Repo Hygiene #14
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Repo Hygiene | |
| on: | |
| workflow_dispatch: | |
| schedule: | |
| - cron: "0 7 * * 1" | |
| permissions: | |
| contents: write | |
| jobs: | |
| sync-repo-state: | |
| runs-on: ubuntu-latest | |
| concurrency: | |
| group: canonical-main-sync | |
| cancel-in-progress: false | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| steps: | |
| - uses: actions/checkout@v5 | |
| with: | |
| fetch-depth: 0 | |
| - name: Set up Python | |
| uses: actions/setup-python@v6 | |
| with: | |
| python-version: "3.10" | |
| - name: Install Python dependencies | |
| run: pip install -r tools/requirements.txt | |
| - name: Set up Node | |
| uses: actions/setup-node@v5 | |
| with: | |
| node-version: "lts/*" | |
| cache: "npm" | |
| - name: Install npm dependencies | |
| run: npm ci | |
| - name: Audit npm dependencies | |
| run: npm audit --audit-level=high | |
| - name: Run repo-state sync | |
| run: npm run sync:repo-state | |
| - name: Commit and push if changed | |
| run: | | |
| set -euo pipefail | |
| mapfile -t managed_files < <(node tools/scripts/generated_files.js --include-mixed) | |
| if [ "${#managed_files[@]}" -eq 0 ]; then | |
| echo "No managed files resolved from generated_files contract." | |
| exit 1 | |
| fi | |
| if git diff --quiet && [ -z "$(git ls-files --others --exclude-standard)" ]; then | |
| echo "No repo-state drift detected." | |
| exit 0 | |
| fi | |
| git config user.name "github-actions[bot]" | |
| git config user.email "github-actions[bot]@users.noreply.github.com" | |
| git fetch origin main | |
| git add -- "${managed_files[@]}" || true | |
| if git diff --cached --quiet; then | |
| echo "Repo hygiene produced unmanaged drift only." | |
| git status --short | |
| exit 1 | |
| fi | |
| if [ -n "$(git diff --name-only)" ] || [ -n "$(git ls-files --others --exclude-standard)" ]; then | |
| echo "Repo hygiene produced unmanaged drift alongside canonical changes." | |
| git status --short | |
| exit 1 | |
| fi | |
| git commit -m "chore: scheduled repo hygiene sync [ci skip]" | |
| git pull origin main --rebase | |
| git push origin HEAD |