Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ci: Updating workflows/actions to be compatible to and updating to the step-security maintained version. #2963

Closed
wants to merge 39 commits into from
Closed

ci: Updating workflows/actions to be compatible to and updating to the step-security maintained version. #2963

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
39 commits
Select commit Hold shift + click to select a range
26304fa
Updating workflows/actions to be compatible to and updating to the st…
san-est Sep 11, 2024
e1a77d7
Adding github Token to the action.
san-est Sep 11, 2024
e436908
Adding permissions for checks to: write
san-est Sep 11, 2024
3d169d1
Applying suggestions from code review.
san-est Sep 13, 2024
e37dcef
chore: Move unneeded dependencies to `devDependencies` (#3036)
victor-yanev Sep 30, 2024
4cdf8ae
feat: Added configuration option for allocating HBar for a test run. …
ebadiere Sep 30, 2024
4377a60
build: Bump versions for v0.58.0-SNAPSHOT (#3046)
swirlds-automation Sep 30, 2024
da10062
build(deps): bump rollup from 2.79.1 to 2.79.2 in /dapp-example (#3037)
dependabot[bot] Oct 1, 2024
7e22094
feat: add `eth_call`, `eth_getLogs` and `eth_estimateGas` coverage to…
natanasow Oct 2, 2024
f4a39e3
feat: makes ip address of request available in application layer (#2939)
konstantinabl Oct 3, 2024
f1794d8
chore: Optimize imports (#3056)
victor-yanev Oct 3, 2024
b7ab272
feat: enabled configurable server host for the Relay server (#3073)
quiet-node Oct 7, 2024
4a69be9
refactor: configurations of `HbarLimitService` (#3014)
victor-yanev Oct 7, 2024
43e3ddf
fix: Skip issue matching check for thirdparty build dependency librar…
ebadiere Oct 8, 2024
229ee75
fix: SDKClient timeouts are not getting logged with requestIds. (#3061)
ebadiere Oct 8, 2024
9f86d43
build(deps): bump body-parser and express in /tools/truffle-example (…
dependabot[bot] Oct 8, 2024
0ba2162
fix: pr check ignore issues check external projects (#3077)
ebadiere Oct 8, 2024
670e5fa
build(deps): [Snyk] Upgrade @hashgraph/sdk from 2.50.0 to 2.51.0 (#3069)
swirlds-automation Oct 9, 2024
dbe5fc5
feat: change units of the value in eth gettransactionbyhash result (#…
nadezhdapopovaa Oct 9, 2024
f707acc
build(dep): [Snyk] Upgrade @graphprotocol/graph-cli from 0.81.0 to 0.…
swirlds-automation Oct 9, 2024
59dbdd5
build(deps): bump cookie and express in /tools/truffle-example (#3078)
dependabot[bot] Oct 9, 2024
ae4563d
feat: Brownie example and description (#3070)
arianejasuwienas Oct 9, 2024
1c65943
feat: Add release testing workflow for public networks (#3060)
beeradb Oct 9, 2024
ec19625
fix: delete unnecessary script signTransaction (#3087)
nadezhdapopovaa Oct 10, 2024
73200c1
build: (deps) [Snyk] Upgrade web3 from 4.12.1 to 4.13.0 (#3085)
swirlds-automation Oct 10, 2024
6bc6010
feat: Wagmi example usage with Hedera (#3000)
arianejasuwienas Oct 10, 2024
2e2fc07
test: add helper method for overriding env variables (#3022)
victor-yanev Oct 11, 2024
1f776e6
feat: implement configuration to pre-populate the cache with spending…
victor-yanev Oct 11, 2024
9b3319a
feat: eth_call revert error message is too long, and should not be a …
natanasow Oct 11, 2024
1c8579b
fix: bugged metrics and wrong env vars (#3090)
victor-yanev Oct 11, 2024
afc3349
feat: add maxAttempts parameter to the acceptance test workflow (#3089)
beeradb Oct 11, 2024
7796aca
fix: included only transfer amounts that are charged to the operator …
quiet-node Oct 15, 2024
4d88bcf
Updating workflows/actions to be compatible to and updating to the st…
san-est Sep 11, 2024
7e4eaf2
Adding github Token to the action.
san-est Sep 11, 2024
bbae986
Adding permissions for checks to: write
san-est Sep 11, 2024
e790fee
Applying suggestions from code review.
san-est Sep 13, 2024
e866bfd
ci: Updating without merge conflicts.
san-est Oct 16, 2024
4c77dd9
Merge remote-tracking branch 'refs/remotes/origin/2943-determine-upgr…
san-est Oct 16, 2024
bb0895e
ci: Fixing changes and merge conflicts.
san-est Oct 16, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
272 changes: 237 additions & 35 deletions .github/scripts/check-pr.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,73 +5,275 @@ const { GITHUB_REPOSITORY, GITHUB_PR_NUMBER } = process.env;

const [owner, repo] = GITHUB_REPOSITORY.split('/');

async function getPRDetails() {
const url = `https://api.github.com/repos/${owner}/${repo}/pulls/${GITHUB_PR_NUMBER}`;
const response = await axios.get(url, {
headers: {
Authorization: `token ${githubToken}`
async function getPRDetails(prNumber) {
const url = `https://api.github.com/repos/${owner}/${repo}/pulls/${prNumber}`;
try {
const response = await axios.get(url, {
headers: {
Authorization: `token ${githubToken}`,
},
});
return response.data;
} catch (error) {
if (error.response && error.response.status === 404) {
console.log(`PR #${prNumber} not found in repository ${owner}/${repo}, skipping...`);
return null;
} else {
throw error;
}
});
return response.data;
}
}

async function getIssueDetails(issueNumber) {
async function getIssueDetails(issueOwner, issueRepo, issueNumber) {
try {
const url = `https://api.github.com/repos/${owner}/${repo}/issues/${issueNumber}`;
const url = `https://api.github.com/repos/${issueOwner}/${issueRepo}/issues/${issueNumber}`;
const response = await axios.get(url, {
headers: {
Authorization: `token ${githubToken}`
}
Authorization: `token ${githubToken}`,
},
});
return response.data;
} catch (error) {
if (error.response && error.response.status === 404) {
console.log(`Issue #${issueNumber} not found, skipping...`);
console.log(`Issue #${issueNumber} not found in repository ${issueOwner}/${issueRepo}, skipping...`);
return null;
} else {
throw error;
}
}
}

async function run() {
try {
const pr = await getPRDetails();
const { labels: prLabels, milestone: prMilestone, body: prBody } = pr;
async function getContributors() {
const url = `https://api.github.com/repos/${owner}/${repo}/contributors`;
const response = await axios.get(url, {
headers: {
Authorization: `token ${githubToken}`,
},
});
return response.data;
}

function stripHTMLTags(text) {
return text.replace(/<\/?[^>]+(>|$)/g, '');
}

function removeCodeBlocks(text) {
// Remove fenced code blocks (triple backticks or tildes)
text = text.replace(/```[\s\S]*?```/g, '');
text = text.replace(/~~~[\s\S]*?~~~/g, '');
// Remove inline code (single backticks)
text = text.replace(/`[^`]*`/g, '');
return text;
}

function extractPRReferences(text) {
// Regex to match PR references with any number of digits
const prRegex =
/(?:^|\s)(?:Fixes|Closes|Resolves|See|PR|Pull Request)?\s*(?:https?:\/\/github\.com\/([\w.-]+)\/([\w.-]+)\/pull\/(\d+)|([\w.-]+)\/([\w.-]+)#(\d+)|#(\d+))(?!\w)/gm;
const matches = [];
let match;
while ((match = prRegex.exec(text)) !== null) {
const refOwner = match[1] || match[4] || owner;
const refRepo = match[2] || match[5] || repo;
const prNumber = match[3] || match[6] || match[7];
matches.push({
owner: refOwner,
repo: refRepo,
prNumber,
});
}
return matches;
}

function extractIssueReferences(text) {
// Regex to match issue references with any number of digits
// Supports 'Fixes #123', 'owner/repo#123', 'https://github.com/owner/repo/issues/123'
const issueRegex =
/(?:^|\s)(?:Fixes|Closes|Resolves|See|Issue)?\s*(?:(?:https?:\/\/github\.com\/([\w.-]+)\/([\w.-]+)\/issues\/(\d+))|([\w.-]+)\/([\w.-]+)#(\d+)|#(\d+))(?!\w)/gm;
const issues = [];
let match;
while ((match = issueRegex.exec(text)) !== null) {
const issueOwner = match[1] || match[4] || owner;
const issueRepo = match[2] || match[5] || repo;
const issueNumber = match[3] || match[6] || match[7];
issues.push({
owner: issueOwner,
repo: issueRepo,
issueNumber,
});
}
return issues;
}

function cleanText(text) {
let cleanText = text;
cleanText = stripHTMLTags(cleanText);
cleanText = removeCodeBlocks(cleanText);
return cleanText;
}

async function checkPRLabelsAndMilestone(pr) {
const { labels: prLabels, milestone: prMilestone } = pr;

if (!prLabels || prLabels.length === 0) {
throw new Error('The PR has no labels.');
}
if (!prMilestone) {
throw new Error('The PR has no milestone.');
}
}

if (prLabels.length === 0) {
throw new Error('The PR has no labels.');
function isDependabotOrSnykPR(pr) {
return ((pr.user.login === 'dependabot[bot]') || (pr.user.login === 'swirlds-automation'));
}

async function processIssueReferencesInText(text) {
const issueReferences = extractIssueReferences(text);

let hasValidIssueReference = false;

if (issueReferences.length > 0) {
for (const issueRef of issueReferences) {
// Only process issues from the same repository
if (issueRef.owner === owner && issueRef.repo === repo) {
hasValidIssueReference = true;
const issue = await getIssueDetails(issueRef.owner, issueRef.repo, issueRef.issueNumber);
if (issue) {
const { labels: issueLabels, milestone: issueMilestone } = issue;

if (!issueLabels || issueLabels.length === 0) {
throw new Error(`Associated issue #${issueRef.issueNumber} has no labels.`);
}
if (!issueMilestone) {
throw new Error(`Associated issue #${issueRef.issueNumber} has no milestone.`);
}
}
} else {
console.log(
`Issue #${issueRef.issueNumber} is from a different repository (${issueRef.owner}/${issueRef.repo}), skipping...`
);
}
}
if (!prMilestone) {
throw new Error('The PR has no milestone.');

if (!hasValidIssueReference) {
throw new Error('The PR description must reference at least one issue from the current repository.');
} else {
console.log('All associated issues have labels and milestones.');
}
} else {
throw new Error('The PR description must reference at least one issue from the current repository.');
}
}

const issueNumberMatches = prBody.match(/#(\d+)/g);
async function processPRReferencesInText(text, contributors) {
const prReferences = extractPRReferences(text);

if (!issueNumberMatches) {
console.log('No associated issues found in PR description.');
} else {
for (const match of issueNumberMatches) {
const issueNumber = match.replace('#', '');
const issue = await getIssueDetails(issueNumber);
if(issue) {
const {labels: issueLabels, milestone: issueMilestone} = issue;

if (issueLabels.length === 0) {
throw new Error(`Associated issue #${issueNumber} has no labels.`);
if (prReferences.length === 0) {
console.log('No associated PRs found in PR description.');
} else {
for (const prRef of prReferences) {
// Only process PRs from the same repository
if (prRef.owner === owner && prRef.repo === repo) {
await processReferencedPR(prRef, contributors);
} else {
console.log(
`PR #${prRef.prNumber} is from a different repository (${prRef.owner}/${prRef.repo}), skipping...`
);
// Skip processing issue references from external PRs
}
}
}
}

async function processReferencedPR(prRef, contributors) {
// Attempt to fetch the PR to validate its existence
const referencedPR = await getPRDetails(prRef.prNumber);
if (!referencedPR) {
console.log(`PR #${prRef.prNumber} does not exist, skipping...`);
return; // Skip if PR not found
}

const authorLogin = referencedPR.user.login;

const isContributor = contributors.some((contributor) => contributor.login === authorLogin);

if (!isContributor) {
console.log(
`PR author ${authorLogin} is not a contributor, skipping issue matching for PR #${prRef.prNumber}.`
);
return;
}

// Clean the referenced PR body
const refPrBody = cleanText(referencedPR.body);

// Extract issue references from the referenced PR description
const refIssueReferences = extractIssueReferences(refPrBody);

if (refIssueReferences.length === 0) {
console.log(`No associated issues found in PR #${prRef.prNumber} description.`);
} else {
for (const issueRef of refIssueReferences) {
// Only process issues from the same repository
if (issueRef.owner === owner && issueRef.repo === repo) {
const issue = await getIssueDetails(
issueRef.owner,
issueRef.repo,
issueRef.issueNumber
);
if (issue) {
const { labels: issueLabels, milestone: issueMilestone } = issue;

if (!issueLabels || issueLabels.length === 0) {
throw new Error(
`Associated issue #${issueRef.issueNumber} has no labels.`
);
}
if (!issueMilestone) {
throw new Error(`Associated issue #${issueNumber} has no milestone.`);
throw new Error(
`Associated issue #${issueRef.issueNumber} has no milestone.`
);
}
}
} else {
console.log(
`Issue #${issueRef.issueNumber} is from a different repository (${issueRef.owner}/${issueRef.repo}), skipping...`
);
}
}
console.log(
`PR #${prRef.prNumber} and all associated issues have labels and milestones.`
);
}
}

async function run() {
try {
const pr = await getPRDetails(GITHUB_PR_NUMBER);
if (!pr) {
throw new Error(`PR #${GITHUB_PR_NUMBER} not found.`);
}

await checkPRLabelsAndMilestone(pr);

if (isDependabotOrSnykPR(pr)) {
console.log('Dependabot or snyk PR detected. Skipping issue reference requirement.');
return;
} else {
const cleanBody = cleanText(pr.body);
await processIssueReferencesInText(cleanBody);
}

const contributors = await getContributors();

const cleanBody = cleanText(pr.body);
await processPRReferencesInText(cleanBody, contributors);

console.log('PR and all associated issues have labels and milestones.');
console.log('All checks completed.');
} catch (error) {
console.error(error.message);
process.exit(1);
}
}

run();
run();
Loading
Loading