From 42bc2d7de44f0c3ff146820fd0c947494f1d7e6b Mon Sep 17 00:00:00 2001
From: foram-splunk <89519924+foram-splunk@users.noreply.github.com>
Date: Wed, 10 Aug 2022 12:47:40 +0530
Subject: [PATCH 1/3] Update ci_build_test.yaml

---
 .github/workflows/ci_build_test.yaml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/ci_build_test.yaml b/.github/workflows/ci_build_test.yaml
index 6a91c920..dec5ef3e 100644
--- a/.github/workflows/ci_build_test.yaml
+++ b/.github/workflows/ci_build_test.yaml
@@ -81,6 +81,7 @@ jobs:
           files: "target/surefire-reports/*.xml"
 
   e2e_test:
+    environment: workflow-approval
     name: e2e test - kafka version-${{ matrix.kafka_version }}
     runs-on: ubuntu-20.04
     needs:

From 7a34d20d45494baef8b9e7735429939456b52ae7 Mon Sep 17 00:00:00 2001
From: foram-splunk <ftrivedi@splunk.com>
Date: Fri, 12 Aug 2022 17:32:28 +0530
Subject: [PATCH 2/3] Added job for approval of functional tests

---
 .github/workflows/ci_build_test.yaml | 15 ++++++++++++---
 1 file changed, 12 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/ci_build_test.yaml b/.github/workflows/ci_build_test.yaml
index dec5ef3e..8976e9f3 100644
--- a/.github/workflows/ci_build_test.yaml
+++ b/.github/workflows/ci_build_test.yaml
@@ -1,7 +1,7 @@
 name: CI Build Test
 
 on:
-  pull_request:
+  pull_request_target:
     branches-ignore:
       - /^release\/.*/
       - master
@@ -80,12 +80,21 @@ jobs:
           check_name: Unit Test Results
           files: "target/surefire-reports/*.xml"
 
-  e2e_test:
+  functional_tests_approval:
+    name: Approve functional tests
+    runs-on: ubuntu-20.04
     environment: workflow-approval
+    needs:
+      - build-unit-test
+    steps:
+      - name: Approve functional tests
+        run: echo For security reasons, all pull requests need to be approved first before running any automated CI.
+
+  e2e_test:
     name: e2e test - kafka version-${{ matrix.kafka_version }}
     runs-on: ubuntu-20.04
     needs:
-      - build-unit-test
+      - functional_tests_approval
     strategy:
       fail-fast: false
       matrix:

From 46d83b74dd114e010f9157b2c0a2f108a4e064d4 Mon Sep 17 00:00:00 2001
From: foram-splunk <ftrivedi@splunk.com>
Date: Tue, 16 Aug 2022 17:16:26 +0530
Subject: [PATCH 3/3] Updated workflow jobs

---
 .github/workflows/ci_build_test.yaml | 26 +++++++++++++++-----------
 1 file changed, 15 insertions(+), 11 deletions(-)

diff --git a/.github/workflows/ci_build_test.yaml b/.github/workflows/ci_build_test.yaml
index 8976e9f3..52c5930c 100644
--- a/.github/workflows/ci_build_test.yaml
+++ b/.github/workflows/ci_build_test.yaml
@@ -16,9 +16,19 @@ on:
         required: true
 
 jobs:
+  workflow_approval:
+    name: Approve workflow
+    runs-on: ubuntu-20.04
+    environment: workflow-approval
+    steps:
+      - name: Approve workflow
+        run: echo For security reasons, all pull requests need to be approved first before running any automated CI.
+
   fossa-scan:
     continue-on-error: true
     runs-on: ubuntu-latest
+    needs:
+      - workflow_approval
     steps:
       - uses: actions/checkout@v3
       - name: run fossa anlyze and create report
@@ -41,6 +51,8 @@ jobs:
 
   semgrep:
     runs-on: ubuntu-latest
+    needs:
+      - workflow_approval
     name: security-sast-semgrep
     if: github.actor != 'dependabot[bot]'
     steps:
@@ -54,6 +66,8 @@ jobs:
   build-unit-test:
     name: build and run unit test
     runs-on: ubuntu-20.04
+    needs:
+      - workflow_approval
     steps:
       - name: Checkout
         uses: actions/checkout@v2
@@ -80,21 +94,11 @@ jobs:
           check_name: Unit Test Results
           files: "target/surefire-reports/*.xml"
 
-  functional_tests_approval:
-    name: Approve functional tests
-    runs-on: ubuntu-20.04
-    environment: workflow-approval
-    needs:
-      - build-unit-test
-    steps:
-      - name: Approve functional tests
-        run: echo For security reasons, all pull requests need to be approved first before running any automated CI.
-
   e2e_test:
     name: e2e test - kafka version-${{ matrix.kafka_version }}
     runs-on: ubuntu-20.04
     needs:
-      - functional_tests_approval
+      - build-unit-test
     strategy:
       fail-fast: false
       matrix: