From 9def9a1f02ace2f08543975f204522dd3139d56b Mon Sep 17 00:00:00 2001 From: MaksimZhukov Date: Tue, 15 Sep 2020 15:25:32 +0300 Subject: [PATCH] Add "validate contributor permissions" step --- images.CI/macos/azure-pipelines/image-generation.yml | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/images.CI/macos/azure-pipelines/image-generation.yml b/images.CI/macos/azure-pipelines/image-generation.yml index 8eb3f699..5e42236c 100644 --- a/images.CI/macos/azure-pipelines/image-generation.yml +++ b/images.CI/macos/azure-pipelines/image-generation.yml @@ -9,6 +9,17 @@ jobs: - group: Mac-Cloud Image Generation Key Vault steps: + - pwsh: | + $validСontributor = ${$env:CONTRIBUTOR_ALLOWLIST}.Split(",") | Where-Object { $_ -eq $env:BUILD_SOURCEVERSIONAUTHOR } ` + | Select-Object -First 1 + + if (-not $validСontributor) { + Write-Host "Failed to start this build. $env:BUILD_SOURCEVERSIONAUTHOR is an unknown contributor" + Write-Host "Please add $env:BUILD_SOURCEVERSIONAUTHOR to the allowed list to run this build" + exit 1 + } + displayName: Validate contributor permissions + - checkout: self clean: true fetchDepth: 1