From d3a56c04b5f24de9b8c3c47d4540e38fdfb5625e Mon Sep 17 00:00:00 2001 From: Sebastian Gode Date: Fri, 26 Sep 2025 07:41:03 +0000 Subject: [PATCH] Enable HCDC --- .gitea/workflows/run-hcdc.yaml | 202 ++++++++++++++++----------------- 1 file changed, 101 insertions(+), 101 deletions(-) diff --git a/.gitea/workflows/run-hcdc.yaml b/.gitea/workflows/run-hcdc.yaml index 937708f4e..3cc4f5328 100644 --- a/.gitea/workflows/run-hcdc.yaml +++ b/.gitea/workflows/run-hcdc.yaml @@ -1,115 +1,115 @@ -# name: Run HCDC +name: Run HCDC -# on: -# pull_request_target: -# types: [opened, reopened, synchronize, edited] +on: + pull_request_target: + types: [opened, reopened, synchronize, edited] -# permissions: -# contents: read -# pull-requests: write +permissions: + contents: read + pull-requests: write -# jobs: -# run-hcdc: -# runs-on: ubuntu-latest +jobs: + run-hcdc: + runs-on: ubuntu-latest -# steps: -# - name: Checkout PR head (same repo) -# if: ${{ gitea.event.pull_request.head.repo.full_name == gitea.repository }} -# uses: https://github.com/actions/checkout@v4 -# with: -# repository: ${{ gitea.repository }} -# ref: ${{ gitea.event.pull_request.head.ref }} -# fetch-depth: 0 -# persist-credentials: false -# token: ${{ gitea.token }} + steps: + - name: Checkout PR head (same repo) + if: ${{ gitea.event.pull_request.head.repo.full_name == gitea.repository }} + uses: https://github.com/actions/checkout@v4 + with: + repository: ${{ gitea.repository }} + ref: ${{ gitea.event.pull_request.head.ref }} + fetch-depth: 0 + persist-credentials: false + token: ${{ gitea.token }} -# - name: Create local branch for PR head (same repo) -# if: ${{ gitea.event.pull_request.head.repo.full_name == gitea.repository }} -# shell: bash -# run: | -# set -euo pipefail -# git checkout -B "${{ gitea.event.pull_request.head.ref }}" --no-track -# git branch --show-current + - name: Create local branch for PR head (same repo) + if: ${{ gitea.event.pull_request.head.repo.full_name == gitea.repository }} + shell: bash + run: | + set -euo pipefail + git checkout -B "${{ gitea.event.pull_request.head.ref }}" --no-track + git branch --show-current -# - name: Checkout PR head (fork via PR ref) -# if: ${{ gitea.event.pull_request.head.repo.full_name != gitea.repository }} -# uses: https://github.com/actions/checkout@v4 -# with: -# repository: ${{ gitea.repository }} -# ref: refs/pull/${{ gitea.event.pull_request.number }}/head -# fetch-depth: 0 -# persist-credentials: false -# token: ${{ gitea.token }} + - name: Checkout PR head (fork via PR ref) + if: ${{ gitea.event.pull_request.head.repo.full_name != gitea.repository }} + uses: https://github.com/actions/checkout@v4 + with: + repository: ${{ gitea.repository }} + ref: refs/pull/${{ gitea.event.pull_request.number }}/head + fetch-depth: 0 + persist-credentials: false + token: ${{ gitea.token }} -# - name: Create local branch for PR head (fork) -# if: ${{ gitea.event.pull_request.head.repo.full_name != gitea.repository }} -# shell: bash -# run: | -# set -euo pipefail -# git checkout -B "${{ gitea.event.pull_request.head.ref }}" --no-track -# git branch --show-current + - name: Create local branch for PR head (fork) + if: ${{ gitea.event.pull_request.head.repo.full_name != gitea.repository }} + shell: bash + run: | + set -euo pipefail + git checkout -B "${{ gitea.event.pull_request.head.ref }}" --no-track + git branch --show-current -# - name: Checkout base -# uses: https://github.com/actions/checkout@v4 -# with: -# repository: ${{ gitea.repository }} -# ref: ${{ gitea.event.pull_request.base.ref }} -# path: base -# fetch-depth: 0 -# persist-credentials: false -# token: ${{ gitea.token }} + - name: Checkout base + uses: https://github.com/actions/checkout@v4 + with: + repository: ${{ gitea.repository }} + ref: ${{ gitea.event.pull_request.base.ref }} + path: base + fetch-depth: 0 + persist-credentials: false + token: ${{ gitea.token }} -# - name: Get OTC token -# id: otc -# uses: https://github.com/opentelekomcloud-infra/github-actions/.github/actions/get-otc-token@v1 -# with: -# os_username: ${{ secrets.OTC_HCDC_USERNAME }} -# os_password: ${{ secrets.OTC_HCDC_PASSWORD }} -# os_domain_name: ${{ secrets.OTC_HCDC_DOMAIN_NAME }} -# os_project_id: ${{ secrets.OTC_HCDC_PROJECT_ID }} + - name: Get OTC token + id: otc + uses: https://github.com/opentelekomcloud-infra/github-actions/.github/actions/get-otc-token@v1 + with: + os_username: ${{ secrets.OTC_HCDC_USERNAME }} + os_password: ${{ secrets.OTC_HCDC_PASSWORD }} + os_domain_name: ${{ secrets.OTC_HCDC_DOMAIN_NAME }} + os_project_id: ${{ secrets.OTC_HCDC_PROJECT_ID }} -# - name: Run HCDC -# id: hcdc -# uses: https://github.com/opentelekomcloud-infra/github-actions/.github/actions/run-hcdc@v1 -# with: -# auth_token: ${{ steps.otc.outputs.auth_token }} -# pr_branch: ${{ gitea.event.pull_request.head.ref }} -# base_branch: ${{ gitea.event.pull_request.base.ref }} -# python-version: "3.12" + - name: Run HCDC + id: hcdc + uses: https://github.com/opentelekomcloud-infra/github-actions/.github/actions/run-hcdc@v1 + with: + auth_token: ${{ steps.otc.outputs.auth_token }} + pr_branch: ${{ gitea.event.pull_request.head.ref }} + base_branch: ${{ gitea.event.pull_request.base.ref }} + python-version: "3.12" -# - name: Comment in case there's an error -# if: ${{ failure() && steps.hcdc.outcome == 'failure' }} -# env: -# GITEA_URL: ${{ gitea.server_url }} -# REPO: ${{ gitea.repository }} -# PR_NUMBER: ${{ gitea.event.pull_request.number }} -# TOKEN: ${{ gitea.token }} -# run: | -# set -euo pipefail + - name: Comment in case there's an error + if: ${{ failure() && steps.hcdc.outcome == 'failure' }} + env: + GITEA_URL: ${{ gitea.server_url }} + REPO: ${{ gitea.repository }} + PR_NUMBER: ${{ gitea.event.pull_request.number }} + TOKEN: ${{ gitea.token }} + run: | + set -euo pipefail -# MSG="HCDC check detected possible illegal characters. Please check logs and review the affected images/text." + MSG="HCDC check detected possible illegal characters. Please check logs and review the affected images/text." -# if [ -f hcdc.json ]; then -# BODY="$(jq -r --arg msg "$MSG" ' -# def list_paths(obj): -# (obj.files // []) -# | map(select((.detected // false) == true) | .file) -# | unique; -# def section(title; arr): -# title + ":\n" + (if (arr|length)>0 then (arr | map("- " + .) | join("\n")) else "- (none)" end); -# $msg + "\n\n" -# + section("Images"; (try list_paths(.images) catch [])) -# + "\n\n" -# + section("Text"; (try list_paths(.text) catch [])) -# | {body: .} -# | @json -# ' hcdc.json)" -# else -# BODY="$(jq -n --arg msg "$MSG" '{body: $msg}')" -# fi + if [ -f hcdc.json ]; then + BODY="$(jq -r --arg msg "$MSG" ' + def list_paths(obj): + (obj.files // []) + | map(select((.detected // false) == true) | .file) + | unique; + def section(title; arr): + title + ":\n" + (if (arr|length)>0 then (arr | map("- " + .) | join("\n")) else "- (none)" end); + $msg + "\n\n" + + section("Images"; (try list_paths(.images) catch [])) + + "\n\n" + + section("Text"; (try list_paths(.text) catch [])) + | {body: .} + | @json + ' hcdc.json)" + else + BODY="$(jq -n --arg msg "$MSG" '{body: $msg}')" + fi -# curl -sS --fail-with-body -X POST \ -# -H "Authorization: token ${TOKEN}" \ -# -H "Content-Type: application/json" \ -# "${GITEA_URL}/api/v1/repos/${REPO}/issues/${PR_NUMBER}/comments" \ -# -d "${BODY}" + curl -sS --fail-with-body -X POST \ + -H "Authorization: token ${TOKEN}" \ + -H "Content-Type: application/json" \ + "${GITEA_URL}/api/v1/repos/${REPO}/issues/${PR_NUMBER}/comments" \ + -d "${BODY}"