# Modelled after https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ # These "checks" are also performed as part of our critical-path azure-pipelines review, # however here they are better able to post back to the original PR name: PR Suggestions on: pull_request: jobs: build: runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 with: # fetch-depth 50 tries to ensure we capture the whole history of the branch fetch-depth: 50 - uses: actions/cache@v2 id: cache with: path: | ./vcpkg key: ${{ runner.os }}-${{ hashFiles('scripts/bootstrap*') }} - name: bootstrap if: steps.cache.outputs.cache-hit != 'true' run: ./bootstrap-vcpkg.sh - name: Save PR number run: | mkdir -p ./pr echo ${{ github.event.number }} > ./pr/NR - name: Formatting run: | git config user.email github-actions git config user.name github-actions@github.com git diff --name-status --merge-base HEAD^ HEAD --diff-filter=MAR -- '*portfile.cmake' | sed 's/[MAR]\t*//' | while read filename; do grep -q -E '(vcpkg_install_cmake|vcpkg_build_cmake|vcpkg_configure_cmake|vcpkg_fixup_cmake_targets)' "$filename" && echo " - \`$filename\`" || true; done > .github-pr.deprecated-cmake git diff --name-status --merge-base HEAD^ HEAD --diff-filter=MAR -- '*vcpkg.json' | sed 's/[MAR]\t*//' | while read filename; do grep -q -E '"license": ' "$filename" || echo " - \`$filename\`" || true; done > .github-pr.missing-license ./vcpkg format-manifest --all --convert-control git diff > .github-pr.format-manifest git add -u git commit -m "tmp" --allow-empty # HEAD^^ refers to the "main" commit that was merged into git checkout HEAD^^ -- versions git restore --staged versions ./vcpkg x-add-version --all --skip-formatting-check | grep 'instead of "version-string"' | tee .github-pr.version-string.out || true git checkout -- versions ./vcpkg x-add-version --all --skip-formatting-check --skip-version-format-check | tee .github-pr.x-add-version.out || true git diff > .github-pr.x-add-version.diff git reset HEAD~ --mixed - uses: actions/github-script@v6 with: script: | const { promises: fs } = require('fs') const add_version = (await fs.readFile('.github-pr.x-add-version.diff', 'utf8')).trim() const add_version_out = (await fs.readFile('.github-pr.x-add-version.out', 'utf8')).trim() const version_string_out = (await fs.readFile('.github-pr.version-string.out', 'utf8')).trim() const format = (await fs.readFile('.github-pr.format-manifest', 'utf8')).trim() const cmake = (await fs.readFile('.github-pr.deprecated-cmake', 'utf8')).trim() const missing_license = (await fs.readFile('.github-pr.missing-license', 'utf8')).trim() let approve = true; var output = '' if (format !== "") { output += "
All manifest files must be formatted\n\n" output += "`./vcpkg format-manifest ports/*/vcpkg.json`\n" output += "
Diff\n\n" output += "```diff\n" + format + "\n```\n" output += "
\n\n" approve = false; } if (add_version_out !== "") { output += "
PRs must add only one version and must not modify any published versions\n\n" output += "When making any changes to a library, the version or port-version in `vcpkg.json` or `CONTROL` must be modified.\n" output += "```\n" + add_version_out + "\n```\n
\n\n" approve = false; } if (version_string_out !== "") { output += version_string_out + "\n\n" } if (add_version !== "") { output += "
After committing all other changes, the version database must be updated\n\n" output += "```sh\n" output += "git add -u && git commit\n" output += "git checkout ${{ github.event.pull_request.base.sha }} -- versions\n" output += "./vcpkg x-add-version --all\n" output += "```\n" output += "
Diff\n\n" output += "```diff\n" + add_version + "\n```\n" output += "
\n\n" approve = false; } if (cmake !== "") { output += "You have modified or added at least one portfile where deprecated functions are used.\n" output += "
\n\n" output += "If you feel able to do so, please consider migrating them to the new functions:\n" output += " `vcpkg_install_cmake` -> `vcpkg_cmake_install` (from port `vcpkg-cmake`)\n" output += " `vcpkg_build_cmake` -> `vcpkg_cmake_build` (from port `vcpkg-cmake`)\n" output += " `vcpkg_configure_cmake` -> `vcpkg_cmake_configure` (Please remove the option `PREFER_NINJA`) (from port `vcpkg-cmake`)\n" output += " `vcpkg_fixup_cmake_targets` -> `vcpkg_cmake_config_fixup` (from port `vcpkg-cmake-config`)\n" output += "\n" output += "In the ports that use the new function, you have to add the corresponding dependencies:\n" output += "```json\n" output += '{\n "name": "vcpkg-cmake",\n "host": true\n},\n' output += '{\n "name": "vcpkg-cmake-config",\n "host": true\n}\n' output += "```\n" output += `The following files are affected:\n${cmake}\n` output += "
\n\n" } if (missing_license !== "") { output += 'You have modified or added at least one vcpkg.json where a "license" field is missing.\n' output += "
\n\n" output += 'If you feel able to do so, please consider adding a "license" field to the following files:\n' output += missing_license output += "\n\nValid values for the license field can be found in the [documentation](https://github.com/microsoft/vcpkg/blob/master/docs/maintainers/manifest-files.md#license)\n" output += "
\n\n" } if (approve) { await fs.writeFile("pr/event", "APPROVE") } else { output = "_This is a new experimental fast check for PR issues. Please let us know if this bot is helpful!_\n\n" + output await fs.writeFile("pr/event", "REQUEST_CHANGES") } await fs.writeFile("pr/body", output) console.log(output); - uses: actions/upload-artifact@v3 with: name: pr path: pr/