-
Notifications
You must be signed in to change notification settings - Fork 307
153 lines (151 loc) · 8.23 KB
/
validate-pr-title.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
name: validate-pr-title
on:
pull_request_target:
types: [opened, synchronize, edited, reopened]
branches:
- master
jobs:
title-check:
runs-on: ubuntu-latest
env:
ERROR_MSG: "The PR title does not match the required format: <type>(<tag>): <title>"
steps:
- name: Checkout code
uses: actions/checkout@v3
with:
persist-credentials: false
sparse-checkout: |
.github/scripts/pr-issue-info/get_title_types.py
.github/pr-title-types.yaml
- name: Print PR Title
run: echo "${{ github.event.pull_request.title }}"
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: "3.x"
- name: Install dependencies
run: python3 -m pip install --upgrade pip pyyaml
- name: Check PR Title
run: |
regex=$(python3 .github/scripts/pr-issue-info/get_title_types.py)
echo "Title regex: $regex"
title="${{ github.event.pull_request.title }}"
echo $title | grep -Pq "$regex" || (echo "$ERROR_MSG" && exit 1)
labels-check:
runs-on: ubuntu-latest
env:
LABELS: ${{ toJson(github.event.pull_request.labels) }}
steps:
- name: Checkout code
uses: actions/checkout@v3
with:
persist-credentials: false
sparse-checkout: |
.github/scripts/pr-issue-info/get_keywords.py
.github/keywords.yaml
- name: Get username
run: echo "USERNAME=${{ github.event.pull_request.user.login }}" >> $GITHUB_ENV
- name: Install JQ
run: sudo apt-get install jq
- name: Get title
run: echo "TITLE=${{ github.event.pull_request.title }}" >> $GITHUB_ENV
- name: Check user username
run: |
response=$(curl -s -H "Authorization: token ${{ secrets.KICS_BOT_PAT }}" "https://api.github.com/orgs/Checkmarx/teams/kics-core-team/members")
team_members=$(echo "$response" | jq -r '.[].login')
if echo "${team_members[@]}" | grep -Pq "^$USERNAME$"; then
echo "Contributor belongs to Checkmarx organization"
is_member="true"
else
echo "Contributor does not belong to Checkmarx organization"
is_member="false"
fi
echo "IS_MEMBER=$is_member" >> $GITHUB_ENV
- name: Add community label if user does not belong to Checkmarx Organization
run: |
if [[ "$IS_MEMBER" == "false" ]]; then
curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" -X POST -H "Accept: application/vnd.github.v3+json" https://api.github.com/repos/${{ github.repository }}/issues/${{ github.event.pull_request.number }}/labels -d '{"labels": ["community"]}'
fi
- name: Add feature or feature request label
run: |
if [[ "$TITLE" == feat* ]]; then
if [[ "$IS_MEMBER" == "true" ]]; then
echo "Adding 'feature' label..."
curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" -X POST -H "Accept: application/vnd.github.v3+json" https://api.github.com/repos/${{ github.repository }}/issues/${{ github.event.pull_request.number }}/labels -d '{"labels": ["feature"]}'
else
echo "Adding 'feature request' label..."
curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" -X POST -H "Accept: application/vnd.github.v3+json" https://api.github.com/repos/${{ github.repository }}/issues/${{ github.event.pull_request.number }}/labels -d '{"labels": ["feature request"]}'
fi
else
if echo "$LABELS" | grep -q "feature request"; then
echo "Removing 'feature request' label..."
curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" -X DELETE -H "Accept: application/vnd.github.v3+json" https://api.github.com/repos/${{ github.repository }}/issues/${{ github.event.pull_request.number }}/labels/feature%20request
elif echo "$LABELS" | grep -q "feature"; then
echo "Removing 'feature' label..."
curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" -X DELETE -H "Accept: application/vnd.github.v3+json" https://api.github.com/repos/${{ github.repository }}/issues/${{ github.event.pull_request.number }}/labels/feature
fi
fi
- name: Add documentation label
run: |
if [[ "$TITLE" == docs* ]]; then
echo "Adding 'documentation' label..."
curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" -X POST -H "Accept: application/vnd.github.v3+json" https://api.github.com/repos/${{ github.repository }}/issues/${{ github.event.pull_request.number }}/labels -d '{"labels": ["documentation"]}'
else
if echo "$LABELS" | grep -q "documentation"; then
echo "Removing 'documentation' label..."
curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" -X DELETE -H "Accept: application/vnd.github.v3+json" https://api.github.com/repos/${{ github.repository }}/issues/${{ github.event.pull_request.number }}/labels/documentation
fi
fi
- name: Add bug label
run: |
if echo "$TITLE" | grep -iqP "(\\b|_)bugs?(\\b|_)"; then
echo "Adding 'bug' label..."
curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" -X POST -H "Accept: application/vnd.github.v3+json" https://api.github.com/repos/${{ github.repository }}/issues/${{ github.event.pull_request.number }}/labels -d '{"labels": ["bug"]}'
else
if echo "$LABELS" | grep -q "bug"; then
echo "Removing 'bug' label..."
curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" -X DELETE -H "Accept: application/vnd.github.v3+json" https://api.github.com/repos/${{ github.repository }}/issues/${{ github.event.pull_request.number }}/labels/bug
fi
fi
- name: Add query label
run: |
if echo "$TITLE" | grep -iqP "(\\b|_)quer(y|ies)(\\b|_)"; then
echo "Adding 'query' label..."
curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" -X POST -H "Accept: application/vnd.github.v3+json" https://api.github.com/repos/${{ github.repository }}/issues/${{ github.event.pull_request.number }}/labels -d '{"labels": ["query"]}'
else
if echo "$LABELS" | grep -q "query"; then
echo "Removing 'query' label..."
curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" -X DELETE -H "Accept: application/vnd.github.v3+json" https://api.github.com/repos/${{ github.repository }}/issues/${{ github.event.pull_request.number }}/labels/query
fi
fi
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: "3.x"
- name: Install dependencies
run: python3 -m pip install --upgrade pip pyyaml
- name: Check title for keywords of platforms and cloud providers to add labels
run: |
keywords=$(python3 .github/scripts/pr-issue-info/get_keywords.py)
eval "$keywords"
declare -p keywords
declare -a labels_to_add=()
for keyword in "${!keywords[@]}"; do
if echo "$TITLE" | grep -iPq "(\\b|_)$keyword(\\b|_)"; then
labels_to_add+=("${keywords[$keyword]}")
fi
done
mapfile -t current_labels < <(echo "$LABELS" | jq -r '.[].name')
echo "Current labels: ${current_labels[@]}"
echo "Labels to add: ${labels_to_add[@]}"
echo "Labels: $LABELS"
for keyword in "${!keywords[@]}"; do
label=${keywords[$keyword]}
if [[ ! " ${labels_to_add[@]} " =~ " ${label} " ]] && [[ " ${current_labels[@]} " =~ " ${label} " ]]; then
echo "Removing '$label' label..."
curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" -X DELETE -H "Accept: application/vnd.github.v3+json" https://api.github.com/repos/${{ github.repository }}/issues/${{ github.event.pull_request.number }}/labels/$label
elif [[ " ${labels_to_add[@]} " =~ " ${label} " ]] && [[ ! " ${current_labels[@]} " =~ " ${label} " ]]; then
echo "Adding '$label' label..."
curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" -X POST -H "Accept: application/vnd.github.v3+json" https://api.github.com/repos/${{ github.repository }}/issues/${{ github.event.pull_request.number }}/labels -d "{\"labels\": [\"$label\"]}"
fi
done