fossradar/.github/workflows/validate.yml at 3827764aa471a8d5e0e94a248c742ee8cd8dcd2f · wbfoss/fossradar · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
name: Validate Projects

on:
  pull_request:
    paths:
      - "data/projects/**"
      - "data/tags.toml"
      - "data/licenses-osi.json"
      - "lib/**"
      - "scripts/validate.ts"
  push:
    branches:
      - main
    paths:
      - "data/projects/**"

jobs:
  validate:
    runs-on: ubuntu-latest

    steps:
      - name: Checkout code
        uses: actions/checkout@v4
        with:
          fetch-depth: 0

      - name: Setup pnpm
        uses: pnpm/action-setup@v4
        with:
          version: 10

      - name: Setup Node.js
        uses: actions/setup-node@v4
        with:
          node-version: "22"
          cache: "pnpm"

      - name: Install dependencies
        run: pnpm install --frozen-lockfile

      - name: Run validation
        id: validate
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        run: |
          pnpm run validate 2>&1 | tee validation-output.txt
          echo "validation_output<<EOF" >> $GITHUB_OUTPUT
          cat validation-output.txt >> $GITHUB_OUTPUT
          echo "EOF" >> $GITHUB_OUTPUT
        continue-on-error: true

      - name: Build search index
        run: pnpm run build:index

      - name: Comment on PR with validation results
        if: github.event_name == 'pull_request'
        uses: actions/github-script@v7
        with:
          script: |
            const output = `${{ steps.validate.outputs.validation_output }}`;
            const outcome = '${{ steps.validate.outcome }}';

            let body;
            if (outcome === 'failure') {
              body = `## ❌ TOML Validation Failed\n\n\`\`\`\n${output}\n\`\`\`\n\n### Common Issues:\n\n- **Invalid tags**: Ensure all tags are from the allowlist in \`data/tags.toml\`\n- **Invalid license**: Use an OSI-approved SPDX identifier\n- **Missing mandatory fields**: All fields (website, logo, primary_lang, tags, looking_for_contributors, location_city, location_indian_state) are required\n- **Logo file not found**: Place your logo in \`public/logos/\`\n- **Repository not accessible**: Ensure the repository URL is correct and public\n\nPlease fix the issues and push your changes.`;
            } else {
              body = `## ✅ TOML Validation Passed\n\nAll project files are valid! The changes will be reviewed by maintainers.`;
            }

            github.rest.issues.createComment({
              issue_number: context.issue.number,
              owner: context.repo.owner,
              repo: context.repo.repo,
              body: body
            });

      - name: Fail if validation failed
        if: steps.validate.outcome == 'failure'
        run: exit 1

      - name: Verify PR author affiliation
        if: github.event_name == 'pull_request'
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        run: |
          # Get changed TOML files
          CHANGED_FILES=$(git diff --name-only origin/${{ github.base_ref }}...HEAD | grep "^data/projects/.*\.toml$" || true)

          if [ -n "$CHANGED_FILES" ]; then
            echo "Changed project files:"
            echo "$CHANGED_FILES"

            PR_AUTHOR="${{ github.event.pull_request.user.login }}"
            echo "PR Author: $PR_AUTHOR"

            for file in $CHANGED_FILES; do
              SLUG=$(basename "$file" .toml)
              echo "Verifying affiliation for: $SLUG"
              tsx scripts/verify-pr-author.ts "$PR_AUTHOR" "$SLUG" || echo "⚠️  Not affiliated - project will be unverified"
            done
          else
            echo "No project files changed"
          fi

      - name: Commit verification updates
        if: github.event_name == 'pull_request'
        run: |
          git config --local user.email "github-actions[bot]@users.noreply.github.com"
          git config --local user.name "github-actions[bot]"
          git add data/projects/*.toml
          git diff --staged --quiet || git commit -m "chore: update verification status" || true

      - name: Check formatting
        run: npx prettier --check "data/**/*.toml"
        continue-on-error: true

  lint:
    runs-on: ubuntu-latest

    steps:
      - name: Checkout code
        uses: actions/checkout@v4

      - name: Setup pnpm
        uses: pnpm/action-setup@v4
        with:
          version: 10

      - name: Setup Node.js
        uses: actions/setup-node@v4
        with:
          node-version: "22"
          cache: "pnpm"

      - name: Install dependencies
        run: pnpm install --frozen-lockfile

      - name: Run ESLint
        run: pnpm run lint
        continue-on-error: true