ZWaveJS fails to load when running with external auth due to service worker #10495
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: 'Z-Wave Bot: React to comments' | |
on: | |
issue_comment: | |
types: [created] # edited, deleted | |
jobs: | |
# ######################################################################### | |
# Fix lint errors when an authorized person posts "@zwave-js-bot fix lint" | |
fix-lint: | |
if: | | |
contains(github.event.issue.html_url, '/pull/') && | |
contains(github.event.comment.body, '@zwave-js-bot fix lint') && | |
(github.event.comment.user.login != 'zwave-js-bot' && github.event.comment.user.login != 'zwave-js-assistant[bot]') | |
runs-on: [ubuntu-latest] | |
strategy: | |
matrix: | |
node-version: [18.x] | |
steps: | |
- name: Checkout master branch | |
uses: actions/checkout@v3 | |
with: | |
path: trusted | |
- name: Check user's permissions to do this | |
id: check-permissions | |
uses: actions/github-script@v3 | |
with: | |
github-token: ${{secrets.BOT_TOKEN}} | |
result-encoding: string | |
script: | | |
const bot = require(`${process.env.GITHUB_WORKSPACE}/trusted/.github/bot-scripts/index.js`); | |
return bot.checkAuthorized({github, context}); | |
# These steps only run if the check was successful | |
- name: Retrieve PR information | |
if: steps.check-permissions.outputs.result == 'true' | |
id: pr-info | |
uses: actions/github-script@v3 | |
with: | |
script: | | |
const bot = require(`${process.env.GITHUB_WORKSPACE}/trusted/.github/bot-scripts/index.js`); | |
const result = await bot.getFixLintInfo({github, context}); | |
console.dir(result); | |
return result || {pending: true}; | |
- name: Download Lint patch | |
if: | | |
steps.check-permissions.outputs.result == 'true' && | |
!fromJSON(steps.pr-info.outputs.result).pending | |
env: | |
PATCH_URL: ${{ fromJSON(steps.pr-info.outputs.result).patchUrl }} | |
run: | | |
mkdir -p patch | |
cd patch | |
curl "$PATCH_URL" -o patch.zip | |
unzip patch.zip | |
- name: Checkout pull request side by side | |
if: | | |
steps.check-permissions.outputs.result == 'true' && | |
!fromJSON(steps.pr-info.outputs.result).pending | |
uses: actions/checkout@v3 | |
with: | |
token: ${{secrets.BOT_TOKEN}} | |
repository: ${{ fromJSON(steps.pr-info.outputs.result).repoName }} | |
ref: ${{ fromJSON(steps.pr-info.outputs.result).headRef }} | |
path: untrusted | |
- name: Do the lint fix | |
if: | | |
steps.check-permissions.outputs.result == 'true' && | |
!fromJSON(steps.pr-info.outputs.result).pending | |
working-directory: ./untrusted | |
id: fix | |
run: | | |
# Apply the patch | |
if ! git apply ../patch/fix.patch ; then | |
echo "result=error" >> $GITHUB_OUTPUT | |
exit 0 | |
fi | |
# Check if something changed in the untrusted repo | |
cd ../untrusted | |
if ! git diff --quiet ; then | |
git config user.email "[email protected]" | |
git config user.name "Z-Wave JS Bot" | |
git add -A | |
git reset -- .github | |
git commit -m "style: fix lint" | |
git push | |
echo "result=ok" >> $GITHUB_OUTPUT | |
else | |
echo "result=unchanged" >> $GITHUB_OUTPUT | |
exit 0 | |
fi | |
- name: Give feedback | |
if: steps.check-permissions.outputs.result == 'true' | |
uses: actions/github-script@v3 | |
env: | |
FEEDBACK: ${{ steps.fix.outputs.result }} | |
PENDING: ${{ fromJSON(steps.pr-info.outputs.result).pending }} | |
with: | |
github-token: ${{secrets.BOT_TOKEN}} | |
script: | | |
const bot = require(`${process.env.GITHUB_WORKSPACE}/trusted/.github/bot-scripts/index.js`); | |
return bot.fixLintFeedback({github, context}); | |
# ######################################################################### | |
# Rebase PR onto its target branch when an authorized person posts "@zwave-js-bot rebase" | |
rebase: | |
if: | | |
contains(github.event.issue.html_url, '/pull/') && | |
contains(github.event.comment.body, '@zwave-js-bot rebase') && | |
(github.event.comment.user.login != 'zwave-js-bot' && github.event.comment.user.login != 'zwave-js-assistant[bot]') | |
runs-on: [ubuntu-latest] | |
strategy: | |
matrix: | |
node-version: [18.x] | |
steps: | |
- name: Checkout master branch | |
uses: actions/checkout@v3 | |
- name: Check user's permissions to do this | |
id: check-permissions | |
uses: actions/github-script@v3 | |
with: | |
github-token: ${{secrets.BOT_TOKEN}} | |
result-encoding: string | |
script: | | |
const bot = require(`${process.env.GITHUB_WORKSPACE}/.github/bot-scripts/index.js`); | |
return bot.checkAuthorized({github, context}); | |
# These steps only run if the check was successful | |
- name: Retrieve PR information | |
if: steps.check-permissions.outputs.result == 'true' | |
uses: actions/github-script@v3 | |
id: get-pr | |
with: | |
script: | | |
const request = { | |
owner: context.repo.owner, | |
repo: context.repo.repo, | |
pull_number: context.issue.number | |
} | |
core.info(`Getting PR #${request.pull_number} from ${request.owner}/${request.repo}`) | |
try { | |
const result = await github.pulls.get(request) | |
return result.data | |
} catch (err) { | |
core.setFailed(`Request failed with error ${err}`) | |
} | |
- name: Save our CI scripts | |
if: steps.check-permissions.outputs.result == 'true' | |
run: | | |
mkdir -p /tmp/.github | |
cp -r .github/* /tmp/.github | |
- name: Checkout pull request | |
if: steps.check-permissions.outputs.result == 'true' | |
uses: actions/checkout@v3 | |
with: | |
token: ${{secrets.BOT_TOKEN}} | |
repository: ${{ fromJSON(steps.get-pr.outputs.result).head.repo.full_name }} | |
ref: ${{ fromJSON(steps.get-pr.outputs.result).head.ref }} | |
- name: Restore our CI scripts | |
if: steps.check-permissions.outputs.result == 'true' | |
run: | | |
rm -rf .github | |
cp -r /tmp/.github . | |
- name: Rebase the branch | |
env: | |
# sanitize untrusted input by using an env variable | |
BRANCH: ${{ fromJSON(steps.get-pr.outputs.result).base.ref }} | |
if: steps.check-permissions.outputs.result == 'true' | |
id: fix | |
run: | | |
# Try to rebase | |
git fetch origin | |
if git rebase "origin/$BRANCH" ; then | |
# The rebase worked | |
git config user.email "[email protected]" | |
git config user.name "Z-Wave JS Bot" | |
git push -f | |
else | |
echo "result=error" >> $GITHUB_OUTPUT | |
fi | |
- name: Give feedback | |
if: steps.check-permissions.outputs.result == 'true' | |
uses: actions/github-script@v3 | |
env: | |
FEEDBACK: ${{ steps.fix.outputs.result }} | |
with: | |
github-token: ${{secrets.BOT_TOKEN}} | |
script: | | |
const bot = require(`${process.env.GITHUB_WORKSPACE}/.github/bot-scripts/index.js`); | |
return bot.rebaseFeedback({github, context}); | |
# ######################################################################### | |
# Rename the single commit of a PR to the title when an authorized person posts "@zwave-js-bot rename commit" | |
rename-commit: | |
if: | | |
contains(github.event.issue.html_url, '/pull/') && | |
contains(github.event.comment.body, '@zwave-js-bot rename commit') && | |
(github.event.comment.user.login != 'zwave-js-bot' && github.event.comment.user.login != 'zwave-js-assistant[bot]') | |
runs-on: [ubuntu-latest] | |
strategy: | |
matrix: | |
node-version: [18.x] | |
steps: | |
- name: Checkout master branch | |
uses: actions/checkout@v3 | |
- name: Check permissions and necessity | |
id: check-permissions | |
uses: actions/github-script@v3 | |
with: | |
github-token: ${{secrets.BOT_TOKEN}} | |
result-encoding: string | |
script: | | |
const bot = require(`${process.env.GITHUB_WORKSPACE}/.github/bot-scripts/index.js`); | |
return ( | |
(await bot.checkAuthorized({github, context})) && | |
(await bot.renameCommitCheck({github, context})) | |
); | |
# These steps only run if the check was successful | |
- name: Retrieve PR information | |
if: steps.check-permissions.outputs.result == 'true' | |
uses: actions/github-script@v3 | |
id: get-pr | |
with: | |
script: | | |
const bot = require(`${process.env.GITHUB_WORKSPACE}/.github/bot-scripts/index.js`); | |
return bot.renameCommitGetPRInfo({github, context}); | |
- name: Save our CI scripts | |
if: steps.check-permissions.outputs.result == 'true' | |
run: | | |
mkdir -p /tmp/.github | |
cp -r .github/* /tmp/.github | |
- name: Checkout pull request | |
if: steps.check-permissions.outputs.result == 'true' | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 # Fetch the history, or this action will break everything! | |
token: ${{secrets.BOT_TOKEN}} | |
repository: ${{ fromJSON(steps.get-pr.outputs.result).repo }} | |
ref: ${{ fromJSON(steps.get-pr.outputs.result).ref }} | |
- name: Restore our CI scripts | |
if: steps.check-permissions.outputs.result == 'true' | |
run: | | |
rm -rf .github | |
cp -r /tmp/.github . | |
- name: Rebase the branch | |
env: | |
# sanitize untrusted input by using an env variable | |
TITLE: ${{ fromJSON(steps.get-pr.outputs.result).title }} | |
if: steps.check-permissions.outputs.result == 'true' | |
id: fix | |
run: | | |
# Try to reword the commit | |
git config user.email "[email protected]" | |
git config user.name "Z-Wave JS Bot" | |
if git commit --amend -m "$TITLE" ; then | |
# Amending the commit worked | |
git push -f | |
echo "result=success" >> $GITHUB_OUTPUT | |
else | |
echo "result=error" >> $GITHUB_OUTPUT | |
fi | |
- name: Give feedback | |
if: steps.check-permissions.outputs.result == 'true' | |
uses: actions/github-script@v3 | |
env: | |
FEEDBACK: ${{ steps.fix.outputs.result }} | |
with: | |
github-token: ${{secrets.BOT_TOKEN}} | |
script: | | |
const bot = require(`${process.env.GITHUB_WORKSPACE}/.github/bot-scripts/index.js`); | |
return bot.renameCommitFeedback({github, context}); |