From 20a60576c71fa3636d0050a3a0078b776e856f9e Mon Sep 17 00:00:00 2001
From: pawelirh <pawel.irzyk@husarion.com>
Date: Thu, 6 Jun 2024 07:37:50 +0000
Subject: [PATCH] Add branch protection rule

---
 .github/workflows/protect-default-branch.yaml | 25 +++++++++++++++++++
 1 file changed, 25 insertions(+)
 create mode 100644 .github/workflows/protect-default-branch.yaml

diff --git a/.github/workflows/protect-default-branch.yaml b/.github/workflows/protect-default-branch.yaml
new file mode 100644
index 000000000..3f305644d
--- /dev/null
+++ b/.github/workflows/protect-default-branch.yaml
@@ -0,0 +1,25 @@
+name: Validate PR head branch
+on:
+  pull_request:
+    types:
+      - opened
+    branches:
+      - ros2
+
+jobs:
+  check-head-branch:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check allowed branches
+        run: |
+          pattern="^[0-9]+\.[0-9]+\.[0-9]+-[0-9]{8}$" # This regex matches the X.X.X-YYYYMMDD pattern
+          if [[ "${{ github.head_ref }}" == *"hotfix"* ]]; then
+            echo "PR from a branch containing 'hotfix' is allowed."
+            exit 0
+          elif [[ "${{ github.head_ref }}" =~ $pattern ]]; then
+            echo "PR from a branch matching X.X.X-YYYYMMDD pattern is allowed."
+            exit 0
+          else
+            echo "PRs must come from branches containing 'hotfix' phrase or matching X.X.X-YYYYMMDD pattern."
+            exit 1
+          fi
\ No newline at end of file