|
| 1 | +name: PR Validation |
| 2 | + |
| 3 | +on: |
| 4 | + pull_request: |
| 5 | + branches: [develop] |
| 6 | + workflow_dispatch: |
| 7 | + inputs: |
| 8 | + pull_request_number: |
| 9 | + description: "Pull Request Number" |
| 10 | + required: true |
| 11 | + type: number |
| 12 | + |
| 13 | +permissions: {} |
| 14 | + |
| 15 | +concurrency: |
| 16 | + group: ${{ github.ref }}-${{ github.workflow }} |
| 17 | + cancel-in-progress: true |
| 18 | + |
| 19 | +jobs: |
| 20 | + lint: |
| 21 | + name: Lint |
| 22 | + runs-on: ubuntu-latest |
| 23 | + permissions: |
| 24 | + checks: write |
| 25 | + contents: write |
| 26 | + pull-requests: write |
| 27 | + |
| 28 | + steps: |
| 29 | + - name: Get PR details |
| 30 | + id: pr-details |
| 31 | + run: | |
| 32 | + if [ "${{ github.event_name }}" = "workflow_dispatch" ]; then |
| 33 | + PR_NUMBER="${{ inputs.pull_request_number }}" |
| 34 | + echo "Fetching details for PR #$PR_NUMBER" |
| 35 | +
|
| 36 | + PR_DATA=$(gh pr view "$PR_NUMBER" --repo "${{ github.repository }}" --json headRefName,headRepository,author) |
| 37 | + HEAD_REF=$(echo "$PR_DATA" | jq -r '.headRefName') |
| 38 | + AUTHOR_LOGIN=$(echo "$PR_DATA" | jq -r '.author.login') |
| 39 | + HEAD_REPO=$(echo "$PR_DATA" | jq -r '.headRepository.nameWithOwner') |
| 40 | +
|
| 41 | + echo "head_ref=$HEAD_REF" >> $GITHUB_OUTPUT |
| 42 | + echo "author_login=$AUTHOR_LOGIN" >> $GITHUB_OUTPUT |
| 43 | + echo "head_repo=$HEAD_REPO" >> $GITHUB_OUTPUT |
| 44 | + else |
| 45 | + echo "head_ref=${{ github.event.pull_request.head.ref }}" >> $GITHUB_OUTPUT |
| 46 | + echo "author_login=${{ github.event.pull_request.user.login }}" >> $GITHUB_OUTPUT |
| 47 | + echo "head_repo=${{ github.event.pull_request.head.repo.full_name }}" >> $GITHUB_OUTPUT |
| 48 | + fi |
| 49 | + env: |
| 50 | + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} |
| 51 | + |
| 52 | + - name: Check out repository |
| 53 | + uses: actions/checkout@v6 |
| 54 | + with: |
| 55 | + ref: ${{ steps.pr-details.outputs.head_ref }} |
| 56 | + token: ${{ secrets.PAT || secrets.GITHUB_TOKEN }} |
| 57 | + fetch-depth: 0 |
| 58 | + |
| 59 | + - name: Run MegaLinter |
| 60 | + id: ml |
| 61 | + uses: oxsecurity/megalinter/flavors/dotnetweb@v9 |
| 62 | + env: |
| 63 | + VALIDATE_ALL_CODEBASE: false |
| 64 | + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |
| 65 | + LLM_ADVISOR_ENABLED: >- |
| 66 | + ${{ |
| 67 | + steps.pr-details.outputs.author_login != 'dependabot[bot]' && |
| 68 | + steps.pr-details.outputs.author_login != 'github-actions[bot]' && |
| 69 | + !startsWith(steps.pr-details.outputs.author_login, 'dependabot') |
| 70 | + }} |
| 71 | +
|
| 72 | + - name: Upload lint reports |
| 73 | + if: always() |
| 74 | + uses: actions/upload-artifact@v5 |
| 75 | + with: |
| 76 | + name: Lint Report |
| 77 | + path: | |
| 78 | + megalinter-reports |
| 79 | + mega-linter.log |
| 80 | +
|
| 81 | + - name: Prepare git directory |
| 82 | + if: >- |
| 83 | + steps.ml.outputs.has_updated_sources == 1 && |
| 84 | + steps.pr-details.outputs.head_repo == github.repository |
| 85 | + run: sudo chown -Rc $UID .git/ |
| 86 | + |
| 87 | + - name: Commit and push MegaLinter fixes |
| 88 | + if: >- |
| 89 | + steps.ml.outputs.has_updated_sources == 1 && |
| 90 | + steps.pr-details.outputs.head_repo == github.repository |
| 91 | + run: | |
| 92 | + git config user.name "megalinter-bot" |
| 93 | + git config user.email "129584137+megalinter-bot@users.noreply.github.com" |
| 94 | +
|
| 95 | + if [[ -n $(git status -s) ]]; then |
| 96 | + git add . |
| 97 | + git commit -m "Apply lint fixes" |
| 98 | +
|
| 99 | + for i in {1..4}; do |
| 100 | + if git push; then |
| 101 | + echo "✅ MegaLinter fixes pushed successfully" |
| 102 | + break |
| 103 | + else |
| 104 | + if [[ "$i" -lt 4 ]]; then |
| 105 | + WAIT_TIME=$((2 ** i)) |
| 106 | + echo "⚠️ Push failed, retrying in ${WAIT_TIME}s..." |
| 107 | + sleep "$WAIT_TIME" |
| 108 | + else |
| 109 | + echo "❌ Push failed after 4 attempts" |
| 110 | + exit 1 |
| 111 | + fi |
| 112 | + fi |
| 113 | + done |
| 114 | + else |
| 115 | + echo "ℹ️ No MegaLinter changes to commit" |
| 116 | + fi |
| 117 | +
|
| 118 | + build: |
| 119 | + name: Build |
| 120 | + runs-on: ubuntu-latest |
| 121 | + permissions: |
| 122 | + checks: write |
| 123 | + contents: write |
| 124 | + pull-requests: write |
| 125 | + |
| 126 | + steps: |
| 127 | + - name: Get PR details |
| 128 | + id: pr-details |
| 129 | + run: | |
| 130 | + if [ "${{ github.event_name }}" = "workflow_dispatch" ]; then |
| 131 | + PR_NUMBER="${{ inputs.pull_request_number }}" |
| 132 | + echo "Fetching details for PR #$PR_NUMBER" |
| 133 | +
|
| 134 | + PR_DATA=$(gh pr view "$PR_NUMBER" --repo "${{ github.repository }}" --json headRefName) |
| 135 | + HEAD_REF=$(echo "$PR_DATA" | jq -r '.headRefName') |
| 136 | +
|
| 137 | + echo "head_ref=$HEAD_REF" >> $GITHUB_OUTPUT |
| 138 | + else |
| 139 | + echo "head_ref=${{ github.event.pull_request.head.ref }}" >> $GITHUB_OUTPUT |
| 140 | + fi |
| 141 | + env: |
| 142 | + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} |
| 143 | + |
| 144 | + - name: Check out repository |
| 145 | + uses: actions/checkout@v6 |
| 146 | + with: |
| 147 | + ref: ${{ steps.pr-details.outputs.head_ref }} |
| 148 | + |
| 149 | + - name: Set up .NET SDK |
| 150 | + uses: actions/setup-dotnet@v5 |
| 151 | + |
| 152 | + - name: Run build |
| 153 | + run: dotnet run |
| 154 | + |
| 155 | + - name: Upload output |
| 156 | + uses: actions/upload-artifact@v5 |
| 157 | + with: |
| 158 | + name: Generated Site |
| 159 | + path: output/ |
| 160 | + env: |
| 161 | + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |
0 commit comments