Issue
In our pipeline, we are currently checking out a PR (creating a new local branch), testing it, and if tests pass, merge the PR. We are using this to merge the PR:
curl -X PUT https://api.github.com/repos/'${repo}'/pulls/'${prNumber}'/merge
The problem with this, is its possible a developer could push more commits to this PR while its getting tested. How can I prevent this? It would be preferred to just merge the commits that were tested (up to the commit on my local branch). However, failing the job if new commits were merged would suffice if I can check all the repos' PRs before merging any of them
Solution
That depends on your build procedure. If your merge script checks for at least one approval, and only then your branch is eligible to merge, you can dismiss stale pull request when new commits are pushed, which will revert the approval:
If your script doesn't require approvals, you can check the SHA of the last commit at the beginning of the procedure, and just before you merge you can validate it wasn't change.
Answered By - Maroun