Skip to content

[Submit add-on]: Agenda 2023.08.10 #619

[Submit add-on]: Agenda 2023.08.10

[Submit add-on]: Agenda 2023.08.10 #619

Workflow file for this run

name: Send json file
on:
issues:
types:
- labeled
jobs:
check-addon:
outputs:
pullRequestNumber: ${{ steps.cpr.outputs.pull-request-number }}
headRef: ${{ steps.cpr.outputs.pull-request-head-sha }}
issueNumber: ${{ steps.get-data.outputs.issueNumber }}
permissions:
contents: write
issues: write
pull-requests: write
name: Check add-on
if: github.event.label.name == 'autoSubmissionFromIssue'
runs-on: windows-latest
steps:
- name: Checkout datastore repo
uses: actions/checkout@v3
with:
ref: master
path: datastore
- name: Get data
id: get-data
uses: actions/github-script@v6
with:
script: |
const setOutputFromIssue = require('./datastore/.github/workflows/getData.js')
setOutputFromIssue({context, core})
- name: Checkout validate repo
uses: actions/checkout@v3
with:
repository: nvaccess/addon-datastore-validation
submodules: true
path: validation
- name: Set up Python 3.11
uses: actions/setup-python@v4
with:
python-version: 3.11
- name: Create validation errors file
run: echo "" > validationErrors.md
- name: Download add-on
env:
# transfer user input to env variables
# https://blog.gitguardian.com/github-actions-security-cheat-sheet/
url: ${{ steps.get-data.outputs.downloadUrl }}
# wrap all user input in quotations to prevent RCE e.g. www.example.com/&rm -rf
run: curl --location --output addon.nvda-addon "$env:url"
- name: Create JSON submission from issue
env:
# transfer user input to env variables to escape any code
# https://blog.gitguardian.com/github-actions-security-cheat-sheet/
channel: ${{ steps.get-data.outputs.releaseChannel }}
publisher: ${{ steps.get-data.outputs.publisher }}
sourceUrl: ${{ steps.get-data.outputs.sourceUrl }}
url: ${{ steps.get-data.outputs.downloadUrl }}
licName: ${{ steps.get-data.outputs.licenseName }}
licUrl: ${{ steps.get-data.outputs.licenseURL }}
# wrap all user input in quotations to prevent RCE e.g. www.example.com/&rm -rf
run: |
validation/runcreatejson `
-f addon.nvda-addon `
--dir datastore\addons `
--output .\validationErrors.md `
--channel="""$env:channel""" `
--publisher="""$env:publisher""" `
--sourceUrl="""$env:sourceUrl""" `
--url="""$env:url""" `
--licName="""$env:licName""" `
--licUrl="""$env:licUrl"""
- name: Post validation errors as comment
if: failure()
uses: peter-evans/create-or-update-comment@v2
with:
issue-number: ${{ github.event.issue.number }}
body-file: ./validationErrors.md
- name: Create Pull Request
id: cpr
uses: peter-evans/create-pull-request@v4
with:
path: datastore
title: ${{ steps.get-data.outputs.issueTitle }}
branch: ${{ github.event.sender.login }}${{ steps.get-data.outputs.issueNumber }}
commit-message: ${{ steps.get-data.outputs.issueTitle }}
body: "Closes #${{ steps.get-data.outputs.issueNumber }}"
author: github-actions <[email protected]>
call-workflow-passing-data:
needs: check-addon
uses: ./.github/workflows/checkAndSubmitAddonMetadata.yml
with:
issueNumber: ${{ needs.check-addon.outputs.issueNumber }}
issueAuthorId: ${{ github.event.issue.user.id }}
issueAuthorName: ${{ github.event.issue.user.login }}
pullRequestNumber: ${{ needs.check-addon.outputs.pullRequestNumber }}
headRef: ${{ needs.check-addon.outputs.headRef }}