Skip to content

Commit 02619b4

Browse files
committed
Merge master to update CI workflows
2 parents e9b9fcb + 27217b4 commit 02619b4

43 files changed

Lines changed: 5041 additions & 346 deletions

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

.github/workflows/ci.yml

Lines changed: 71 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -5,17 +5,80 @@ on:
55
branches: [master]
66

77
jobs:
8-
build:
8+
readme-check:
99
runs-on: ubuntu-latest
10+
permissions:
11+
pull-requests: write
12+
contents: read
1013
steps:
11-
- uses: actions/checkout@v2
14+
- uses: actions/checkout@v4
15+
with:
16+
fetch-depth: 0
17+
18+
- name: Check README.md was not edited directly
19+
id: readme
20+
run: |
21+
TRUSTED="mre jakubsacha"
22+
AUTHOR="${{ github.event.pull_request.user.login }}"
23+
for u in $TRUSTED; do
24+
if [ "$AUTHOR" = "$u" ]; then
25+
echo "trusted=true" >> "$GITHUB_OUTPUT"
26+
exit 0
27+
fi
28+
done
29+
if git diff --name-only origin/master...HEAD | grep -q "^README.md$"; then
30+
echo "modified=true" >> "$GITHUB_OUTPUT"
31+
fi
1232
13-
- name: Prevent file change
14-
uses: xalvarez/prevent-file-change-action@v1
33+
- name: Comment and fail on direct README edit
34+
if: steps.readme.outputs.modified == 'true'
35+
env:
36+
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
37+
PR: ${{ github.event.pull_request.number }}
38+
REPO: ${{ github.repository }}
39+
run: |
40+
gh api "repos/$REPO/issues/$PR/comments" \
41+
-f body="README.md was edited directly. The README is generated from the YAML files in \`data/tools/\`. Please add or edit the corresponding file in \`data/tools/\` instead and do not touch README.md." \
42+
--silent
43+
echo "README.md must not be edited directly." >&2
44+
exit 1
45+
46+
render:
47+
runs-on: ubuntu-latest
48+
permissions:
49+
pull-requests: write
50+
contents: read
51+
steps:
52+
- uses: actions/checkout@v4
1553
with:
16-
githubToken: ${{ secrets.GITHUB_TOKEN }}
17-
pattern: README.md
18-
trustedAuthors: mre, jakubsacha
54+
fetch-depth: 0
55+
56+
- name: Install Rust toolchain
57+
uses: dtolnay/rust-toolchain@stable
1958

2059
- name: Render list
21-
run: make render-skip-deprecated
60+
id: render
61+
run: |
62+
make render-skip-deprecated 2>&1 | tee /tmp/render-output.txt
63+
exit ${PIPESTATUS[0]}
64+
65+
- name: Comment render error on failure
66+
if: failure() && steps.render.outcome == 'failure'
67+
env:
68+
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
69+
PR: ${{ github.event.pull_request.number }}
70+
REPO: ${{ github.repository }}
71+
run: |
72+
OUTPUT=$(grep -E "^Error" /tmp/render-output.txt | head -20)
73+
{
74+
echo "The render step failed with the following error:"
75+
echo ""
76+
echo '```'
77+
echo "$OUTPUT"
78+
echo '```'
79+
echo ""
80+
echo "Please check your YAML file in \`data/tools/\` against the format used by other tools in that directory."
81+
} > /tmp/render-comment.txt
82+
gh api "repos/$REPO/issues/$PR/comments" \
83+
-f body=@/tmp/render-comment.txt \
84+
--silent

.github/workflows/pr-check.yml

Lines changed: 95 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,95 @@
1+
name: PR Check
2+
3+
on:
4+
pull_request:
5+
branches: [master]
6+
paths:
7+
- "data/tools/**.yml"
8+
- "ci/**"
9+
workflow_dispatch:
10+
inputs:
11+
pr_number:
12+
description: "PR number to check"
13+
required: true
14+
tool_files:
15+
description: "Space-separated list of tool YAML files to check (e.g. data/tools/foo.yml)"
16+
required: true
17+
18+
jobs:
19+
pr-check:
20+
runs-on: ubuntu-latest
21+
permissions:
22+
contents: read
23+
steps:
24+
- uses: actions/checkout@v4
25+
with:
26+
fetch-depth: 0
27+
28+
- name: Check out PR head for manual runs
29+
if: github.event_name == 'workflow_dispatch'
30+
run: |
31+
git fetch origin "refs/pull/${{ inputs.pr_number }}/head"
32+
git checkout FETCH_HEAD -- ${{ inputs.tool_files }}
33+
env:
34+
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
35+
36+
- name: Get changed tool files
37+
id: changed
38+
run: |
39+
if [ "${{ github.event_name }}" = "workflow_dispatch" ]; then
40+
FILES="${{ inputs.tool_files }}"
41+
else
42+
FILES=$(git diff --name-only --diff-filter=A origin/master...HEAD -- 'data/tools/*.yml' 'data/tools/*.yaml' | tr '\n' ' ')
43+
fi
44+
echo "files=$FILES" >> "$GITHUB_OUTPUT"
45+
46+
- name: Install Rust toolchain
47+
uses: dtolnay/rust-toolchain@stable
48+
49+
- name: Cache cargo registry
50+
uses: actions/cache@v4
51+
with:
52+
path: |
53+
~/.cargo/registry
54+
~/.cargo/git
55+
ci/target
56+
key: pr-check-${{ runner.os }}-${{ hashFiles('ci/Cargo.lock') }}
57+
restore-keys: |
58+
pr-check-${{ runner.os }}-
59+
60+
- name: Build pr-check
61+
run: cargo build --release --manifest-path ci/Cargo.toml -p pr-check
62+
63+
- name: Run pr-check
64+
id: run-check
65+
env:
66+
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
67+
GITHUB_REPOSITORY: ${{ github.repository }}
68+
PR_NUMBER: ${{ github.event_name == 'workflow_dispatch' && inputs.pr_number || github.event.pull_request.number }}
69+
# For pull_request events (including forks), write the comment to a
70+
# file instead of posting it directly. The fork's GITHUB_TOKEN does
71+
# not have write access to the base repository, so direct posting
72+
# returns 403. The pr-comment workflow picks up this artifact and
73+
# posts the comment with the right permissions.
74+
COMMENT_OUTPUT_FILE: ${{ github.event_name == 'pull_request' && 'pr-check-output/comment.md' || '' }}
75+
run: |
76+
mkdir -p pr-check-output
77+
echo "$PR_NUMBER" > pr-check-output/pr_number.txt
78+
if ci/target/release/pr-check ${{ steps.changed.outputs.files }}; then
79+
echo "passed" > pr-check-output/result.txt
80+
else
81+
echo "failed" > pr-check-output/result.txt
82+
fi
83+
84+
- name: Upload check results
85+
if: always() && github.event_name == 'pull_request'
86+
uses: actions/upload-artifact@v4
87+
with:
88+
name: pr-check-output
89+
path: pr-check-output/
90+
91+
- name: Fail if checks did not pass
92+
if: always()
93+
run: |
94+
result=$(cat pr-check-output/result.txt 2>/dev/null || echo "failed")
95+
[ "$result" = "passed" ]

.github/workflows/pr-comment.yml

Lines changed: 40 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,40 @@
1+
name: PR Check Comment
2+
3+
on:
4+
workflow_run:
5+
workflows: ["PR Check"]
6+
types: [completed]
7+
8+
jobs:
9+
comment:
10+
runs-on: ubuntu-latest
11+
permissions:
12+
pull-requests: write
13+
steps:
14+
- name: Download check results
15+
uses: actions/download-artifact@v4
16+
with:
17+
name: pr-check-output
18+
github-token: ${{ secrets.GITHUB_TOKEN }}
19+
run-id: ${{ github.event.workflow_run.id }}
20+
continue-on-error: true
21+
22+
- name: Post or update PR comment
23+
if: hashFiles('pr_number.txt') != '' && hashFiles('comment.md') != ''
24+
env:
25+
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
26+
GH_REPO: ${{ github.repository }}
27+
run: |
28+
PR_NUMBER=$(cat pr_number.txt)
29+
COMMENT_BODY=$(cat comment.md)
30+
31+
EXISTING_ID=$(gh api "repos/$GH_REPO/issues/$PR_NUMBER/comments" \
32+
--jq '[.[] | select(.body | contains("<!-- pr-check-bot -->"))] | first | .id // empty')
33+
34+
if [ -n "$EXISTING_ID" ]; then
35+
gh api --method PATCH "repos/$GH_REPO/issues/comments/$EXISTING_ID" \
36+
--field body="$COMMENT_BODY"
37+
else
38+
gh api --method POST "repos/$GH_REPO/issues/$PR_NUMBER/comments" \
39+
--field body="$COMMENT_BODY"
40+
fi

.github/workflows/render.yml

Lines changed: 7 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -7,20 +7,23 @@ on:
77
jobs:
88
build:
99
runs-on: ubuntu-latest
10-
10+
1111
permissions:
1212
# Give the default GITHUB_TOKEN write permission to commit and push the
1313
# added or changed files to the repository.
1414
contents: write
1515

1616
steps:
17-
- uses: actions/checkout@v3
18-
17+
- uses: actions/checkout@v4
18+
19+
- name: Install Rust toolchain
20+
uses: dtolnay/rust-toolchain@stable
21+
1922
- name: Render list
2023
run: make render
2124
env:
2225
GITHUB_TOKEN: ${{ github.token }}
23-
26+
2427
- uses: stefanzweifel/git-auto-commit-action@v4.1.2
2528
with:
2629
commit_message: Commit list

.gitignore

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,2 +1,4 @@
11
logcli-linux-amd64
2-
logcli.zip
2+
logcli.zip
3+
ci/target/
4+
ci/pr-check/target/

.lycheeignore

Lines changed: 10 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -4,4 +4,13 @@ mathworks.com
44
https://www.freepik.com/
55
# (Occasional) Timeouts
66
https://npo-echelon.ru/en/solutions/appchecker.php
7-
https://www.qualys.com/apps/container-security
7+
https://www.qualys.com/apps/container-security
8+
# 415 Unsupported Media Type (site works in browser)
9+
dickgrune.com
10+
zigrin.com
11+
# Cloudflare bot protection
12+
spinroot.com
13+
# npmjs.com blocks automated requests
14+
https://www.npmjs.com/package/tslint-clean-code
15+
# GitHub wiki intermittent 502
16+
https://github.com/flowr-analysis/flowr/wiki/Terminology#program-slice

Makefile

Lines changed: 7 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -16,23 +16,23 @@ help:
1616

1717
# Main rendering targets
1818
render:
19-
cargo run --manifest-path data/render/Cargo.toml -- --tags data/tags.yml --tools data/tools --md-out README.md --json-out data/api
19+
cargo run --manifest-path ci/Cargo.toml -p render -- --tags data/tags.yml --tools data/tools --md-out README.md --json-out data/api
2020

2121
render-skip-deprecated:
22-
cargo run --manifest-path data/render/Cargo.toml -- --tags data/tags.yml --tools data/tools --md-out README.md --json-out data/api --skip-deprecated
22+
cargo run --manifest-path ci/Cargo.toml -p render -- --tags data/tags.yml --tools data/tools --md-out README.md --json-out data/api --skip-deprecated
2323

2424
# Development targets
2525
check:
26-
cargo check --manifest-path data/render/Cargo.toml
26+
cargo check --manifest-path ci/Cargo.toml
2727

2828
clippy:
29-
cargo clippy --manifest-path data/render/Cargo.toml -- -D warnings
29+
cargo clippy --manifest-path ci/Cargo.toml -- -D warnings
3030

3131
fmt:
32-
cargo fmt --manifest-path data/render/Cargo.toml
32+
cargo fmt --manifest-path ci/Cargo.toml
3333

3434
test:
35-
cargo test --manifest-path data/render/Cargo.toml
35+
cargo test --manifest-path ci/Cargo.toml
3636

3737
clean:
38-
cargo clean --manifest-path data/render/Cargo.toml
38+
cargo clean --manifest-path ci/Cargo.toml

0 commit comments

Comments
 (0)