-
-
Notifications
You must be signed in to change notification settings - Fork 209
296 lines (265 loc) · 10.5 KB
/
zwave-js-bot_comment.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
name: 'Z-Wave Bot: React to comments'
on:
issue_comment:
types: [created] # edited, deleted
jobs:
# #########################################################################
# Fix lint errors when an authorized person posts "@zwave-js-bot fix lint"
fix-lint:
if: |
contains(github.event.issue.html_url, '/pull/') &&
contains(github.event.comment.body, '@zwave-js-bot fix lint') &&
(github.event.comment.user.login != 'zwave-js-bot' && github.event.comment.user.login != 'zwave-js-assistant[bot]')
runs-on: [ubuntu-latest]
strategy:
matrix:
node-version: [18.x]
steps:
- name: Checkout master branch
uses: actions/checkout@v4
with:
path: trusted
- name: Check user's permissions to do this
id: check-permissions
uses: actions/github-script@v3
with:
github-token: ${{secrets.BOT_TOKEN}}
result-encoding: string
script: |
const bot = require(`${process.env.GITHUB_WORKSPACE}/trusted/.github/bot-scripts/index.js`);
return bot.checkAuthorized({github, context});
# These steps only run if the check was successful
- name: Retrieve PR information
if: steps.check-permissions.outputs.result == 'true'
id: pr-info
uses: actions/github-script@v3
with:
script: |
const bot = require(`${process.env.GITHUB_WORKSPACE}/trusted/.github/bot-scripts/index.js`);
const result = await bot.getFixLintInfo({github, context});
console.dir(result);
return result || {pending: true};
- name: Download Lint patch
if: |
steps.check-permissions.outputs.result == 'true' &&
!fromJSON(steps.pr-info.outputs.result).pending
env:
PATCH_URL: ${{ fromJSON(steps.pr-info.outputs.result).patchUrl }}
run: |
mkdir -p patch
cd patch
curl "$PATCH_URL" -o patch.zip
unzip patch.zip
- name: Checkout pull request side by side
if: |
steps.check-permissions.outputs.result == 'true' &&
!fromJSON(steps.pr-info.outputs.result).pending
uses: actions/checkout@v4
with:
token: ${{secrets.BOT_TOKEN}}
repository: ${{ fromJSON(steps.pr-info.outputs.result).repoName }}
ref: ${{ fromJSON(steps.pr-info.outputs.result).headRef }}
path: untrusted
- name: Do the lint fix
if: |
steps.check-permissions.outputs.result == 'true' &&
!fromJSON(steps.pr-info.outputs.result).pending
working-directory: ./untrusted
id: fix
run: |
# Apply the patch
if ! git apply ../patch/fix.patch ; then
echo "result=error" >> $GITHUB_OUTPUT
exit 0
fi
# Check if something changed in the untrusted repo
cd ../untrusted
if ! git diff --quiet ; then
git config user.email "[email protected]"
git config user.name "Z-Wave JS Bot"
git add -A
git reset -- .github
git commit -m "style: fix lint"
git push
echo "result=ok" >> $GITHUB_OUTPUT
else
echo "result=unchanged" >> $GITHUB_OUTPUT
exit 0
fi
- name: Give feedback
if: steps.check-permissions.outputs.result == 'true'
uses: actions/github-script@v3
env:
FEEDBACK: ${{ steps.fix.outputs.result }}
PENDING: ${{ fromJSON(steps.pr-info.outputs.result).pending }}
with:
github-token: ${{secrets.BOT_TOKEN}}
script: |
const bot = require(`${process.env.GITHUB_WORKSPACE}/trusted/.github/bot-scripts/index.js`);
return bot.fixLintFeedback({github, context});
# #########################################################################
# Rebase PR onto its target branch when an authorized person posts "@zwave-js-bot rebase"
rebase:
if: |
contains(github.event.issue.html_url, '/pull/') &&
contains(github.event.comment.body, '@zwave-js-bot rebase') &&
(github.event.comment.user.login != 'zwave-js-bot' && github.event.comment.user.login != 'zwave-js-assistant[bot]')
runs-on: [ubuntu-latest]
strategy:
matrix:
node-version: [18.x]
steps:
- name: Checkout master branch
uses: actions/checkout@v4
- name: Check user's permissions to do this
id: check-permissions
uses: actions/github-script@v3
with:
github-token: ${{secrets.BOT_TOKEN}}
result-encoding: string
script: |
const bot = require(`${process.env.GITHUB_WORKSPACE}/.github/bot-scripts/index.js`);
return bot.checkAuthorized({github, context});
# These steps only run if the check was successful
- name: Retrieve PR information
if: steps.check-permissions.outputs.result == 'true'
uses: actions/github-script@v3
id: get-pr
with:
script: |
const request = {
owner: context.repo.owner,
repo: context.repo.repo,
pull_number: context.issue.number
}
core.info(`Getting PR #${request.pull_number} from ${request.owner}/${request.repo}`)
try {
const result = await github.pulls.get(request)
return result.data
} catch (err) {
core.setFailed(`Request failed with error ${err}`)
}
- name: Save our CI scripts
if: steps.check-permissions.outputs.result == 'true'
run: |
mkdir -p /tmp/.github
cp -r .github/* /tmp/.github
- name: Checkout pull request
if: steps.check-permissions.outputs.result == 'true'
uses: actions/checkout@v4
with:
token: ${{secrets.BOT_TOKEN}}
repository: ${{ fromJSON(steps.get-pr.outputs.result).head.repo.full_name }}
ref: ${{ fromJSON(steps.get-pr.outputs.result).head.ref }}
- name: Restore our CI scripts
if: steps.check-permissions.outputs.result == 'true'
run: |
rm -rf .github
cp -r /tmp/.github .
- name: Rebase the branch
env:
# sanitize untrusted input by using an env variable
BRANCH: ${{ fromJSON(steps.get-pr.outputs.result).base.ref }}
if: steps.check-permissions.outputs.result == 'true'
id: fix
run: |
# Try to rebase
git fetch origin
if git rebase "origin/$BRANCH" ; then
# The rebase worked
git config user.email "[email protected]"
git config user.name "Z-Wave JS Bot"
git push -f
else
echo "result=error" >> $GITHUB_OUTPUT
fi
- name: Give feedback
if: steps.check-permissions.outputs.result == 'true'
uses: actions/github-script@v3
env:
FEEDBACK: ${{ steps.fix.outputs.result }}
with:
github-token: ${{secrets.BOT_TOKEN}}
script: |
const bot = require(`${process.env.GITHUB_WORKSPACE}/.github/bot-scripts/index.js`);
return bot.rebaseFeedback({github, context});
# #########################################################################
# Rename the single commit of a PR to the title when an authorized person posts "@zwave-js-bot rename commit"
rename-commit:
if: |
contains(github.event.issue.html_url, '/pull/') &&
contains(github.event.comment.body, '@zwave-js-bot rename commit') &&
(github.event.comment.user.login != 'zwave-js-bot' && github.event.comment.user.login != 'zwave-js-assistant[bot]')
runs-on: [ubuntu-latest]
strategy:
matrix:
node-version: [18.x]
steps:
- name: Checkout master branch
uses: actions/checkout@v4
- name: Check permissions and necessity
id: check-permissions
uses: actions/github-script@v3
with:
github-token: ${{secrets.BOT_TOKEN}}
result-encoding: string
script: |
const bot = require(`${process.env.GITHUB_WORKSPACE}/.github/bot-scripts/index.js`);
return (
(await bot.checkAuthorized({github, context})) &&
(await bot.renameCommitCheck({github, context}))
);
# These steps only run if the check was successful
- name: Retrieve PR information
if: steps.check-permissions.outputs.result == 'true'
uses: actions/github-script@v3
id: get-pr
with:
script: |
const bot = require(`${process.env.GITHUB_WORKSPACE}/.github/bot-scripts/index.js`);
return bot.renameCommitGetPRInfo({github, context});
- name: Save our CI scripts
if: steps.check-permissions.outputs.result == 'true'
run: |
mkdir -p /tmp/.github
cp -r .github/* /tmp/.github
- name: Checkout pull request
if: steps.check-permissions.outputs.result == 'true'
uses: actions/checkout@v4
with:
fetch-depth: 0 # Fetch the history, or this action will break everything!
token: ${{secrets.BOT_TOKEN}}
repository: ${{ fromJSON(steps.get-pr.outputs.result).repo }}
ref: ${{ fromJSON(steps.get-pr.outputs.result).ref }}
- name: Restore our CI scripts
if: steps.check-permissions.outputs.result == 'true'
run: |
rm -rf .github
cp -r /tmp/.github .
- name: Rebase the branch
env:
# sanitize untrusted input by using an env variable
TITLE: ${{ fromJSON(steps.get-pr.outputs.result).title }}
if: steps.check-permissions.outputs.result == 'true'
id: fix
run: |
# Try to reword the commit
git config user.email "[email protected]"
git config user.name "Z-Wave JS Bot"
if git commit --amend -m "$TITLE" ; then
# Amending the commit worked
git push -f
echo "result=success" >> $GITHUB_OUTPUT
else
echo "result=error" >> $GITHUB_OUTPUT
fi
- name: Give feedback
if: steps.check-permissions.outputs.result == 'true'
uses: actions/github-script@v3
env:
FEEDBACK: ${{ steps.fix.outputs.result }}
with:
github-token: ${{secrets.BOT_TOKEN}}
script: |
const bot = require(`${process.env.GITHUB_WORKSPACE}/.github/bot-scripts/index.js`);
return bot.renameCommitFeedback({github, context});