.gitea/workflows/push-validation.yml

@@ -12,7 +12,43 @@ concurrency:
   cancel-in-progress: true
 
 jobs:
+  check-open-pr:
+    runs-on: ubuntu-latest
+    container: docker.io/catthehacker/ubuntu:act-latest
+    outputs:
+      should_run: ${{ steps.detect.outputs.should_run }}
+    steps:
+      - name: Detect open PR for branch
+        id: detect
+        env:
+          REPOSITORY: ${{ github.repository }}
+          OWNER: ${{ github.repository_owner }}
+          BRANCH: ${{ github.ref_name }}
+          SERVER_URL: ${{ github.server_url }}
+          TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          set -euo pipefail
+
+          api_url="${SERVER_URL}/api/v1/repos/${REPOSITORY}/pulls?state=open&head=${OWNER}:${BRANCH}"
+          auth_args=()
+          if [[ -n "${TOKEN:-}" ]]; then
+            auth_args=(-H "Authorization: token ${TOKEN}")
+          fi
+
+          response="$(curl -fsSL "${auth_args[@]}" -H 'accept: application/json' "$api_url" || echo '[]')"
+          open_prs="$(printf '%s' "$response" | grep -o '"number":[0-9]\+' | wc -l | tr -d ' ')"
+
+          if [[ "$open_prs" -gt 0 ]]; then
+            echo "should_run=false" >> "$GITHUB_OUTPUT"
+            echo "Open PR detected for ${OWNER}:${BRANCH}; skipping push validation." >> "$GITHUB_STEP_SUMMARY"
+          else
+            echo "should_run=true" >> "$GITHUB_OUTPUT"
+            echo "No open PR detected for ${OWNER}:${BRANCH}; running push validation." >> "$GITHUB_STEP_SUMMARY"
+          fi
+
   validate:
+    needs: check-open-pr
+    if: ${{ needs.check-open-pr.outputs.should_run == 'true' }}
     runs-on: ubuntu-latest
     container: docker.io/catthehacker/ubuntu:act-latest
     defaults: