Process Repository Chunk #737
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Process Repository Chunk | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| org: | |
| required: true | |
| description: 'Organization name' | |
| repos: | |
| required: true | |
| description: 'JSON array of repository names' | |
| jobs: | |
| process-chunk: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: write | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| repository: ${{ fromJson(github.event.inputs.repos) }} | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@v2 | |
| with: | |
| disable-sudo: true | |
| egress-policy: audit | |
| allowed-endpoints: > | |
| github.com:443 | |
| raw.githubusercontent.com:443 | |
| nodejs.org:443 | |
| iojs.org:443 | |
| registry.npmjs.org:443 | |
| actions-results-receiver-production.githubapp.com:443 | |
| - uses: actions/checkout@v4 | |
| with: | |
| repository: ${{ matrix.repository }} | |
| - name: does es-abstract exist? | |
| id: check_dependency | |
| run: | | |
| OUTPUT=$(cat package.json | jq '.dependencies["es-abstract"]') | |
| if [ "$OUTPUT" == "null" ] || [ -z "$OUTPUT" ]; then | |
| echo "KEEP=false" >> $GITHUB_OUTPUT | |
| else | |
| echo "KEEP=true" >> $GITHUB_OUTPUT | |
| fi | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: repos-with-es-abstract | |
| - if: ${{ steps.check_dependency.outputs.KEEP != 'true' }} | |
| name: 'delete ${{ matrix.repository }}' | |
| run: rm -rf ${{ matrix.repository }} | |
| - if: ${{ steps.check_dependency.outputs.KEEP == 'true' }} | |
| name: 'add ${{ matrix.repository }}' | |
| run: mkdir -p "$(dirname "${{ matrix.repository }}")" && touch "${{ matrix.repository }}" | |
| continue-on-error: true # in case it already exists | |
| - name: commit and push with retries | |
| run: | | |
| git config user.name "${{ github.actor }}" | |
| git config user.email "${{ github.actor_id }}+${{ github.actor }}@users.noreply.github.com" | |
| git add . | |
| git commit -am "${{ steps.check_dependency.outputs.KEEP == 'true' && '+' || '-' }} ${{ matrix.repository }}" || exit 0 | |
| RETRIES=5 | |
| until [ $RETRIES -le 0 ]; do | |
| git pull --rebase | |
| git push && break | |
| RETRIES=$((RETRIES-1)) | |
| sleep 5 | |
| done |