diff --git a/.github/workflows/target-image-sync.yml b/.github/workflows/target-image-sync.yml
index 2bea791..e0999ff 100644
--- a/.github/workflows/target-image-sync.yml
+++ b/.github/workflows/target-image-sync.yml
@@ -64,6 +64,10 @@ jobs:
gh issue edit ${{ github.event.issue.number }} --add-label "sync image succeeded" -b "IMAGE SYNC"
gh issue close ${{ github.event.issue.number }} --reason "completed"
+ if ! ./hack/verify-allows.sh ./allows.txt "${ORIGIN_IMAGE}"; then
+ gh issue comment ${{ github.event.issue.number }} -b "这个镜像不在白名单列表里, 在未来可能将无法访问
将其添加到[白名单](https://github.com/DaoCloud/public-image-mirror/blob/main/allows.txt)"
+ fi
+
- name: Fail Sync
if: failure()
env:
diff --git a/.github/workflows/target-sync-image.yml b/.github/workflows/target-sync-image.yml
index 4208c0c..ecc0761 100644
--- a/.github/workflows/target-sync-image.yml
+++ b/.github/workflows/target-sync-image.yml
@@ -59,6 +59,10 @@ jobs:
gh issue edit ${{ github.event.issue.number }} --add-label "sync image succeeded" -b "IMAGE SYNC"
gh issue close ${{ github.event.issue.number }} --reason "completed"
+ if ! ./hack/verify-allows.sh ./allows.txt "${ORIGIN_IMAGE}"; then
+ gh issue comment ${{ github.event.issue.number }} -b "这个镜像不在白名单列表里, 在未来可能将无法访问
将其添加到[白名单](https://github.com/DaoCloud/public-image-mirror/blob/main/allows.txt)"
+ fi
+
- name: Fail Sync
if: failure()
run: |
diff --git a/hack/verify-allows.sh b/hack/verify-allows.sh
new file mode 100755
index 0000000..1516ba9
--- /dev/null
+++ b/hack/verify-allows.sh
@@ -0,0 +1,27 @@
+#!/usr/bin/env bash
+
+file=$1
+
+image=$2
+
+function check_allows() {
+ local file=$1
+ local image=$2
+ while read line; do
+ if [[ "${line}" == *"**" ]]; then
+ if [[ "${image}" == "${line%\*\*}"* ]]; then
+ return 0
+ fi
+ elif [[ "${line}" == *"*" ]]; then
+ if [[ "${image}" == "${line%\*}"* ]]; then
+ if [[ "${image#"${line%\*}"}" != *"/"* ]]; then
+ return 0
+ fi
+ fi
+ fi
+ done <"${file}"
+
+ return 1
+}
+
+check_allows "${file}" "${image}"