Merge pull request #5 from sedazam/dependabot/npm_and_yarn/code/src/A… #2
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Step 2 # Dependency Alerts | |
| on: | |
| push: | |
| branches: | |
| - main | |
| paths: | |
| - "code/src/AttendeeSite/**" | |
| permissions: | |
| contents: read | |
| actions: write | |
| issues: write | |
| env: | |
| STEP_3_FILE: ".github/steps/3-dependabot-security.md" | |
| PACKAGE_JSON: "code/src/AttendeeSite/package.json" | |
| PACKAGE_LOCK_JSON: "code/src/AttendeeSite/package-lock.json" | |
| jobs: | |
| find_exercise: | |
| name: Find Exercise Issue | |
| uses: skills/exercise-toolkit/.github/workflows/[email protected] | |
| if: | | |
| github.run_number != 1 | |
| check_step_work: | |
| name: Check step work | |
| runs-on: ubuntu-latest | |
| needs: find_exercise | |
| if: | | |
| !github.event.repository.is_template | |
| env: | |
| ISSUE_URL: ${{ needs.find_exercise.outputs.issue-url }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Get response templates | |
| uses: actions/checkout@v4 | |
| with: | |
| repository: skills/exercise-toolkit | |
| path: exercise-toolkit | |
| ref: v0.6.0 | |
| - name: Update comment - checking work | |
| run: | | |
| gh issue comment "$ISSUE_URL" \ | |
| --body-file exercise-toolkit/markdown-templates/step-feedback/checking-work.md \ | |
| --edit-last | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| # START: Check practical exercise | |
| - name: Check package.json and package-lock.json for minimist version other than 1.2.5 | |
| id: check-user-work | |
| run: | | |
| # Checks to perform | |
| checks='{ | |
| "package_json": { | |
| "name": "package.json", | |
| "passed": true, | |
| "message": "" | |
| }, | |
| "package_lock_json": { | |
| "name": "package-lock.json", | |
| "passed": true, | |
| "message": "" | |
| } | |
| }' | |
| # Check for minimist version in package.json | |
| file="$PACKAGE_JSON" | |
| keyphrase="\"minimist\":[\ \\n\\r\\t]*\"\\^(?!1\\.2\\.[0-5])(0|[1-9][0-9]*)\\.(0|[1-9][0-9]*)\\.(0|[1-9][0-9]*)(?:-((?:0|[1-9][0-9]*|[0-9]*[a-zA-Z-][0-9a-zA-Z-]*)(?:\\.(?:0|[1-9][0-9]*|[0-9]*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?\"" | |
| minimum_occurrences=1 | |
| found_occurrences=$(grep -o "$keyphrase" "$file" | wc -l) | |
| if [ "$found_occurrences" -lt "$minimum_occurrences" ]; then | |
| checks=$(echo $checks | jq '.package_json.passed = false') | |
| checks=$(echo $checks | jq '.package_json.message = "Please update package.json to use a valid minimist version."') | |
| fi | |
| # Check for minimist version in package-lock.json | |
| file="$PACKAGE_LOCK_JSON" | |
| keyphrase="minimist-(?!1\\.2\\.[0-5])(0|[1-9][0-9]*)\\.(0|[1-9][0-9]*)\\.(0|[1-9][0-9]*)(?:-((?:0|[1-9][0-9]*|[0-9]*[a-zA-Z-][0-9a-zA-Z-]*)(?:\\.(?:0|[1-9][0-9]*|[0-9]*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?" | |
| minimum_occurrences=1 | |
| found_occurrences=$(grep -o "$keyphrase" "$file" | wc -l) | |
| if [ "$found_occurrences" -lt "$minimum_occurrences" ]; then | |
| checks=$(echo $checks | jq '.package_lock_json.passed = false') | |
| checks=$(echo $checks | jq '.package_lock_json.message = "Please update package-lock.json to use a valid minimist version."') | |
| fi | |
| # Verify all checks passed | |
| passed=$(echo $checks | jq '. | all(.passed?)') | |
| # Flatten to an array for returning. Allows iteration during rendering. | |
| results=$(echo $checks | jq 'to_entries | map({name: .key} + .value)') | |
| # Save pass status to output | |
| echo "passed=$passed" >> $GITHUB_OUTPUT | |
| # Save results to output | |
| echo 'results<<EOF' >> $GITHUB_OUTPUT | |
| echo $results >> $GITHUB_OUTPUT | |
| echo 'EOF' >> $GITHUB_OUTPUT | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| # END: Check practical exercise | |
| - name: Build message - step finished | |
| id: build-message-step-finish | |
| uses: skills/action-text-variables@v3 | |
| with: | |
| template-file: exercise-toolkit/markdown-templates/step-feedback/step-finished-prepare-next-step.md | |
| template-vars: | | |
| next_step_number: "3" | |
| - name: Update comment - step finished | |
| run: | | |
| gh issue comment "$ISSUE_URL" \ | |
| --body "${{ steps.build-message-step-finish.outputs.updated-text }}" \ | |
| --edit-last | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| post_next_step_content: | |
| name: Post next step content | |
| needs: [find_exercise, check_step_work] | |
| runs-on: ubuntu-latest | |
| env: | |
| ISSUE_URL: ${{ needs.find_exercise.outputs.issue-url }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Get response templates | |
| uses: actions/checkout@v4 | |
| with: | |
| repository: skills/exercise-toolkit | |
| path: exercise-toolkit | |
| ref: v0.6.0 | |
| - name: Build comment - add step content | |
| id: build-comment | |
| uses: skills/action-text-variables@v3 | |
| with: | |
| template-file: "${{ env.STEP_3_FILE }}" | |
| template-vars: | | |
| full_repo_name: "${{ github.repository }}" | |
| - name: Create comment - add step content | |
| run: | | |
| gh issue comment "$ISSUE_URL" \ | |
| --body "$ISSUE_BODY" | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| ISSUE_BODY: ${{ steps.build-comment.outputs.updated-text }} | |
| - name: Create comment - watching for progress | |
| run: | | |
| gh issue comment "$ISSUE_URL" \ | |
| --body-file exercise-toolkit/markdown-templates/step-feedback/watching-for-progress.md | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Disable current workflow and enable next one | |
| run: | | |
| gh workflow disable "Step 2" | |
| gh workflow enable "Step 3" | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} |