Feature: Support manual redaction #358
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Check Properties Files | |
on: | |
pull_request_target: | |
types: [opened, synchronize, reopened] | |
paths: | |
- "src/main/resources/messages_*.properties" | |
push: | |
branches: ["main"] | |
paths: | |
- "src/main/resources/messages_en_GB.properties" | |
jobs: | |
check-files: | |
if: github.event_name == 'pull_request_target' | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout main branch first | |
uses: actions/checkout@v4 | |
with: | |
ref: main | |
path: main-branch | |
fetch-depth: 0 | |
- name: Checkout PR branch | |
uses: actions/checkout@v4 | |
with: | |
repository: ${{ github.event.pull_request.head.repo.full_name }} | |
ref: ${{ github.event.pull_request.head.ref }} | |
path: pr-branch | |
fetch-depth: 0 | |
- name: Set up Python | |
uses: actions/setup-python@v5 | |
with: | |
python-version: "3.x" | |
- name: Install GitHub CLI | |
run: sudo apt-get update && sudo apt-get install -y gh | |
- name: Fetch PR changed files | |
id: fetch-pr-changes | |
env: | |
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
run: | | |
echo "Fetching PR changed files..." | |
cd pr-branch | |
gh repo set-default ${{ github.repository }} | |
# Store files in a safe way, only allowing valid properties files | |
echo "Getting list of changed files from PR..." | |
gh pr view ${{ github.event.pull_request.number }} --json files -q ".files[].path" | grep -E '^src/main/resources/messages_[a-zA-Z_]+\.properties$' > ../changed_files.txt | |
cd .. | |
echo "Processing changed files..." | |
mapfile -t CHANGED_FILES < changed_files.txt | |
CHANGED_FILES_STR="${CHANGED_FILES[*]}" | |
echo "CHANGED_FILES=${CHANGED_FILES_STR}" >> $GITHUB_ENV | |
echo "Changed files: ${CHANGED_FILES_STR}" | |
- name: Determine reference file | |
id: determine-file | |
run: | | |
echo "Determining reference file..." | |
if grep -Fxq "src/main/resources/messages_en_GB.properties" changed_files.txt; then | |
echo "Using PR branch reference file" | |
echo "REFERENCE_FILE=pr-branch/src/main/resources/messages_en_GB.properties" >> $GITHUB_ENV | |
else | |
echo "Using main branch reference file" | |
echo "REFERENCE_FILE=main-branch/src/main/resources/messages_en_GB.properties" >> $GITHUB_ENV | |
fi | |
- name: Show REFERENCE_FILE | |
run: echo "Reference file is set to ${REFERENCE_FILE}" | |
- name: Run Python script to check files | |
id: run-check | |
run: | | |
echo "Running Python script to check files..." | |
python main-branch/.github/scripts/check_language_properties.py \ | |
--actor ${{ github.event.pull_request.user.login }} \ | |
--reference-file "${REFERENCE_FILE}" \ | |
--branch pr-branch \ | |
--files "${CHANGED_FILES[@]}" > result.txt || true | |
- name: Capture output | |
id: capture-output | |
run: | | |
if [ -f result.txt ] && [ -s result.txt ]; then | |
echo "Test, capturing output..." | |
SCRIPT_OUTPUT=$(cat result.txt) | |
echo "SCRIPT_OUTPUT<<EOF" >> $GITHUB_ENV | |
echo "$SCRIPT_OUTPUT" >> $GITHUB_ENV | |
echo "EOF" >> $GITHUB_ENV | |
echo "${SCRIPT_OUTPUT}" | |
# Set FAIL_JOB to true if SCRIPT_OUTPUT contains ❌ | |
if [[ "$SCRIPT_OUTPUT" == *"❌"* ]]; then | |
echo "FAIL_JOB=true" >> $GITHUB_ENV | |
else | |
echo "FAIL_JOB=false" >> $GITHUB_ENV | |
fi | |
else | |
echo "No update found." | |
echo "SCRIPT_OUTPUT=" >> $GITHUB_ENV | |
echo "FAIL_JOB=false" >> $GITHUB_ENV | |
fi | |
- name: Post comment on PR | |
if: env.SCRIPT_OUTPUT != '' | |
uses: actions/github-script@v7 | |
with: | |
script: | | |
const { GITHUB_REPOSITORY, SCRIPT_OUTPUT } = process.env; | |
const [repoOwner, repoName] = GITHUB_REPOSITORY.split('/'); | |
const prNumber = context.issue.number; | |
// Find existing comment | |
const comments = await github.rest.issues.listComments({ | |
owner: repoOwner, | |
repo: repoName, | |
issue_number: prNumber | |
}); | |
const comment = comments.data.find(c => c.body.includes("## 🚀 Translation Verification Summary")); | |
// Only allow the action user to update comments | |
const expectedActor = "github-actions[bot]"; | |
if (comment && comment.user.login === expectedActor) { | |
// Update existing comment | |
await github.rest.issues.updateComment({ | |
owner: repoOwner, | |
repo: repoName, | |
comment_id: comment.id, | |
body: `## 🚀 Translation Verification Summary\n\n\n${SCRIPT_OUTPUT}\n` | |
}); | |
console.log("Updated existing comment."); | |
} else if (!comment) { | |
// Create new comment if no existing comment is found | |
await github.rest.issues.createComment({ | |
owner: repoOwner, | |
repo: repoName, | |
issue_number: prNumber, | |
body: `## 🚀 Translation Verification Summary\n\n\n${SCRIPT_OUTPUT}\n` | |
}); | |
console.log("Created new comment."); | |
} else { | |
console.log("Comment update attempt denied. Actor does not match."); | |
} | |
- name: Fail job if errors found | |
if: env.FAIL_JOB == 'true' | |
run: | | |
echo "Failing the job because errors were detected." | |
exit 1 | |
update-translations-main: | |
if: github.event_name == 'push' | |
permissions: | |
contents: write | |
pull-requests: write | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
- name: Set up Python | |
uses: actions/setup-python@v5 | |
with: | |
python-version: "3.x" | |
- name: Run Python script to check files | |
id: run-check | |
run: | | |
echo "Running Python script to check files..." | |
python .github/scripts/check_language_properties.py \ | |
--reference-file src/main/resources/messages_en_GB.properties \ | |
--branch main | |
- name: Set up git config | |
run: | | |
git config --global user.name "github-actions[bot]" | |
git config --global user.email "github-actions[bot]@users.noreply.github.com" | |
- name: Add translation keys | |
run: | | |
git add src/main/resources/messages_*.properties | |
git diff --staged --quiet || echo "CHANGES_DETECTED=true" >> $GITHUB_ENV | |
- name: Create Pull Request | |
id: cpr | |
if: env.CHANGES_DETECTED == 'true' | |
uses: peter-evans/create-pull-request@v7 | |
with: | |
token: ${{ secrets.GITHUB_TOKEN }} | |
commit-message: "Update translation files" | |
committer: GitHub Action <action@github.com> | |
author: GitHub Action <action@github.com> | |
signoff: true | |
branch: update_translation_files | |
title: "Update translation files" | |
add-paths: | | |
src/main/resources/messages_*.properties | |
body: | | |
Auto-generated by [create-pull-request][1] | |
[1]: https://github.com/peter-evans/create-pull-request | |
labels: Translation | |
draft: false | |
delete-branch: true | |
sign-commits: true |