name: Enforce PR Source

on:
  pull_request:
    types: [opened, synchronize, reopened, ready_for_review]
    branches:
      - main

jobs:
  check-pr-source:
    runs-on: ubuntu-latest
    steps:
      - name: Enforce only staging → main
        run: |
          if [[ "${{ github.head_ref }}" != "staging" ]]; then
            echo "ERROR: Only 'staging' branch may create PRs into 'main'!"
            exit 1
          fi