Skip to content

[Snyk] Fix for 14 vulnerabilities #44

[Snyk] Fix for 14 vulnerabilities

[Snyk] Fix for 14 vulnerabilities #44

name: OpenAPI generate decorated schema files
# **What it does**: On 'Update OpenAPI Descriptions' PRs opened by github-openapi-bot, this workflow runs the script to generate the decorated OpenAPI files and commit them to the PR.
# **Why we have it**: So we can consume OpenAPI changes, decorate them, and publish them to the REST API docs.
# **Who does it impact**: Anyone making OpenAPI changes in `github/github`, and wanting to get them published on the docs site.
on:
pull_request:
permissions:
contents: write
pull-requests: write
# This allows a subsequently queued workflow run to interrupt previous runs
concurrency:
group: '${{ github.workflow }} @ ${{ github.event.pull_request.head.label || github.head_ref || github.ref }}'
cancel-in-progress: true
jobs:
generate-decorated-files:
if: >-
${{
github.repository == 'github/docs-internal' &&
github.event.pull_request.user.login == 'github-openapi-bot'
}}
runs-on: ubuntu-latest
steps:
- name: Label pull requests with 'github-openapi-bot'
uses: andymckay/labeler@e6c4322d0397f3240f0e7e30a33b5c5df2d39e90
with:
add-labels: 'github-openapi-bot'
- name: Checkout repository code
uses: actions/checkout@dcd71f646680f2efd8db4afa5ad64fdcba30e748
with:
# actions/checkout by default will leave you in a detached head state
# so we need to specify the PR head ref explicitly since we're making
# changes that we want to commit to the branch.
ref: ${{ github.event.pull_request.head.ref }}
# Using a PAT is necessary so that the new commit will trigger the
# CI in the PR. (Events from GITHUB_TOKEN don't trigger new workflows.)
token: ${{ secrets.DOCUBOT_REPO_PAT }}
- name: Setup node
uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561
with:
node-version: 16.14.x
cache: npm
- name: Install dependencies
run: npm ci
- name: Decorate the dereferenced OpenAPI schemas
run: script/rest/update-files.js --decorate-only
- name: Check in the decorated files
uses: EndBug/add-and-commit@050a66787244b10a4874a2a5f682130263edc192
with:
# The arguments for the `git add` command
add: '["lib/rest/static/apps", "lib/rest/static/decorated"]'
# The message for the commit
message: 'Add decorated OpenAPI schema files'
env:
# Disable pre-commit hooks; they don't play nicely with add-and-commit
HUSKY: '0'