Jose/ansible_role_proxmox_provision
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
ansible_role_proxmox_provision/.gitea/workflows/pr-check.yaml
Jose ecddd28472
All checks were successful
ansible-lint / Ansible Lint (push) Successful in 12s
Details
Gitleaks Scan / gitleaks (push) Successful in 4s
Details
Markdown Lint / markdown-lint (push) Successful in 5s
Details
ai-reviews / Review PR (pull_request) Successful in 18s
Details
PR check / Gitleaks (pull_request) Successful in 5s
Details
PR check / lint tests (pull_request) Successful in 14s
Details
PR check / labeler (pull_request) Successful in 3s
Details
PR check / handle_failures (pull_request) Has been skipped
Details
PR check / handle_success (pull_request) Successful in 1s
Details
feat : Add labeler configuration for PR auto-labeling 
This commit introduces a new `.gitea/labeler.yml` file and configures a 'labeler' job to automatically apply labels to pull requests based on the changes made in the files. This enhances the efficiency of managing PRs by reducing manual intervention.
2026-02-14 20:07:28 +01:00

206 lines
6.6 KiB
YAML
Raw Permalink Blame History

---
# https://github.com/kekxv/pr-check
name: PR check
on:
pull_request:
types: [opened, synchronize]
jobs:
leak_test:
name: Gitleaks
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v6
with:
github-server-url: ${{ vars.GIT_SERVER_URL }}
- name: Install Gitleaks
run: |
curl -sSL https://github.com/gitleaks/gitleaks/releases/download/v8.30.0/gitleaks_8.30.0_linux_x64.tar.gz \
| tar -xz
sudo mv gitleaks /usr/local/bin/
- name: Run Gitleaks
run: |
gitleaks dir . \
--config .gitleaks.toml \
--redact=50 \
--verbose \
--exit-code 1
# --exclude-files "README.md"
lint_test:
name: lint tests
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v6
with:
github-server-url: ${{ vars.GIT_SERVER_URL }}
- name: Install Node.js
uses: actions/setup-node@v4
with:
node-version: 20
- name: Run markdownlint
run: npx markdownlint-cli2 "**/*.md" "#node_modules"
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: "3.14"
- name: Install ansible-lint and yamllint
run: |
python -m pip install --upgrade pip
pip install ansible ansible-lint yamllint
- name: Run yamllint
run: |
yamllint .
- name: Run ansible-lint
run: |
ansible-lint
labeler:
permissions:
contents: read
pull-requests: write
runs-on: ubuntu-latest
steps:
- uses: actions/labeler@v6
with:
repo-token: ${{ secrets.GITEA_TOKEN }}
configuration-path: .gitea/labeler.yml
handle_failures:
runs-on: ubuntu-latest
needs: [leak_test, lint_test]
if: "${{ always() && (
needs.leak_test.result != 'success' ||
needs.lint_test.result != 'success' ) }}"
steps:
- name: Comment, label, and close PR
run: |
API="${{ vars.GIT_SERVER_URL }}/api/v1/repos/${{ github.repository }}"
PR="${{ github.event.pull_request.number }}"
TOKEN="${{ secrets.GITEA_TOKEN }}"
COMMENT_BODY="❌ CI checks failed.\n\nLeak: ${{ needs.leak_test.result }}\nLint: ${{ needs.lint_test.result }}"
# Find existing comment
EXISTING_COMMENT_ID=$(curl -s -H "Authorization: token $TOKEN" \
"$API/issues/$PR/comments" \
| jq -r '.[] | select(.body | test("<!--ci-failed-comment-->")) | .id')
# Update or create comment
if [ -n "$EXISTING_COMMENT_ID" ]; then
curl -s -X PATCH \
-H "Authorization: token $TOKEN" \
-H "Content-Type: application/json" \
-d "{\"body\":\"<!--ci-failed-comment-->\n$COMMENT_BODY\"}" \
"$API/issues/$PR/comments/$EXISTING_COMMENT_ID"
else
curl -s -X POST \
-H "Authorization: token $TOKEN" \
-H "Content-Type: application/json" \
-d "{\"body\":\"<!--ci-failed-comment-->\n$COMMENT_BODY\"}" \
"$API/issues/$PR/comments"
fi
# Remove ci-pass +label if exists
LABELS=$(curl -s -H "Authorization: token $TOKEN" "$API/issues/$PR/labels" | jq -r '.[] | .name')
if echo "$LABELS" | grep -q "^ci-pass$"; then
curl -s -X DELETE \
-H "Authorization: token $TOKEN" \
"$API/issues/$PR/labels/ci-pass"
fi
# Add label if missing
LABELS=$(curl -s -H "Authorization: token $TOKEN" "$API/issues/$PR/labels" | jq -r '.[] | .name')
if ! echo "$LABELS" | grep -q "^ci-failed$"; then
curl -s -X POST \
-H "Authorization: token $TOKEN" \
-H "Content-Type: application/json" \
-d '["ci-failed"]' \
"$API/issues/$PR/labels"
fi
# Close PR
curl -s -X PATCH \
-H "Authorization: token $TOKEN" \
-H "Content-Type: application/json" \
-d '{"state":"closed"}' \
"$API/pulls/$PR"
handle_success:
runs-on: ubuntu-latest
needs: [leak_test, lint_test]
if: needs.leak_test.result == 'success' && needs.lint_test.result == 'success'
steps:
- name: Update comment, remove label, reopen PR
run: |
API="${{ vars.GIT_SERVER_URL }}/api/v1/repos/${{ github.repository }}"
PR="${{ github.event.pull_request.number }}"
TOKEN="${{ secrets.GITEA_TOKEN }}"
COMMENT_BODY="✅ CI checks pass.\n\nLeaks: ${{ needs.leak_test.result }}\nLint: ${{ needs.lint_test.result }}"
# Find existing comment
EXISTING_COMMENT_ID=$(curl -s -H "Authorization: token $TOKEN" \
"$API/issues/$PR/comments" \
| jq -r '.[] | select(.body | test("<!--ci-failed-comment-->")) | .id')
# Update comment if exists
if [ -n "$EXISTING_COMMENT_ID" ]; then
curl -s -X PATCH \
-H "Authorization: token $TOKEN" \
-H "Content-Type: application/json" \
-d "{\"body\":\"<!--ci-failed-comment-->\n$COMMENT_BODY\"}" \
"$API/issues/$PR/comments/$EXISTING_COMMENT_ID"
else
curl -s -X POST \
-H "Authorization: token $TOKEN" \
-H "Content-Type: application/json" \
-d "$COMMENT_PAYLOAD" \
"$API/issues/$PR/comments"
fi
# Remove ci-failed +label if exists
LABELS=$(curl -s -H "Authorization: token $TOKEN" "$API/issues/$PR/labels" | jq -r '.[] | .name')
if echo "$LABELS" | grep -q "^ci-failed$"; then
curl -s -X DELETE \
-H "Authorization: token $TOKEN" \
"$API/issues/$PR/labels/ci-failed"
fi
# Add ci-pass if not present
if ! echo "$LABELS" | grep -q "^ci-pass$"; then
echo "Adding ci-pass label"
curl -s -X POST \
-H "Authorization: token $TOKEN" \
-H "Content-Type: application/json" \
-d '{"labels":["ci-pass"]}' \
"$API/issues/$PR/labels"
fi
# Reopen PR if closed
PR_STATE=$(curl -s -H "Authorization: token $TOKEN" "$API/pulls/$PR" | jq -r '.state')
if [ "$PR_STATE" = "closed" ]; then
curl -s -X PATCH \
-H "Authorization: token $TOKEN" \
-H "Content-Type: application/json" \
-d '{"state":"open"}' \
"$API/pulls/$PR"
fi
Reference in New Issue View Git Blame Copy Permalink