forked from serverless-dns/serverless-dns
-
Notifications
You must be signed in to change notification settings - Fork 0
103 lines (85 loc) · 3.16 KB
/
pr.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
name: 📩 PR
on:
# "I am a workflow on the main branch's HEAD, target (base) of a PR"
pull_request_target:
branches:
- "main"
# Avoid concurrent runs of this workflow on an incoming PR, cancel previous
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref }}
cancel-in-progress: true
env:
# Base branch for the PR
BASE_REF: ${{ github.base_ref }}
BASE_SHA: ${{ github.event.pull_request.base.sha }}
BASE_REPO: ${{ github.event.pull_request.base.repo.clone_url }}
# Branch of PR (maybe of a fork repo)
PR_HEAD_REF: ${{ github.head_ref }}
PR_HEAD_SHA: ${{ github.event.pull_request.head.sha }}
PR_HEAD_REPO: ${{ github.event.pull_request.head.repo.clone_url }}
# Full ref of base branch like `refs/heads/master`, gh_sha is same as base_sha
GH_REF: "${{ github.ref }}"
GH_SHA: ${{ github.sha }}
jobs:
lint-fmt:
name: Lint & fmt
runs-on: ubuntu-latest
steps:
- name: 🚚 Get latest code
uses: actions/checkout@v4
with:
# Checkout base (target) repo
ref: ${{ env.GH_REF }}
- name: 🥑 Install deps
run: |
npm install
- name: 🎣 Fetch PR's head
run: |
git fetch origin ${{ env.PR_HEAD_SHA }}
# Abort if node modules are checked in
- name: 🚨 Check for unsafe changes
run: |
DIFF=$(git diff --name-only --diff-filter=ACMRT \
${{ env.BASE_SHA }}...${{ env.PR_HEAD_SHA }})
echo "::notice::DIFF(files): ${DIFF//$'\n'/ }"
if echo $DIFF | grep "node_modules"; then
echo "::error::Unsafe change 'node_modules' found"
exit 1
fi
- name: 🍌 Checkout PR_HEAD
run: |
git checkout ${{ env.PR_HEAD_SHA }}
- name: 🔧 Run eslint on changed files only
run: |
DIFF=$(git diff --name-only --diff-filter=ACMRT \
${{ env.BASE_SHA }}...${{ env.PR_HEAD_SHA }})
npx eslint $DIFF --cache --fix
- name: 👀 Look for lint changes
id: lint-changes
run: |
echo changes=$( \
if git diff-index --quiet HEAD --; \
then echo "false"; \
else echo "true"; \
fi) \
>> $GITHUB_OUTPUT
- name: 🏗 Commit lint changes
if: steps.lint-changes.outputs.changes == 'true'
run: |
git config --local user.name 'github-actions[bot]'
git config --local user.email 'github-actions[bot]@users.noreply.github.com'
git commit --no-verify -am "Automatic lint & fmt"
- name: 🚢 Push to origin?
if: ${{ env.BASE_REPO == env.PR_HEAD_REPO }}
run: |
git push origin HEAD:${{ env.PR_HEAD_REF }}
# `GITHUB_TOKEN` owned by `github-actions[bot]` has write access to
# origin in this `PR-target` workflow but not the write access to fork
# repo.
# A "personal access token" of repository maintainer may be required
# for pushing to forks.
- name: 🚢 Push to fork?
if: ${{ env.BASE_REPO != env.PR_HEAD_REPO }}
run: |
git remote add fork ${{ env.PR_HEAD_REPO }}
git push fork HEAD:${{ env.PR_HEAD_REF }}