-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
ba0c76c
commit 9ff5454
Showing
4 changed files
with
176 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,79 @@ | ||
|
||
IAM_DATA=$(cat <<EOF | ||
{ | ||
"auth": { | ||
"identity": { | ||
"methods": [ | ||
"password" | ||
], | ||
"password": { | ||
"user": { | ||
"domain": { | ||
"name": "freesky-edward" | ||
}, | ||
"name": "codearts_test", | ||
"password": "$3" | ||
} | ||
} | ||
}, | ||
"scope": { | ||
"project": { | ||
"name": "cn-north-4" | ||
} | ||
} | ||
} | ||
} | ||
EOF | ||
) | ||
|
||
response=$(curl -s -i --location 'https://iam.myhuaweicloud.com/v3/auth/tokens?nocatalog=true' \ | ||
--header 'Content-Type: application/json' \ | ||
--data "$IAM_DATA") | ||
|
||
# Extract the X-Subject-Token from the response | ||
token=$(echo "$response" | grep "X-Subject-Token" | awk '{print $2}' | tr -d '\r') | ||
|
||
echo "X-Subject-Token: $token" | ||
|
||
|
||
DATA=$(cat <<EOF | ||
{ | ||
"sources" : [ { | ||
"type" : "code", | ||
"params" : { | ||
"git_type" : "github", | ||
"default_branch" : "main", | ||
"git_url" : "$6", | ||
"endpoint_id" : "$5", | ||
"build_params" : { | ||
"build_type" : "branch", | ||
"event_type" : "Manual", | ||
"target_branch" : "$1" | ||
} | ||
} | ||
} ], | ||
"description" : "运行描述", | ||
"variables" : [ { | ||
"name" : "repo", | ||
"value" : "$8" | ||
} , | ||
{ | ||
"name" : "owner", | ||
"value" : "$7" | ||
} | ||
, | ||
{ | ||
"name" : "pr_id", | ||
"value" : "$2" | ||
} | ||
] | ||
} | ||
EOF | ||
) | ||
|
||
CODEARTS_PIPELINE="$4" | ||
|
||
curl --location "$CODEARTS_PIPELINE" \ | ||
--header "X-Auth-Token:$token" \ | ||
--header "Content-Type: application/json" \ | ||
--data "$DATA" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,40 @@ | ||
name: Check PR Label Owner | ||
|
||
on: | ||
pull_request: | ||
types: | ||
- labeled # 当 PR 被添加标签时触发 | ||
jobs: | ||
verify-label-owner: | ||
runs-on: ubuntu-latest | ||
|
||
steps: | ||
- name: Check if the label was added by the bot | ||
env: | ||
LABEL_NAME: "gate_check_pass" # 替换为需要检查的标签名称 | ||
GITHUB_TOKEN: ${{ secrets.OWNER_TOKEN }} | ||
TARGET_LABEL: "gate_check_pass" # 替换为需要检查的标签名称 | ||
AUTHORIZED_USER: "shishupei" # 替换为允许添加标签的 bot 用户名 | ||
run: | | ||
LABEL_NAME=${{ github.event.label.name }} | ||
LABEL_USER=${{ github.event.sender.login }} | ||
# 检查是否有相关事件 | ||
if [[ "$LABEL_NAME" != "$TARGET_LABEL" ]]; then | ||
echo "No labeled event found for the label '$TARGET_LABEL'. Exiting." | ||
exit 0 | ||
fi | ||
# 检查最近的标签操作者是否为授权用户 | ||
if [[ "$LABEL_USER" != "$AUTHORIZED_USER" ]]; then | ||
echo "Label '$LABEL_NAME' was added by '$LABEL_USER', not '$AUTHORIZED_USER'. Removing it." | ||
# 删除标签 | ||
curl -X DELETE \ | ||
-H "Authorization: token ${{ secrets.OWNER_TOKEN }}" \ | ||
-H "Accept: application/vnd.github.v3+json" \ | ||
https://api.github.com/repos/${{ github.repository }}/issues/${{ github.event.pull_request.number }}/labels/$TARGET_LABEL | ||
else | ||
echo "Label '$TARGET_LABEL' was added by the authorized user '$AUTHORIZED_USER'. No action needed." | ||
fi |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,38 @@ | ||
name: Gate Check | ||
|
||
on: | ||
pull_request: | ||
types: [opened, synchronize, reopened] # 在PR打开、同步、重新打开时触发 | ||
|
||
jobs: | ||
codearts-check: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: Check and Remove Label | ||
run: | | ||
# 定义需要移除的标签 | ||
TARGET_LABEL="gate_check_pass" | ||
# 调用 GitHub API 删除标签 | ||
curl -X DELETE \ | ||
-H "Authorization: token ${{ secrets.OWNER_TOKEN }}" \ | ||
-H "Accept: application/vnd.github.v3+json" \ | ||
https://api.github.com/repos/${{ github.repository }}/issues/${{ github.event.pull_request.number }}/labels/$TARGET_LABEL | ||
- name: Checkout repository | ||
uses: actions/checkout@v2 | ||
|
||
- name: Make script executable | ||
run: chmod +x ./.github/script/codearts_check.sh | ||
|
||
- name: Post a comment to the PR | ||
run: | | ||
curl -X POST \ | ||
-H "Authorization: token ${{ secrets.OWNER_TOKEN }}" \ | ||
-H "Accept: application/vnd.github.v3+json" \ | ||
https://api.github.com/repos/${{ github.repository }}/issues/${{ github.event.pull_request.number }}/comments \ | ||
-d '{"body": "开始门禁检查,等门禁检查通过后可以合入"}' | ||
- name: RUN CodeArts Pipeline | ||
env: | ||
GIT_URL: ${{ github.server_url }}/${{ github.repository }}.git | ||
run: ./.github/script/codearts_check.sh $GITHUB_HEAD_REF ${{ github.event.pull_request.number }} ${{ secrets.CODEARTS_PASSWORD }} ${{ secrets.CODEARTS_PIPELINE }} ${{ secrets.CODEARTS_ENDPOINT_ID }} $GIT_URL ${GITHUB_REPOSITORY%/*} ${GITHUB_REPOSITORY##*/} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
name: PR Label Check | ||
|
||
on: | ||
pull_request: | ||
types: [labeled,unlabeled, opened, reopened, edited] | ||
|
||
jobs: | ||
check-label: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: Check PR Labels | ||
uses: actions/github-script@v6 | ||
with: | ||
script: | | ||
const requiredLabel = 'gate_check_pass'; // 替换为你的标签名称 | ||
const labels = context.payload.pull_request.labels.map(label => label.name); | ||
if (!labels.includes(requiredLabel)) { | ||
throw new Error(`PR 必须包含标签: ${requiredLabel}`); | ||
} |