fix PR approved state

[Saga4]

ToDO: Currently there is no way to approve all workflow runs at once in GitHub Actions.

PR Type

• Enhancement

---

Description

• Improve workflow security check messaging.

• Refactor PR author allowlist validation logic.

• Standardize quoting in Git diff commands.

• Enhance logging for workflow file changes.

---

Changes walkthrough 📝

Relevant files

Enhancement

8 files codeflash-optimize.yaml Update workflow validation and logging messages.                  +15/-8    end-to-end-test-bubblesort-pytest-no-git.yaml Refactor workflow validation and allowlist checks.              +15/-8    end-to-end-test-bubblesort-unittest.yaml Standardize security checks and log formatting.                    +15/-8    end-to-end-test-coverage.yaml Improve PR validation for workflow changes.                            +15/-8    end-to-end-test-futurehouse.yaml Enhance workflow security author-check messages.                  +15/-8    end-to-end-test-init-optim.yaml Refactor validation and authorization messaging.                  +15/-8    end-to-end-test-tracer-replay.yaml Harmonize workflow changes check and messages.                      +15/-8    end-to-end-topological-sort-test.yaml Correct conditional logic and security output.                      +15/-11

---

Need help?

Type /help how to ... in the comments thread for any questions about PR-Agent usage.

Check out the documentation for more information.

[github-actions]

PR Reviewer Guide 🔍

Here are some key observations to aid the review process:

⏱️ Estimated effort to review: 3 🔵🔵🔵⚪⚪

🧪 No relevant tests

🔒 No security concerns identified

⚡ Recommended focus areas for review Code Duplication The allowlist and PR validation logic is now added in several workflow files with almost identical implementations. It is recommended to consider refactoring this repeated logic into a centralized or reusable component to ease future maintenance. # Check for any workflow changes if git diff --name-only "${{ github.event.pull_request.base.sha }}" "${{ github.sha }}" | grep -q "^.github/workflows/"; then echo "⚠️ Workflow changes detected." # Get the PR author AUTHOR="${{ github.event.pull_request.user.login }}" echo "PR Author: $AUTHOR" # Allowlist check if [[ "$AUTHOR" == "misrasaurabh1" || "$AUTHOR" == "KRRT7" ]]; then echo "✅ Authorized user ($AUTHOR). Proceeding." elif [[ "${{ github.event_name }}" == "pull_request_target" && "${{ github.event.pull_request.state }}" == "open" ]]; then echo "✅ PR triggered by 'pull_request_target' and is open. Assuming protection rules are in place. Proceeding." else echo "⛔ Unauthorized user ($AUTHOR) attempting to modify workflows. Exiting." exit 1 fi else echo "✅ No workflow file changes detected. Proceeding." fi

[github-actions]

PR Code Suggestions ✨

No code suggestions found for the PR.