From 2593a70dceda48e7a675ba6ffc6430d68ab86b61 Mon Sep 17 00:00:00 2001 From: Okinea Dev Date: Mon, 20 Jan 2025 09:15:17 +0200 Subject: [PATCH 1/3] =?UTF-8?q?feat(ci):=20=F0=9F=94=96=20add=20labels=20t?= =?UTF-8?q?o=20PRs=20and=20use=20reusable=20workflows?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/add-labels.yml | 28 ++++++++++++++++++++++++++++ .github/workflows/build.yml | 1 - .github/workflows/color-check.yml | 1 - .github/workflows/pr-closed.yml | 24 +++++++----------------- .github/workflows/pr-title.yml | 28 +++------------------------- 5 files changed, 38 insertions(+), 44 deletions(-) create mode 100644 .github/workflows/add-labels.yml diff --git a/.github/workflows/add-labels.yml b/.github/workflows/add-labels.yml new file mode 100644 index 0000000000..d713520cc1 --- /dev/null +++ b/.github/workflows/add-labels.yml @@ -0,0 +1,28 @@ +name: 🔖 Add status labels + +on: + workflow_run: + workflows: + - 🛠️ Build + Test + - 🎨 Check SVG icon colors + - ✅ Check PR Title + types: [completed] + +jobs: + add-labels: + runs-on: ubuntu-latest + + if: github.event.workflow_run.event == 'pull_request' + + steps: + - name: 🏷️ Manage label based on workflow result + uses: material-extensions/add-labels@60e0e247ae419e306ff73fff891bbf9bcf7d85c4 # v1.0.5 + with: + labels: | + ${{ github.event.workflow_run.name == '🛠️ Build + Test' && '❌ build failed' || + github.event.workflow_run.name == '🎨 Check SVG icon colors' && '🎨 wrong colors' || + github.event.workflow_run.name == '✅ Check PR Title' && '📝 invalid title' }} + + action: ${{ github.event.workflow_run.conclusion == 'failure' && 'add' || 'remove' }} + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 1f0edbdad4..090b2db63c 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -48,7 +48,6 @@ jobs: run: bun install --frozen-lockfile - name: 🚀 Test + Build - id: build run: | bun test bun run vscode:prepublish diff --git a/.github/workflows/color-check.yml b/.github/workflows/color-check.yml index 6a9ccc7064..10ad7fa0cc 100644 --- a/.github/workflows/color-check.yml +++ b/.github/workflows/color-check.yml @@ -32,7 +32,6 @@ jobs: git fetch origin $TARGET_BRANCH - name: 🎨 Check colors - id: color-check run: | svgFiles=$(git diff origin/$TARGET_BRANCH --diff-filter=ACMRTUX --name-only | grep '.svg$') npx svg-color-linter --config material-colors.yml ${svgFiles} diff --git a/.github/workflows/pr-closed.yml b/.github/workflows/pr-closed.yml index 4f2ad5798a..7190a833d3 100644 --- a/.github/workflows/pr-closed.yml +++ b/.github/workflows/pr-closed.yml @@ -1,7 +1,7 @@ name: 🎉 PR closed on: - pull_request: + pull_request_target: types: - closed @@ -11,23 +11,13 @@ permissions: jobs: thank-you: - runs-on: ubuntu-latest - if: github.event.pull_request.merged == true - steps: - - name: 🙏 Post Thank You Comment - uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 - with: - script: | - github.rest.issues.createComment({ - issue_number: context.issue.number, - owner: context.repo.owner, - repo: context.repo.repo, - body: ` - ## Merge Successful + uses: material-extensions/workflows/.github/workflows/pr-closed.yml@main + with: + comment: | + ## Merge Successful - Thanks for your contribution! 🎉 + Thanks for your contribution! 🎉 - The changes will be part of the upcoming update on the Marketplace.` - }) + The changes will be part of the upcoming update on the Marketplace. diff --git a/.github/workflows/pr-title.yml b/.github/workflows/pr-title.yml index a920a3d0b4..08f7636a7a 100644 --- a/.github/workflows/pr-title.yml +++ b/.github/workflows/pr-title.yml @@ -4,32 +4,10 @@ on: pull_request: types: [opened, edited] -permissions: - pull-requests: write - jobs: lint-pr-title: - name: Check PR Title - - runs-on: ubuntu-latest - if: ${{ github.event.action == 'opened' || github.event.changes.title != null }} - steps: - - name: 📥 Checkout - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - # Only fetch the config file from the repository - sparse-checkout-cone-mode: false - sparse-checkout: | - commitlint.config.js - - - name: 📦 Install dependencies - run: npm install --global @commitlint/config-conventional commitlint - - - name: 🔍 Check PR title with commitlint - id: title-check - env: - PR_TITLE: ${{ github.event.pull_request.title }} - HELP_URL: https://github.com/material-extensions/vscode-material-icon-theme/blob/main/CONTRIBUTING.md#conventional-pull-request-titles - run: echo "$PR_TITLE" | npx commitlint --help-url $HELP_URL + uses: material-extensions/workflows/.github/workflows/pr-title.yml@main + with: + commitlint-help-url: https://github.com/material-extensions/vscode-material-icon-theme/blob/main/CONTRIBUTING.md#conventional-pull-request-titles From 7512b147ec15d958256f2e9f3c6c01da695356c6 Mon Sep 17 00:00:00 2001 From: Okinea Dev Date: Mon, 20 Jan 2025 09:26:15 +0200 Subject: [PATCH 2/3] =?UTF-8?q?fix:=20=F0=9F=9B=A1=EF=B8=8F=20fix=20securi?= =?UTF-8?q?ty=20backdoors.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/add-labels.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/add-labels.yml b/.github/workflows/add-labels.yml index d713520cc1..a876dbd6fe 100644 --- a/.github/workflows/add-labels.yml +++ b/.github/workflows/add-labels.yml @@ -8,6 +8,10 @@ on: - ✅ Check PR Title types: [completed] +permissions: + contents: read + pull-requests: write + jobs: add-labels: runs-on: ubuntu-latest From 6beb5edf0545646d1d41e50ae0eed65a572bc8c9 Mon Sep 17 00:00:00 2001 From: Okinea Dev Date: Tue, 21 Jan 2025 08:34:35 +0200 Subject: [PATCH 3/3] =?UTF-8?q?chore(ci):=20=F0=9F=94=A7=20remove=20unnece?= =?UTF-8?q?ssary=20permissions=20in=20PR=20closed=20workflow?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Removed `contents: read` permission from the `pr-closed.yml` workflow. --- .github/workflows/pr-closed.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/pr-closed.yml b/.github/workflows/pr-closed.yml index 7190a833d3..c870517cef 100644 --- a/.github/workflows/pr-closed.yml +++ b/.github/workflows/pr-closed.yml @@ -6,7 +6,6 @@ on: - closed permissions: - contents: read pull-requests: write jobs: