mirror of
https://github.com/freeCodeCamp/freeCodeCamp.git
synced 2026-05-28 18:26:54 +00:00
feat(github): add workflow for PR contribution guidelines (#66380)
This commit is contained in:
Huyen Nguyen
@@ -1,66 +0,0 @@
|
||||
name: GitHub - No Commits on GitHub Web
|
||||
on:
|
||||
pull_request_target:
|
||||
types:
|
||||
- opened
|
||||
- reopened
|
||||
# The "synchronize" type may not be used because code review commits,
|
||||
# from GitHub UI might be acceptable. Enable this if you want to block
|
||||
# all commits from GitHub UI.
|
||||
#
|
||||
# - synchronize
|
||||
|
||||
jobs:
|
||||
has-web-commits:
|
||||
runs-on: ubuntu-24.04
|
||||
steps:
|
||||
- name: Check if PR author is allow-listed
|
||||
id: pr_author
|
||||
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
|
||||
with:
|
||||
github-token: ${{ secrets.GITHUB_TOKEN }}
|
||||
script: |
|
||||
const prAuthor = context.payload.pull_request.user.login;
|
||||
const allowedTeams = ['moderators', 'staff'];
|
||||
let isAllowListed = prAuthor === 'renovate[bot]';
|
||||
if (!isAllowListed) {
|
||||
for (const team of allowedTeams) {
|
||||
const response = await github.rest.teams
|
||||
.getMembershipForUserInOrg({
|
||||
org: context.repo.owner,
|
||||
team_slug: team,
|
||||
username: prAuthor
|
||||
})
|
||||
.catch(() => ({ status: 404 }));
|
||||
if (response.status === 200) {
|
||||
isAllowListed = true;
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
core.setOutput('is_allow_listed', isAllowListed);
|
||||
|
||||
- name: Check if commits are made on GitHub Web UI
|
||||
id: check-commits
|
||||
if: steps.pr_author.outputs.is_allow_listed == 'false'
|
||||
run: |
|
||||
PR_NUMBER=$(jq --raw-output .pull_request.number "$GITHUB_EVENT_PATH")
|
||||
COMMITS_URL="https://api.github.com/repos/$GITHUB_REPOSITORY/pulls/$PR_NUMBER/commits"
|
||||
IS_GITHUB_COMMIT=$(curl --header "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" "$COMMITS_URL" | jq '[.[] | select(.commit.committer.name == "GitHub") | select(.commit.message | test("revert"; "i") | not)] | length > 0')
|
||||
if [ "$IS_GITHUB_COMMIT" = "true" ]; then
|
||||
echo "IS_GITHUB_COMMIT=true" >> $GITHUB_ENV
|
||||
fi
|
||||
|
||||
- name: Add comment on PR if commits are made on GitHub Web UI
|
||||
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
|
||||
if: steps.pr_author.outputs.is_allow_listed == 'false' && env.IS_GITHUB_COMMIT == 'true'
|
||||
with:
|
||||
github-token: ${{ secrets.GITHUB_TOKEN }}
|
||||
script: |
|
||||
core.setFailed("Commits were added via the GitHub Web UI.");
|
||||
github.rest.issues.createComment({
|
||||
issue_number: context.issue.number,
|
||||
owner: context.repo.owner,
|
||||
repo: context.repo.repo,
|
||||
body: "Thanks for your pull request.\n\n**Please do not add commits via the GitHub Web UI.**\n\nIt generally means you have yet to test these changes in a development setup or complete any prerequisites. We need you to follow the guides mentioned in the checklist. Please revalidate these changes in a developer environment and confirm how you validated your changes.\n\nHappy contributing!\n\n---\n_**Note:** This message was automatically generated by a bot. If you feel this message is in error or would like help resolving it, feel free to reach us [in our contributor chat](https://discord.gg/PRyKn3Vbay)._"
|
||||
});
|
||||
@@ -0,0 +1,137 @@
|
||||
name: GitHub - PR Contribution Guidelines
|
||||
|
||||
on:
|
||||
pull_request_target:
|
||||
types: [opened, reopened]
|
||||
|
||||
jobs:
|
||||
# Ensures PR commits were not added via the GitHub Web UI, which typically indicates
|
||||
# the contributor hasn't tested their changes in a local development environment.
|
||||
no-web-commits:
|
||||
name: No Commits on GitHub Web
|
||||
runs-on: ubuntu-24.04
|
||||
outputs:
|
||||
is_allow_listed: ${{ steps.pr_author.outputs.is_allow_listed }}
|
||||
steps:
|
||||
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
|
||||
with:
|
||||
sparse-checkout: .github/scripts/pr-guidelines
|
||||
sparse-checkout-cone-mode: false
|
||||
|
||||
- name: Check if PR author is allow-listed
|
||||
id: pr_author
|
||||
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
|
||||
with:
|
||||
# GITHUB_TOKEN does not have the read:org permission needed for this call
|
||||
# while CAMPERBOT_NO_TRANSLATE does, since it is a PAT for the camperbot account with read:org scope
|
||||
github-token: ${{ secrets.CAMPERBOT_NO_TRANSLATE }}
|
||||
script: |
|
||||
const fn = require('./.github/scripts/pr-guidelines/check-allow-list.js');
|
||||
await fn({ github, context, core });
|
||||
|
||||
- name: Check if commits are made on GitHub Web UI
|
||||
id: check-commits
|
||||
if: steps.pr_author.outputs.is_allow_listed == 'false'
|
||||
env:
|
||||
HEAD_REF: ${{ github.head_ref }}
|
||||
run: |
|
||||
PR_NUMBER=$(jq --raw-output .pull_request.number "$GITHUB_EVENT_PATH")
|
||||
COMMITS_URL="https://api.github.com/repos/$GITHUB_REPOSITORY/pulls/$PR_NUMBER/commits"
|
||||
HAS_GITHUB_SIGNED_COMMIT=$(curl --header "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" "$COMMITS_URL" | jq '[.[] | select(.commit.committer.name == "GitHub") | select(.commit.message | test("revert"; "i") | not)] | length > 0')
|
||||
# GitHub Codespaces also produces GitHub-signed commits, but Codespaces users
|
||||
# work on descriptively named branches. The web editor defaults to patch-N branches.
|
||||
IS_PATCH_BRANCH=false
|
||||
if [[ "$HEAD_REF" =~ ^patch-[0-9]+$ ]]; then
|
||||
IS_PATCH_BRANCH=true
|
||||
fi
|
||||
if [ "$HAS_GITHUB_SIGNED_COMMIT" = "true" ] && [ "$IS_PATCH_BRANCH" = "true" ]; then
|
||||
echo "IS_GITHUB_COMMIT=true" >> $GITHUB_ENV
|
||||
fi
|
||||
|
||||
- name: Add comment on PR if commits are made on GitHub Web UI
|
||||
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
|
||||
if: steps.pr_author.outputs.is_allow_listed == 'false' && env.IS_GITHUB_COMMIT == 'true'
|
||||
with:
|
||||
github-token: ${{ secrets.GITHUB_TOKEN }}
|
||||
script: |
|
||||
core.setFailed("Commits were added via the GitHub Web UI.");
|
||||
await github.rest.issues.createComment({
|
||||
issue_number: context.issue.number,
|
||||
owner: context.repo.owner,
|
||||
repo: context.repo.repo,
|
||||
body: "Thanks for your pull request.\n\n**Please do not add commits via the GitHub Web UI.**\n\nIt generally means you have yet to test these changes in a development setup or complete any prerequisites. We need you to follow the guides mentioned in the checklist. Please revalidate these changes in a developer environment and confirm how you validated your changes.\n\nHappy contributing!\n\n---\n_**Note:** This message was automatically generated by a bot. If you feel this message is in error or would like help resolving it, feel free to reach us [in our contributor chat](https://discord.gg/PRyKn3Vbay)._"
|
||||
});
|
||||
|
||||
- name: Add deprioritized label
|
||||
if: failure()
|
||||
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
|
||||
with:
|
||||
github-token: ${{ secrets.GITHUB_TOKEN }}
|
||||
script: |
|
||||
await github.rest.issues.addLabels({
|
||||
owner: context.repo.owner,
|
||||
repo: context.repo.repo,
|
||||
issue_number: context.issue.number,
|
||||
labels: ['deprioritized']
|
||||
});
|
||||
|
||||
# Normalizes PR titles to follow Conventional Commits format, applying fuzzy fixes
|
||||
# for common mistakes like typos, missing colons, or incorrect spacing.
|
||||
fix-pr-title:
|
||||
name: Fix PR Title
|
||||
runs-on: ubuntu-24.04
|
||||
needs: no-web-commits
|
||||
if: needs.no-web-commits.result == 'success'
|
||||
steps:
|
||||
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
|
||||
with:
|
||||
sparse-checkout: .github/scripts/pr-guidelines
|
||||
sparse-checkout-cone-mode: false
|
||||
|
||||
- uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
|
||||
with:
|
||||
github-token: ${{ secrets.GITHUB_TOKEN }}
|
||||
script: |
|
||||
const fn = require('./.github/scripts/pr-guidelines/fix-pr-title.js');
|
||||
await fn({ github, context });
|
||||
|
||||
# Checks that the PR description still contains the required template.
|
||||
# The first 3 checkboxes must be ticked ([x] or [X]).
|
||||
# The last checkbox (tested locally) is acceptable to leave unticked
|
||||
# but removing the entire template is not.
|
||||
check-pr-template:
|
||||
name: Check PR Template
|
||||
runs-on: ubuntu-24.04
|
||||
needs: no-web-commits
|
||||
if: needs.no-web-commits.result == 'success'
|
||||
steps:
|
||||
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
|
||||
with:
|
||||
sparse-checkout: .github/scripts/pr-guidelines
|
||||
sparse-checkout-cone-mode: false
|
||||
|
||||
- uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
|
||||
with:
|
||||
github-token: ${{ secrets.GITHUB_TOKEN }}
|
||||
script: |
|
||||
const fn = require('./.github/scripts/pr-guidelines/check-pr-template.js');
|
||||
await fn({ github, context, isAllowListed: '${{ needs.no-web-commits.outputs.is_allow_listed }}' });
|
||||
|
||||
# Verifies that each PR references a linked, triaged issue before it can be reviewed.
|
||||
check-linked-issue:
|
||||
name: Check Linked Issue
|
||||
runs-on: ubuntu-24.04
|
||||
needs: no-web-commits
|
||||
if: needs.no-web-commits.result == 'success'
|
||||
steps:
|
||||
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
|
||||
with:
|
||||
sparse-checkout: .github/scripts/pr-guidelines
|
||||
sparse-checkout-cone-mode: false
|
||||
|
||||
- uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
|
||||
with:
|
||||
github-token: ${{ secrets.GITHUB_TOKEN }}
|
||||
script: |
|
||||
const fn = require('./.github/scripts/pr-guidelines/check-linked-issue.js');
|
||||
await fn({ github, context, isAllowListed: '${{ needs.no-web-commits.outputs.is_allow_listed }}' });
|
||||
Reference in New Issue
Block a user