Add HCDC workflow

Reviewed-by: Tino Schreiber <tino.schreiber@t-systems.com> Co-authored-by: Sebastian Gode <sebastian.gode@telekom.de> Co-committed-by: Sebastian Gode <sebastian.gode@telekom.de>
2025-09-25 12:35:26 +00:00
parent f65b8dc631
commit ec95a67a29
1 changed files with 83 additions and 0 deletions
--- a/.gitea/workflows/run-hcdc.yaml
+++ b/.gitea/workflows/run-hcdc.yaml
@ -0,0 +1,83 @@
+name: Run HCDC
+
+on:
+  pull_request:
+    types: [opened, reopened, synchronize, edited]
+
+jobs:
+  run-hcdc:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout PR head
+        uses: https://github.com/actions/checkout@v4
+        with:
+          repository: ${{ gitea.event.pull_request.head.repo.full_name }}
+          ref: ${{ gitea.event.pull_request.head.ref }}
+          fetch-depth: 0
+          token: ${{ gitea.token }}
+
+      - name: Checkout base
+        uses: https://github.com/actions/checkout@v4
+        with:
+          repository: ${{ gitea.repository }}
+          ref: ${{ gitea.event.pull_request.base.ref }}
+          path: base
+          fetch-depth: 0
+          token: ${{ gitea.token }}
+
+
+      - name: Get OTC token
+        id: otc
+        uses: https://github.com/opentelekomcloud-infra/github-actions/.github/actions/get-otc-token@v1
+        with:
+            os_username: ${{ secrets.OTC_HCDC_USERNAME }}
+            os_password: ${{ secrets.OTC_HCDC_PASSWORD }}
+            os_domain_name: ${{ secrets.OTC_HCDC_DOMAIN_NAME }}
+            os_project_id: ${{ secrets.OTC_HCDC_PROJECT_ID }}
+
+      - name: Run HCDC
+        id: hcdc
+        uses: https://github.com/opentelekomcloud-infra/github-actions/.github/actions/run-hcdc@v1
+        with:
+          auth_token: ${{ steps.otc.outputs.auth_token }}
+          pr_branch: ${{ gitea.event.pull_request.head.ref }}
+          base_branch: ${{ gitea.event.pull_request.base.ref }}
+          python-version: "3.12"
+    
+      - name: Comment in case there's an error
+        if: failure()
+        env:
+          GITEA_URL: ${{ gitea.server_url }}
+          REPO: ${{ gitea.repository }}
+          PR_NUMBER: ${{ gitea.event.pull_request.number }}
+          TOKEN: ${{ gitea.token }}
+        run: |
+          set -euo pipefail
+
+          MSG="HCDC check detected possible illegal characters. Please check logs and review the affected images/text."
+
+          if [ -f hcdc.json ]; then
+            BODY="$(jq -r --arg msg "$MSG" '
+              def list_paths(obj):
+                (obj.files // []) 
+                | map(select((.detected // false) == true) | .file) 
+                | unique;
+              def section(title; arr):
+                title + ":\n" + (if (arr|length)>0 then (arr | map("- " + .) | join("\n")) else "- (none)" end);
+              $msg + "\n\n"
+              + section("Images"; (try list_paths(.images) catch []))
+              + "\n\n"
+              + section("Text";   (try list_paths(.text)   catch []))
+              | {body: .}
+              | @json
+            ' hcdc.json)"
+          else
+            BODY="$(jq -n --arg msg "$MSG" '{body: $msg}')"
+          fi
+
+          curl -sS --fail-with-body -X POST \
+            -H "Authorization: token ${TOKEN}" \
+            -H "Content-Type: application/json" \
+            "${GITEA_URL}/api/v1/repos/${REPO}/issues/${PR_NUMBER}/comments" \
+            -d "${BODY}"