Update file_extensions_suspicious.txt #35
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Ensure lists are sorted | |
| on: | |
| push: | |
| pull_request_target: | |
| branches: [ "**" ] | |
| workflow_dispatch: {} | |
| issue_comment: | |
| types: [ created ] | |
| merge_group: {} | |
| concurrency: | |
| # For pull_request_target workflows we want to use head_ref -- the branch triggering the workflow. Otherwise, | |
| # use ref, which is the branch for a push event or workflow trigger. And for an issue comment just give up grouping. | |
| group: ${{ github.event_name == 'pull_request_target' && github.head_ref || (github.event_name == 'issue_comment' && github.run_id || github.ref) }} | |
| cancel-in-progress: ${{ github.event_name == 'pull_request_target' }} | |
| jobs: | |
| tests: | |
| name: Ensure Sorted Order | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: write | |
| issues: read | |
| pull-requests: read | |
| checks: write | |
| if: github.event_name != 'issue_comment' | |
| steps: | |
| - name: Get PR branch | |
| if: github.event_name == 'issue_comment' | |
| uses: alessbell/pull-request-comment-branch@v1.1 # Fork of xt0rted/pull-request-comment-branch, see https://github.com/xt0rted/pull-request-comment-branch/issues/322 | |
| id: comment_branch | |
| - name: Get Refs | |
| id: get_head_ref | |
| run: | | |
| # Accurate for push events, merge queues, and workflow dispatch. | |
| head_ref="${{ github.ref }}" | |
| repo="${{ github.repository }}" | |
| if [[ "${{ github.event_name }}" == 'pull_request_target' ]]; then | |
| head_ref="${{ github.head_ref }}" | |
| repo="${{ github.event.pull_request.head.repo.full_name }}" | |
| elif [[ "${{ github.event_name }}" == 'issue_comment' ]]; then | |
| # Rely on comment_branch to figure out the head and base | |
| head_ref="${{ steps.comment_branch.outputs.head_ref }}" | |
| repo="${{ steps.comment_branch.outputs.head_owner }}/${{ steps.comment_branch.outputs.head_repo }}" | |
| fi | |
| echo "##[set-output name=head_ref;]$head_ref" | |
| echo "##[set-output name=repo;]$repo" | |
| - name: Checkout | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| with: | |
| repository: ${{ steps.get_head_ref.outputs.repo }} | |
| ref: ${{ steps.get_head_ref.outputs.head_ref }} | |
| fetch-depth: 0 | |
| - name: Validate Branch vs. Trigerring SHA | |
| run: | | |
| # If this is from a pull request validate that what we checked out is the same as the PR head. | |
| # If not we'll just fail -- the workflow will be cancelled momentarily. | |
| if [[ "${{ github.event_name }}" == 'pull_request_target' ]]; then | |
| if [[ "${{ github.event.pull_request.head.sha }}" != "$(git rev-parse HEAD)" ]]; then | |
| echo "Workflow is out of date with branch, cancelling" | |
| exit 1 | |
| fi | |
| fi | |
| - name: Get Refs | |
| id: get_base_ref | |
| run: | | |
| run_all="" | |
| base_ref="" | |
| if [[ "${{ github.event_name }}" == 'pull_request_target' ]]; then | |
| # Detect changes based on whatever we're merging into. | |
| base_ref="${{ github.base_ref }}" | |
| elif [[ "${{ github.event_name }}" == 'push' || "${{ github.event_name }}" == 'merge_group' ]]; then | |
| # Detect changes based on the previous commit | |
| base_ref="$(git rev-parse HEAD^)" | |
| elif [[ "${{ github.event_name }}" == 'workflow_dispatch' ]]; then | |
| # Run on a target | |
| run_all="true" | |
| elif [[ "${{ github.event_name }}" == 'issue_comment' ]]; then | |
| # Rely on comment_branch to figure out base | |
| base_ref="${{ steps.comment_branch.outputs.base_ref }}" | |
| fi | |
| echo "##[set-output name=run_all;]$run_all" | |
| echo "##[set-output name=base_ref;]$base_ref" | |
| - uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 | |
| with: | |
| python-version: '3.10' | |
| - name: Sort file content order | |
| if: github.event_name != 'issue_comment' | |
| run: | | |
| python ./scripts/sorter.py | |
| - name: Commit & Push Results, if needed | |
| if: github.event_name != 'issue_comment' | |
| id: final_basic_validation | |
| run: | | |
| if [ -z "$(git status --porcelain)" ]; then | |
| echo "No files changed, nothing to do" | |
| exit 0 | |
| fi | |
| git config user.name 'Sorted Order Validation' | |
| git config user.email 'hello@sublimesecurity.com' | |
| git add '*.txt' | |
| git commit -m "Auto sorting static files" | |
| # This will only work when running for a pull_request_target, but rather than filter we'll let this expose | |
| # any issues. | |
| git push origin ${{ steps.get_head_ref.outputs.head_ref }} |