chore(deps): bump anchore/sbom-action from 0.17.9 to 0.18.0 in the ci group #535
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Pull Request | |
on: | |
pull_request_target: | |
# make sure that when the PR changes, we also update | |
types: | |
- opened | |
- edited | |
- synchronize | |
- reopened | |
permissions: | |
pull-requests: write | |
issues: write | |
jobs: | |
conventional-commit-labeler: | |
name: Label PR based on Conventional Commit Specification | |
permissions: | |
contents: read | |
pull-requests: write | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/github-script@v7 | |
env: | |
TYPE_TO_LABEL: | | |
{ | |
"feat":"kind/feature", | |
"fix":"kind/bugfix", | |
"chore":"kind/chore", | |
"docs":"area/documentation", | |
"test":"area/testing", | |
"perf":"area/performance" | |
} | |
SCOPE_TO_LABEL: | | |
{ | |
"deps":"kind/dependency" | |
} | |
BREAKING_CHANGE_LABEL: "!BREAKING-CHANGE!" | |
with: | |
script: | | |
console.log("Verify that the PR title follows the Conventional Commit format"); | |
// Parse mappings from environment variables | |
const typeToLabel = JSON.parse(process.env.TYPE_TO_LABEL); | |
const scopeToLabel = JSON.parse(process.env.SCOPE_TO_LABEL); | |
console.log("Type-to-Label Mapping:", typeToLabel); | |
console.log("Scope-to-Label Mapping:", scopeToLabel); | |
// Dynamically generate allowed types | |
const allowedTypes = Object.keys(typeToLabel).join('|'); | |
console.log(`Allowed Types: ${allowedTypes}`); | |
const prTitle = context.payload.pull_request.title; | |
console.log(`PR Title: ${prTitle}`); | |
// We know this regex looks scary, but it's just to match the Conventional Commit format | |
// It parses out a Title into several named regex groups, which we can use to extract various semantic patterns: | |
// - type: The type of change (feat, fix, etc.) | |
// - scope: The scope of the change (optional and set in brackets) | |
// - breaking: A flag to indicate a breaking change (!) | |
// - subject: The subject of the change | |
// Example: feat(scope)!: add new feature | |
// ^^^^ ^^^^^ ^ ^^^^^^^^^^^^^^^ | |
// type scope subject | |
const regex = new RegExp( | |
`^(((Initial commit)|(Merge [^\\r\\n]+(\\s)[^\\r\\n]+((\\s)((\\s)[^\\r\\n]+)+)*(\\s)?)|^((?<type>${allowedTypes})(\\((?<scope>[\\w\\-]+)\\))?(?<breaking>!?): (?<subject>[^\\r\\n]+((\\s)((\\s)[^\\r\\n]+)+)*))(\\s)?)$)` | |
); | |
console.log(`Regex: ${regex}`); | |
const match = prTitle.match(regex); | |
console.log(`Match: ${match != null}`); | |
if (match && match.groups) { | |
const { type, scope, breaking } = match.groups; | |
// Initialize labels array | |
const labels = []; | |
if (breaking) { | |
console.log("Adding breaking change label"); | |
labels.push(process.env.BREAKING_CHANGE_LABEL); | |
} | |
// Add type-based label | |
if (type && typeToLabel[type]) { | |
labels.push(typeToLabel[type]); | |
} else { | |
console.log(`No label found for type: ${type}`); | |
} | |
// Add scope-based label if scope exists | |
if (scope && scopeToLabel[scope]) { | |
labels.push(scopeToLabel[scope]); | |
} else if (scope) { | |
console.log(`No label found for scope: ${scope}`); | |
} | |
if (labels.length > 0) { | |
console.log(`Adding labels: ${labels}`); | |
await github.rest.issues.addLabels({ | |
owner: context.repo.owner, | |
repo: context.repo.repo, | |
issue_number: context.payload.pull_request.number, | |
labels: labels, | |
}); | |
} else { | |
console.log("No labels to add."); | |
} | |
} else { | |
console.log("Invalid PR title format. Make sure you named the PR after the specification at https://www.conventionalcommits.org/en/v1.0.0/#specification. Exiting..."); | |
process.exit(1); | |
} | |
labeler: | |
name: Label PR based on Config | |
permissions: | |
contents: read | |
pull-requests: write | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
sparse-checkout: | | |
.github/config/labeler.yml | |
- uses: actions/labeler@v5 | |
with: | |
configuration-path: .github/config/labeler.yml | |
size-labeler: | |
runs-on: ubuntu-latest | |
name: Label PR based on size | |
permissions: | |
issues: write | |
pull-requests: write | |
steps: | |
- uses: codelytv/pr-size-labeler@v1 | |
with: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
xs_label: 'size/xs' | |
xs_max_size: '10' | |
s_label: 'size/s' | |
s_max_size: '100' | |
m_label: 'size/m' | |
m_max_size: '500' | |
l_label: 'size/l' | |
l_max_size: '10000' | |
xl_label: 'size/xl' | |
fail_if_xl: 'true' | |
message_if_xl: > | |
This PR exceeds the recommended size of 10000 lines. | |
Please make sure you are NOT addressing multiple issues with one PR. | |
Note this PR might be rejected due to its size. | |
# github_api_url: 'api.github.com' | |
# files_to_ignore: '' | |
verify-labels: | |
needs: [labeler, size-labeler, conventional-commit-labeler] | |
name: verify labels | |
runs-on: ubuntu-latest | |
steps: | |
- name: PRs should have at least one qualifying label | |
uses: docker://agilepathway/pull-request-label-checker:latest | |
with: | |
any_of: kind/chore,kind/bugfix,kind/feature,kind/dependency,kind/refactor | |
repo_token: ${{ secrets.GITHUB_TOKEN }} |