbd676de1e9b5974ca3153 Mon Sep 17 00:00:00 2001
From: Peter Kruczkiewicz <peter.kruczkiewicz@gmail.com>
Date: Wed, 3 Feb 2021 09:28:47 -0600
Subject: [PATCH] Add branch protection GH Action

---
 .github/workflows/branch.yml | 31 +++++++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)
 create mode 100644 .github/workflows/branch.yml

diff --git a/.github/workflows/branch.yml b/.github/workflows/branch.yml
new file mode 100644
index 0000000..76e0b76
--- /dev/null
+++ b/.github/workflows/branch.yml
@@ -0,0 +1,31 @@
+name: branch protection
+# This workflow is triggered on PRs to master branch on the repository
+# It fails when someone tries to make a PR against the `master` branch instead of `dev`
+on:
+  pull_request:
+    branches: [master]
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    steps:
+      # PRs to the repo master branch are only ok if coming from the repo `dev` or any `patch` branches
+      - name: Check PRs
+        if: github.repository == 'phac-nml/biohansel'
+        run: |
+          { [[ ${{github.event.pull_request.head.repo.full_name}} == phac-nml/biohansel ]] && [[ $GITHUB_HEAD_REF = "development" ]]; } || [[ $GITHUB_HEAD_REF == "patch" ]]
+      # If the above check failed, post a comment on the PR explaining the failure
+      # NOTE - this doesn't currently work if the PR is coming from a fork, due to limitations in GitHub actions secrets
+      - name: Post PR comment
+        if: failure()
+        uses: mshick/add-pr-comment@v1
+        with:
+          message: |
+            Hi @${{ github.event.pull_request.user.login }},
+            It looks like this pull-request is has been made against the ${{github.event.pull_request.head.repo.full_name}} `master` branch.
+            The `master` branch on repositories should always contain code from the latest release.
+            Because of this, PRs to `master` are only allowed if they come from the ${{github.event.pull_request.head.repo.full_name}} `development` branch.
+            You do not need to close this PR, you can change the target branch to `development` by clicking the _"Edit"_ button at the top of this page.
+            Thanks again for your contribution!
+          repo-token: ${{ secrets.GITHUB_TOKEN }}
+          allow-repeats: false
\ No newline at end of file