fix: annotate pods with resolved OvercommitClass #28
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Check Signed-Off-By | |
| on: | |
| workflow_call: | |
| pull_request_target: | |
| types: [opened, synchronize, reopened] | |
| jobs: | |
| signoff-check: | |
| runs-on: ubuntu-latest | |
| name: Check Signed-Off-By | |
| steps: | |
| # Allow bots that open PRs automatically (e.g. right after a merge) to | |
| # bypass the Signed-Off-By check. We require BOTH the PR author AND the | |
| # event sender to be bots, so a human editing a bot's PR from the web | |
| # (a `synchronize` event whose sender is a user) is NOT allowed to bypass. | |
| - name: Determine bot bypass | |
| id: bot-check | |
| uses: actions/github-script@v6 | |
| with: | |
| script: | | |
| const pr = context.payload.pull_request; | |
| const sender = context.payload.sender; | |
| const authorIsBot = pr?.user?.type === 'Bot'; | |
| const senderIsBot = sender?.type === 'Bot'; | |
| const bypass = Boolean(pr) && authorIsBot && senderIsBot; | |
| if (bypass) { | |
| core.info(`Bypassing Signed-Off-By check: PR opened by bot '${pr.user.login}' (sender '${sender.login}').`); | |
| } else if (pr) { | |
| core.info(`Running Signed-Off-By check: authorIsBot=${authorIsBot}, senderIsBot=${senderIsBot}.`); | |
| } | |
| core.setOutput('bypass', bypass); | |
| - name: Generate app token | |
| id: generate-token | |
| if: steps.bot-check.outputs.bypass != 'true' | |
| uses: peter-murray/workflow-application-token-action@d17e3a9a36850ea89f35db16c1067dd2b68ee343 # v4 | |
| with: | |
| application_id: ${{ vars.IT_SO_CHK_APP_ID }} | |
| application_private_key: ${{ secrets.IT_SO_CHK_PKEY }} | |
| - name: Checkout | |
| if: steps.bot-check.outputs.bypass != 'true' | |
| uses: actions/checkout@v5 | |
| with: | |
| token: ${{ steps.generate-token.outputs.token }} | |
| repository: InditexTech/cla-checker | |
| - name: Install dependencies | |
| if: steps.bot-check.outputs.bypass != 'true' | |
| run: npm install js-yaml handlebars | |
| - name: Collect PR Data | |
| id: collect-data | |
| if: steps.bot-check.outputs.bypass != 'true' | |
| uses: actions/github-script@v6 | |
| with: | |
| github-token: ${{ steps.generate-token.outputs.token }} | |
| script: | | |
| const script = require('./data-collector.js') | |
| await script({ github, context, core }) | |
| - name: Check Signoffs | |
| id: check-signoffs | |
| if: steps.bot-check.outputs.bypass != 'true' | |
| uses: actions/github-script@v6 | |
| with: | |
| github-token: ${{ steps.generate-token.outputs.token }} | |
| script: | | |
| const script = require('./signoff-checker.js') | |
| await script({ core }) | |
| env: | |
| INPUT_PR-DATA: ${{ steps.collect-data.outputs.pr-data }} | |
| - name: Generate PR Comment | |
| if: always() && steps.bot-check.outputs.bypass != 'true' | |
| uses: actions/github-script@v6 | |
| with: | |
| github-token: ${{ steps.generate-token.outputs.token }} | |
| script: | | |
| const script = require('./comment-writer.js') | |
| await script({ github, context, core }) | |
| env: | |
| INPUT_PR-DATA: ${{ steps.collect-data.outputs.pr-data }} | |
| INPUT_SIGNOFF-VALID: ${{ steps.check-signoffs.outputs.signoff-valid }} | |
| INPUT_SIGNOFF-PROBLEMS: ${{ steps.check-signoffs.outputs.signoff-problems }} |