From 02d26adcc984ad767b2ea65c6960dbf70f52741b Mon Sep 17 00:00:00 2001 From: Andrea Brancaleoni Date: Fri, 19 Jan 2024 11:47:30 +0100 Subject: [PATCH] github yml: reformat --- .../add-maintainer-custom-property.yml | 80 ++++++++-------- .github/workflows/dependabot-auto-dismiss.yml | 50 +++++----- .github/workflows/dependabot-nudge.yml | 94 +++++++++---------- .github/workflows/mirror.yml | 24 ++--- .github/workflows/older-than-2y.yml | 32 +++---- 5 files changed, 138 insertions(+), 142 deletions(-) diff --git a/.github/workflows/add-maintainer-custom-property.yml b/.github/workflows/add-maintainer-custom-property.yml index 1a0c99c1..3de48731 100644 --- a/.github/workflows/add-maintainer-custom-property.yml +++ b/.github/workflows/add-maintainer-custom-property.yml @@ -2,45 +2,45 @@ # to all repositories in this organization name: Add Maintainer as Custom Property to Repositories on: - schedule: - - cron: '0 0 1 * *' - workflow_dispatch: + schedule: + - cron: "0 0 1 * *" + workflow_dispatch: jobs: - run: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - - uses: actions/setup-node@b39b52d1213e96004bfcb1c61a8a6fa8ab84f3e8 # v4.0.1 - with: - node-version: '20.x' - - id: npm - run: cd ${{ github.workspace }}; npm ci - shell: bash - - name: run - id: run - uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 - env: - IGNORE_MAINTAINERS: brave-builds,brave-browser-releases,brave-support-admin - DEBUG: false - with: - github-token: ${{ secrets.CUSTOM_PROPERTY_MANAGER_GITHUB_TOKEN }} - script: | - console.log('${{ github.workspace }}/src/addMaintainerCustomProperty.js'); - const { default: addMaintainerCustomProperty } = await import('${{ github.workspace }}/src/addMaintainerCustomProperty.js'); - return await addMaintainerCustomProperty({ - org: process.env.GITHUB_REPOSITORY_OWNER, - github: github, - ignoreMaintainers: process.env.IGNORE_MAINTAINERS, - debug: process.env.DEBUG - }); - - - uses: actions-ecosystem/action-slack-notifier@fc778468d09c43a6f4d1b8cccaca59766656996a # v1.1.0 - if: ${{ fromJson(steps.run.outputs.result) != '' }} - with: - slack_token: ${{ secrets.HOTSPOTS_SLACK_TOKEN }} - message: | - [add-maintainer-custom-property] ${{ fromJson(steps.run.outputs.result) }} - channel: secops-hotspots - color: yellow - verbose: false \ No newline at end of file + run: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/setup-node@b39b52d1213e96004bfcb1c61a8a6fa8ab84f3e8 # v4.0.1 + with: + node-version: "20.x" + - id: npm + run: cd ${{ github.workspace }}; npm ci + shell: bash + - name: run + id: run + uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 + env: + IGNORE_MAINTAINERS: brave-builds,brave-browser-releases,brave-support-admin + DEBUG: false + with: + github-token: ${{ secrets.CUSTOM_PROPERTY_MANAGER_GITHUB_TOKEN }} + script: | + console.log('${{ github.workspace }}/src/addMaintainerCustomProperty.js'); + const { default: addMaintainerCustomProperty } = await import('${{ github.workspace }}/src/addMaintainerCustomProperty.js'); + return await addMaintainerCustomProperty({ + org: process.env.GITHUB_REPOSITORY_OWNER, + github: github, + ignoreMaintainers: process.env.IGNORE_MAINTAINERS, + debug: process.env.DEBUG + }); + + - uses: actions-ecosystem/action-slack-notifier@fc778468d09c43a6f4d1b8cccaca59766656996a # v1.1.0 + if: ${{ fromJson(steps.run.outputs.result) != '' }} + with: + slack_token: ${{ secrets.HOTSPOTS_SLACK_TOKEN }} + message: | + [add-maintainer-custom-property] ${{ fromJson(steps.run.outputs.result) }} + channel: secops-hotspots + color: yellow + verbose: false diff --git a/.github/workflows/dependabot-auto-dismiss.yml b/.github/workflows/dependabot-auto-dismiss.yml index babe0d01..e545b4f2 100644 --- a/.github/workflows/dependabot-auto-dismiss.yml +++ b/.github/workflows/dependabot-auto-dismiss.yml @@ -7,29 +7,27 @@ on: workflow_dispatch: jobs: - run: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - - uses: actions/setup-node@b39b52d1213e96004bfcb1c61a8a6fa8ab84f3e8 # v4.0.1 - with: - node-version: '20.x' - - id: npm - run: cd ${{ github.workspace }}; npm ci - shell: bash - - uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 - env: - SLACK_TOKEN: ${{ secrets.HOTSPOTS_SLACK_TOKEN }} - SLACK_CHANNEL: '#secops-hotspots' - DEBUG: false - with: - github-token: ${{ secrets.DEPENDABOT_AUTO_DISMISS_GITHUB_TOKEN }} - script: | - const debug = process.env.DEBUG === 'true'; - const { default: sendSlackMessage } = await import('${{ github.workspace }}/src/sendSlackMessage.js'); - const { default: dependabotDismiss } = await import('${{ github.workspace }}/src/dependabotDismiss.js'); - const message = await dependabotDismiss({debug, org: process.env.GITHUB_REPOSITORY_OWNER, github: github, dependabotDismissConfig: '${{ github.workspace }}/.github/dependabot-dismiss.txt'}); - if (message.length > 0) - await sendSlackMessage({debug, username: 'dependabot-auto-dismiss', message: message, channel: process.env.SLACK_CHANNEL, token: process.env.SLACK_TOKEN}); - - + run: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/setup-node@b39b52d1213e96004bfcb1c61a8a6fa8ab84f3e8 # v4.0.1 + with: + node-version: "20.x" + - id: npm + run: cd ${{ github.workspace }}; npm ci + shell: bash + - uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 + env: + SLACK_TOKEN: ${{ secrets.HOTSPOTS_SLACK_TOKEN }} + SLACK_CHANNEL: "#secops-hotspots" + DEBUG: false + with: + github-token: ${{ secrets.DEPENDABOT_AUTO_DISMISS_GITHUB_TOKEN }} + script: | + const debug = process.env.DEBUG === 'true'; + const { default: sendSlackMessage } = await import('${{ github.workspace }}/src/sendSlackMessage.js'); + const { default: dependabotDismiss } = await import('${{ github.workspace }}/src/dependabotDismiss.js'); + const message = await dependabotDismiss({debug, org: process.env.GITHUB_REPOSITORY_OWNER, github: github, dependabotDismissConfig: '${{ github.workspace }}/.github/dependabot-dismiss.txt'}); + if (message.length > 0) + await sendSlackMessage({debug, username: 'dependabot-auto-dismiss', message: message, channel: process.env.SLACK_CHANNEL, token: process.env.SLACK_TOKEN}); diff --git a/.github/workflows/dependabot-nudge.yml b/.github/workflows/dependabot-nudge.yml index 485c7808..1b2d9d63 100644 --- a/.github/workflows/dependabot-nudge.yml +++ b/.github/workflows/dependabot-nudge.yml @@ -7,55 +7,53 @@ on: workflow_dispatch: jobs: - run: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - - uses: actions/setup-node@b39b52d1213e96004bfcb1c61a8a6fa8ab84f3e8 # v4.0.1 - with: - node-version: '20.x' - - id: npm - run: cd ${{ github.workspace }}; npm ci - shell: bash - - uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 - env: - SLACK_TOKEN: ${{ secrets.HOTSPOTS_SLACK_TOKEN }} - SLACK_CHANNEL: '#secops-hotspots' - GH_TO_SLACK_USER_MAP: ${{ secrets.GH_TO_SLACK_USER_MAP }} - DEBUG: false - with: - github-token: ${{ secrets.DEPENDABOT_NUDGE_GITHUB_TOKEN }} - script: | - const debug = process.env.DEBUG === 'true'; - const { default: sendSlackMessage } = await import('${{ github.workspace }}/src/sendSlackMessage.js'); - const { default: dependabotNudge } = await import('${{ github.workspace }}/src/dependabotNudge.js'); - - let githubToSlack = {}; - try { - githubToSlack = JSON.parse(process.env.GH_TO_SLACK_USER_MAP); - } catch (e) { - if (debug) console.log('GH_TO_SLACK_USER_MAP is not valid JSON'); - } + run: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/setup-node@b39b52d1213e96004bfcb1c61a8a6fa8ab84f3e8 # v4.0.1 + with: + node-version: "20.x" + - id: npm + run: cd ${{ github.workspace }}; npm ci + shell: bash + - uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 + env: + SLACK_TOKEN: ${{ secrets.HOTSPOTS_SLACK_TOKEN }} + SLACK_CHANNEL: "#secops-hotspots" + GH_TO_SLACK_USER_MAP: ${{ secrets.GH_TO_SLACK_USER_MAP }} + DEBUG: false + with: + github-token: ${{ secrets.DEPENDABOT_NUDGE_GITHUB_TOKEN }} + script: | + const debug = process.env.DEBUG === 'true'; + const { default: sendSlackMessage } = await import('${{ github.workspace }}/src/sendSlackMessage.js'); + const { default: dependabotNudge } = await import('${{ github.workspace }}/src/dependabotNudge.js'); - // set minlevel to 'medium' if it's the first Monday of the month, otherwise stick to high or critical issues - let minlevel = 'medium'; - const today = new Date(); - const firstMonday = new Date(today.getFullYear(), today.getMonth(), 1 + (1 - today.getDay()) % 7); - if (today.getMonth() !== firstMonday.getMonth() || today.getDate() !== firstMonday.getDate()) { - if (debug) - console.log('Not the first Monday of the month!'); - minlevel = 'high'; - } + let githubToSlack = {}; + try { + githubToSlack = JSON.parse(process.env.GH_TO_SLACK_USER_MAP); + } catch (e) { + if (debug) console.log('GH_TO_SLACK_USER_MAP is not valid JSON'); + } - const messages = await dependabotNudge({debug, org: process.env.GITHUB_REPOSITORY_OWNER, github: github, minlevel: minlevel, githubToSlack: githubToSlack}); - - for (const message of messages) { - try { - await sendSlackMessage({debug, username: 'dependabot', message: message, channel: process.env.SLACK_CHANNEL, token: process.env.SLACK_TOKEN}); - } catch (error) { - if (debug) - console.log(error); - } - } + // set minlevel to 'medium' if it's the first Monday of the month, otherwise stick to high or critical issues + let minlevel = 'medium'; + const today = new Date(); + const firstMonday = new Date(today.getFullYear(), today.getMonth(), 1 + (1 - today.getDay()) % 7); + if (today.getMonth() !== firstMonday.getMonth() || today.getDate() !== firstMonday.getDate()) { + if (debug) + console.log('Not the first Monday of the month!'); + minlevel = 'high'; + } + const messages = await dependabotNudge({debug, org: process.env.GITHUB_REPOSITORY_OWNER, github: github, minlevel: minlevel, githubToSlack: githubToSlack}); + for (const message of messages) { + try { + await sendSlackMessage({debug, username: 'dependabot', message: message, channel: process.env.SLACK_CHANNEL, token: process.env.SLACK_TOKEN}); + } catch (error) { + if (debug) + console.log(error); + } + } diff --git a/.github/workflows/mirror.yml b/.github/workflows/mirror.yml index 54054536..5587b5aa 100644 --- a/.github/workflows/mirror.yml +++ b/.github/workflows/mirror.yml @@ -2,21 +2,21 @@ name: Mirror Repo on: schedule: # nightly (0th hour 0th minute of every day) - - cron: '0 0 * * *' + - cron: "0 0 * * *" workflow_dispatch: jobs: build: runs-on: ubuntu-latest steps: - - name: Mirror - shell: bash - run: | - if [[ "$GITHUB_REPOSITORY_OWNER" != "brave" ]]; then - git clone "https://github.com/brave/${GITHUB_REPOSITORY#$GITHUB_REPOSITORY_OWNER/}" - cd ${GITHUB_REPOSITORY#$GITHUB_REPOSITORY_OWNER/} - git remote add github "https://$GITHUB_ACTOR:$GITHUB_TOKEN@github.com/$GITHUB_REPOSITORY.git" - git push -fu github main - fi - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + - name: Mirror + shell: bash + run: | + if [[ "$GITHUB_REPOSITORY_OWNER" != "brave" ]]; then + git clone "https://github.com/brave/${GITHUB_REPOSITORY#$GITHUB_REPOSITORY_OWNER/}" + cd ${GITHUB_REPOSITORY#$GITHUB_REPOSITORY_OWNER/} + git remote add github "https://$GITHUB_ACTOR:$GITHUB_TOKEN@github.com/$GITHUB_REPOSITORY.git" + git push -fu github main + fi + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/older-than-2y.yml b/.github/workflows/older-than-2y.yml index 77b836e0..7a3079a9 100644 --- a/.github/workflows/older-than-2y.yml +++ b/.github/workflows/older-than-2y.yml @@ -2,21 +2,21 @@ name: Older Than 2 Years Informer on: schedule: # Every month, first day of the month - - cron: '0 0 1 * *' + - cron: "0 0 1 * *" workflow_dispatch: - + jobs: build: runs-on: ubuntu-latest steps: - - name: Older Than 2 Years Informer - id: older-than-2y - uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 - with: + - name: Older Than 2 Years Informer + id: older-than-2y + uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 + with: github-token: ${{ secrets.GH_PAT }} script: | const org = process.env.GITHUB_REPOSITORY_OWNER; - + function formatInMessage(r) { var pushedAt = new Date(r.pushed_at); return `- ${r.private ? 'šŸ˜Ž ' : ''} ${r.full_name} ${r.html_url}\tšŸŒŸ ${r.stargazers_count}šŸ“${r.forks} - Last pushed ${pushedAt.getFullYear()}/${pushedAt.getMonth()}/${pushedAt.getDay()+1}\n` @@ -53,12 +53,12 @@ jobs: core.setSecret(message); return message; - - uses: actions-ecosystem/action-slack-notifier@fc778468d09c43a6f4d1b8cccaca59766656996a # v1.1.0 - if: ${{ fromJson(steps.older-than-2y.outputs.result) != '' }} - with: - slack_token: ${{ secrets.HOTSPOTS_SLACK_TOKEN }} - message: | - [older-than-2y] ${{ fromJson(steps.older-than-2y.outputs.result) }} - channel: secops-hotspots - color: blue - verbose: false \ No newline at end of file + - uses: actions-ecosystem/action-slack-notifier@fc778468d09c43a6f4d1b8cccaca59766656996a # v1.1.0 + if: ${{ fromJson(steps.older-than-2y.outputs.result) != '' }} + with: + slack_token: ${{ secrets.HOTSPOTS_SLACK_TOKEN }} + message: | + [older-than-2y] ${{ fromJson(steps.older-than-2y.outputs.result) }} + channel: secops-hotspots + color: blue + verbose: false