git-commit-vandalism/.github/workflows/l10n.yml
Jiang Xin a788d31931 ci: new github-action for git-l10n code review
The repository of git-l10n is a fork of "git/git" on GitHub, and uses
GitHub pull request for code review. A helper program "git-po-helper"
can be used to check typos in ".po" files, validate syntax, and check
commit messages. It would be convenient to integrate this helper program
to CI and add comments in pull request.

The new github-action workflow will be enabled for l10n related
operations, such as:

 * Operations on a repository named as "git-po", such as a repository
   forked from "git-l10n/git-po".

 * Push to a branch that contains "l10n" in the name.

 * Pull request from a remote branch which has "l10n" in the name, such
   as: "l10n/fix-fuzzy-translations".

The new l10n workflow listens to two types of github events:

    on: [push, pull_request_target]

The reason we use "pull_request_target" instead of "pull_request" is
that pull requests from forks receive a read-only GITHUB_TOKEN and
workflows cannot write comments back to pull requests for security
reasons. GitHub provides a "pull_request_target" event to resolve
security risks by checking out the base commit from the target
repository, and provide write permissions for the workflow.

By default, administrators can set strict permissions for workflows. The
following code is used to modify the permissions for the GITHUB_TOKEN
and grant write permission in order to create comments in pull-requests.

    permissions:
      pull-requests: write

This workflow will scan commits one by one. If a commit does not look
like a l10n commit (no file in "po/" has been changed), the scan process
will stop immediately. For a "push" event, no error will be reported
because it is normal to push non-l10n commits merged from upstream. But
for the "pull_request_target" event, errors will be reported. For this
reason, additional option is provided for "git-po-helper".

    git-po-helper check-commits \
        --github-action-event="${{ github.event_name }}" -- \
        <base>..<head>

The output messages of "git-po-helper" contain color codes not only for
console, but also for logfile. This is because "git-po-helper" uses a
package named "logrus" for logging, and I use an additional option
"ForceColor" to initialize "logrus" to print messages in a user-friendly
format in logfile output. These color codes help produce beautiful
output for the log of workflow, but they must be stripped off when
creating comments for pull requests. E.g.:

    perl -pe 's/\e\[[0-9;]*m//g' git-po-helper.out

"git-po-helper" may generate two kinds of suggestions, errors and
warnings. All the errors and warnings will be reported in the log of the
l10n workflow. However, warnings in the log of the workflow for a
successfully running "git-po-helper" can easily be ignored by users.
For the "pull_request_target" event, this issue is resolved by creating
an additional comment in the pull request. A l10n contributor should try
to fix all the errors, and should pay attention to the warnings.

Helped-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Signed-off-by: Jiang Xin <zhiyou.jx@alibaba-inc.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2021-09-09 12:55:21 -07:00

106 lines
3.6 KiB
YAML

name: git-l10n
on: [push, pull_request_target]
jobs:
git-po-helper:
if: >-
endsWith(github.repository, '/git-po') ||
contains(github.head_ref, 'l10n') ||
contains(github.ref, 'l10n')
runs-on: ubuntu-latest
permissions:
pull-requests: write
steps:
- name: Setup base and head objects
id: setup-tips
run: |
if test "${{ github.event_name }}" = "pull_request_target"
then
base=${{ github.event.pull_request.base.sha }}
head=${{ github.event.pull_request.head.sha }}
else
base=${{ github.event.before }}
head=${{ github.event.after }}
fi
echo "::set-output name=base::$base"
echo "::set-output name=head::$head"
- name: Run partial clone
run: |
git -c init.defaultBranch=master init --bare .
git remote add \
--mirror=fetch \
origin \
https://github.com/${{ github.repository }}
# Fetch tips that may be unreachable from github.ref:
# - For a forced push, "$base" may be unreachable.
# - For a "pull_request_target" event, "$head" may be unreachable.
args=
for commit in \
${{ steps.setup-tips.outputs.base }} \
${{ steps.setup-tips.outputs.head }}
do
case $commit in
*[^0]*)
args="$args $commit"
;;
*)
# Should not fetch ZERO-OID.
;;
esac
done
git -c protocol.version=2 fetch \
--progress \
--no-tags \
--no-write-fetch-head \
--filter=blob:none \
origin \
${{ github.ref }} \
$args
- uses: actions/setup-go@v2
with:
go-version: '>=1.16'
- name: Install git-po-helper
run: go install github.com/git-l10n/git-po-helper@main
- name: Install other dependencies
run: |
sudo apt-get update -q &&
sudo apt-get install -q -y gettext
- name: Run git-po-helper
id: check-commits
run: |
exit_code=0
git-po-helper check-commits \
--github-action-event="${{ github.event_name }}" -- \
${{ steps.setup-tips.outputs.base }}..${{ steps.setup-tips.outputs.head }} \
>git-po-helper.out 2>&1 || exit_code=$?
if test $exit_code -ne 0 || grep -q WARNING git-po-helper.out
then
# Remove ANSI colors which are proper for console logs but not
# proper for PR comment.
echo "COMMENT_BODY<<EOF" >>$GITHUB_ENV
perl -pe 's/\e\[[0-9;]*m//g; s/\bEOF$//g' git-po-helper.out >>$GITHUB_ENV
echo "EOF" >>$GITHUB_ENV
fi
cat git-po-helper.out
exit $exit_code
- name: Create comment in pull request for report
uses: mshick/add-pr-comment@v1
if: >-
always() &&
github.event_name == 'pull_request_target' &&
env.COMMENT_BODY != ''
with:
repo-token: ${{ secrets.GITHUB_TOKEN }}
repo-token-user-login: 'github-actions[bot]'
message: >
${{ steps.check-commits.outcome == 'failure' && 'Errors and warnings' || 'Warnings' }}
found by [git-po-helper](https://github.com/git-l10n/git-po-helper#readme) in workflow
[#${{ github.run_number }}](${{ env.GITHUB_SERVER_URL }}/${{ github.repository }}/actions/runs/${{ github.run_id }}):
```
${{ env.COMMENT_BODY }}
```