New App: DBF - DB Infoscreen #448
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Orchestrator New App Intake | |
| on: | |
| pull_request: | |
| branches: | |
| - master | |
| paths: | |
| - "**/config.yaml" | |
| - "**/config.json" | |
| push: | |
| branches: | |
| - master | |
| paths: | |
| - "**/config.yaml" | |
| - "**/config.json" | |
| env: | |
| FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: true | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} | |
| cancel-in-progress: ${{ github.event_name == 'pull_request' }} | |
| permissions: | |
| contents: write | |
| pull-requests: write | |
| jobs: | |
| intake: | |
| name: 🆕 New App Intake | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: write | |
| pull-requests: write | |
| steps: | |
| - name: ⤵️ Check out code | |
| uses: actions/checkout@v6 | |
| - name: 🔍 Detect New Apps | |
| id: new-Apps | |
| run: | | |
| # Use python script | |
| OUTPUT="$(python3 .scripts/intake.py)" | |
| echo "$OUTPUT" | |
| # Check if new Apps found (string representation of list in last line) | |
| if [[ "$OUTPUT" == *"Detected new App"* ]]; then | |
| echo "found=true" >> "$GITHUB_OUTPUT" | |
| # Extract list logic simplified: just pass to next steps implicitly via re-running or file? | |
| # For now, let's rely on detection script being idempotent. | |
| else | |
| echo "found=false" >> "$GITHUB_OUTPUT" | |
| fi | |
| - name: ✅ Compliance Check & Comment | |
| if: steps.new-Apps.outputs.found == 'true' && github.event_name == 'pull_request' | |
| id: compliance | |
| run: | | |
| # Run compliance on detected new Apps | |
| NEW_AppS="$(python3 .scripts/intake.py --list)" | |
| if [ -n "$NEW_AppS" ]; then | |
| # Iterate over new Apps and run compliance | |
| # shellcheck disable=SC2046 | |
| for App in $NEW_AppS; do | |
| echo "Checking $App..." | |
| python3 .scripts/check_compliance.py "$App" >> compliance.log 2>&1 || true | |
| done | |
| fi | |
| { | |
| echo "CONTENT<<EOF" | |
| cat compliance.log | |
| echo "EOF" | |
| } >> "$GITHUB_ENV" | |
| if grep -q "❌" compliance.log; then | |
| echo "status=failure" >> "$GITHUB_OUTPUT" | |
| else | |
| echo "status=success" >> "$GITHUB_OUTPUT" | |
| fi | |
| - name: 💬 Post Comment | |
| if: steps.new-Apps.outputs.found == 'true' && github.event_name == 'pull_request' | |
| uses: actions/github-script@v8 | |
| with: | |
| script: | | |
| const output = process.env.CONTENT; | |
| const signature = "<!-- App-intake-report -->"; | |
| const { data: comments } = await github.rest.issues.listComments({ | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| issue_number: context.issue.number, | |
| }); | |
| const previousComments = comments.filter(c => c.user.type === 'Bot' && (c.body.includes(signature) || c.body.includes("### 🛡️ App Compliance Check"))); | |
| for (const comment of previousComments) { | |
| try { | |
| await github.graphql(` | |
| mutation($subjectId: ID!) { | |
| minimizeComment(input: {subjectId: $subjectId, classifier: OUTDATED}) { | |
| minimizedComment { isMinimized } | |
| } | |
| } | |
| `, { subjectId: comment.node_id }); | |
| } catch (error) { | |
| console.error(`Failed to minimize comment ${comment.id}:`, error); | |
| } | |
| } | |
| await github.rest.issues.createComment({ | |
| issue_number: context.issue.number, | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| body: `${signature}\n## 🛡️ App Compliance Check\n\nThe following new Apps were detected and checked for compliance:\n\n<details open>\n<summary>🔍 <strong>Compliance Report</strong></summary>\n\n\`\`\`\n${output}\n\`\`\`\n\n</details>` | |
| }) | |
| - name: 🛑 Fail if Non-Compliant | |
| if: steps.compliance.outputs.status == 'failure' | |
| run: exit 1 | |
| - name: 📝 Auto-Remediate (Add to README & Templates) | |
| if: steps.new-Apps.outputs.found == 'true' && github.event_name == 'push' && github.ref == 'refs/heads/master' | |
| run: | | |
| python3 .scripts/intake.py --fix | |
| python3 .scripts/sync_templates.py | |
| - name: 🔄 Pull latest changes (Handle non-fast-forward) | |
| if: steps.new-Apps.outputs.found == 'true' && github.event_name == 'push' | |
| run: | | |
| git config --global user.name "github-actions[bot]" | |
| git config --global user.email "41898282+github-actions[bot]@users.noreply.github.com" | |
| git pull --rebase --autostash origin master | |
| - name: 💾 Commit Changes | |
| if: steps.new-Apps.outputs.found == 'true' && github.event_name == 'push' | |
| uses: stefanzweifel/git-auto-commit-action@v7 | |
| with: | |
| commit_message: "chore: register new App [skip ci]" |