Merge branch 'master' into pfa

asyncapi · Apr 2, 2024 · 1c9bf53 · 1c9bf53
2 parents c73b030 + f9776ed
commit 1c9bf53
Show file tree

Hide file tree

Showing 6 changed files with 106 additions and 5 deletions.
diff --git a/.github/workflows/bounty-program-commands.yml b/.github/workflows/bounty-program-commands.yml
@@ -0,0 +1,90 @@
+# This workflow is centrally managed at https://github.com/asyncapi/.github/
+# Don't make changes to this file in this repository, as they will be overwritten with
+# changes made to the same file in the abovementioned repository.
+
+# The purpose of this workflow is to allow Bounty Team members
+# (https://github.com/orgs/asyncapi/teams/bounty_team) to issue commands to the
+# organization's global AsyncAPI bot related to the Bounty Program, while at the
+# same time preventing unauthorized users from misusing them.
+
+name: Bounty Program commands
+
+on:
+  issue_comment:
+    types:
+      - created
+
+jobs:
+  guard-against-unauthorized-use:
+    if: >
+      github.actor != ('aeworxet' || 'thulieblack') &&
+      (
+        contains(github.event.comment.body, '/bounty' )
+      )
+
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: ❌ @${{github.actor}} made an unauthorized attempt to use a Bounty Program's command
+        uses: actions/github-script@v6
+
+        with:
+          github-token: ${{ secrets.GH_TOKEN }}
+          script: |
+            const commentText = `❌ @${{github.actor}} is not authorized to use the Bounty Program's commands.
+            These commands can only be used by members of the [Bounty Team](https://github.com/orgs/asyncapi/teams/bounty_team).`;
+
+            console.log(`❌ @${{github.actor}} made an unauthorized attempt to use a Bounty Program's command.`);
+            github.rest.issues.createComment({
+                issue_number: context.issue.number,
+                owner: context.repo.owner,
+                repo: context.repo.repo,
+                body: commentText
+              })
+
+  add-label-bounty:
+    if: >
+      github.actor == ('aeworxet' || 'thulieblack') &&
+      (
+        contains(github.event.comment.body, '/bounty' )
+      )
+
+    runs-on: ubuntu-latest
+    env:
+      BOUNTY_PROGRAM_LABELS_JSON: |
+        [
+          {"name": "bounty", "color": "0e8a16", "description": "Participation in the Bounty Program"}
+        ]
+
+    steps:
+      - name: Add label `bounty`
+        uses: actions/github-script@v6
+
+        with:
+          github-token: ${{ secrets.GH_TOKEN }}
+          script: |
+            const BOUNTY_PROGRAM_LABELS = JSON.parse(process.env.BOUNTY_PROGRAM_LABELS_JSON);
+            let LIST_OF_LABELS_FOR_REPO = await github.rest.issues.listLabelsForRepo({
+                owner: context.repo.owner,
+                repo: context.repo.repo,
+                });
+                
+            LIST_OF_LABELS_FOR_REPO = LIST_OF_LABELS_FOR_REPO.data.map(key => key.name);
+
+            if (!LIST_OF_LABELS_FOR_REPO.includes(BOUNTY_PROGRAM_LABELS[0].name)) {
+              await github.rest.issues.createLabel({
+                owner: context.repo.owner,
+                repo: context.repo.repo,
+                name: BOUNTY_PROGRAM_LABELS[0].name,
+                color: BOUNTY_PROGRAM_LABELS[0].color,
+                description: BOUNTY_PROGRAM_LABELS[0].description
+              });
+            }
+
+            console.log('Adding label `bounty`...');
+            github.rest.issues.addLabels({
+              issue_number: context.issue.number,
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              labels: [BOUNTY_PROGRAM_LABELS[0].name]
+            })
diff --git a/.github/workflows/global-replicator.yml b/.github/workflows/global-replicator.yml
@@ -138,7 +138,7 @@ jobs:
         uses: derberg/manage-files-in-multiple-repositories@beecbe897cf5ed7f3de5a791a3f2d70102fe7c25
         with:
           github_token: ${{ secrets.GH_TOKEN }}
-          patterns_to_include: .github/workflows/scripts,.github/workflows/automerge-for-humans-add-ready-to-merge-or-do-not-merge-label.yml,.github/workflows/add-good-first-issue-labels.yml,.github/workflows/automerge-for-humans-merging.yml,.github/workflows/automerge-for-humans-remove-ready-to-merge-label-on-edit.yml,.github/workflows/automerge-orphans.yml,.github/workflows/automerge.yml,.github/workflows/autoupdate.yml,.github/workflows/help-command.yml,.github/workflows/issues-prs-notifications.yml,.github/workflows/lint-pr-title.yml,.github/workflows/notify-tsc-members-mention.yml,.github/workflows/stale-issues-prs.yml,.github/workflows/welcome-first-time-contrib.yml,.github/workflows/release-announcements.yml,.github/workflows/please-take-a-look-command.yml
+          patterns_to_include: .github/workflows/scripts,.github/workflows/automerge-for-humans-add-ready-to-merge-or-do-not-merge-label.yml,.github/workflows/add-good-first-issue-labels.yml,.github/workflows/automerge-for-humans-merging.yml,.github/workflows/automerge-for-humans-remove-ready-to-merge-label-on-edit.yml,.github/workflows/automerge-orphans.yml,.github/workflows/automerge.yml,.github/workflows/autoupdate.yml,.github/workflows/help-command.yml,.github/workflows/issues-prs-notifications.yml,.github/workflows/lint-pr-title.yml,.github/workflows/notify-tsc-members-mention.yml,.github/workflows/stale-issues-prs.yml,.github/workflows/welcome-first-time-contrib.yml,.github/workflows/release-announcements.yml,.github/workflows/bounty-program-commands.yml,.github/workflows/please-take-a-look-command.yml
           committer_username: asyncapi-bot
           committer_email: [email protected]
           commit_message: "ci: update of files from global .github repo"

diff --git a/.github/workflows/if-go-pr-testing.yml b/.github/workflows/if-go-pr-testing.yml
@@ -30,6 +30,7 @@ jobs:
         id: should_run
         name: Should Run
         run: echo "shouldrun=true" >> $GITHUB_OUTPUT
+        shell: bash
       - if: steps.should_run.outputs.shouldrun == 'true'
         name: Checkout repository
         uses: actions/checkout@v3
@@ -74,6 +75,7 @@ jobs:
         id: should_run
         name: Should Run
         run: echo "shouldrun=true" >> $GITHUB_OUTPUT
+        shell: bash
       - if: steps.should_run.outputs.shouldrun == 'true'
         name: Checkout repository
         uses: actions/checkout@v3

diff --git a/.github/workflows/if-nodejs-pr-testing.yml b/.github/workflows/if-nodejs-pr-testing.yml
@@ -33,6 +33,7 @@ jobs:
         id: should_run
         name: Should Run
         run: echo "shouldrun=true" >> $GITHUB_OUTPUT
+        shell: bash
       - if: steps.should_run.outputs.shouldrun == 'true' 
         name: Set git to use LF #to once and for all finish neverending fight between Unix and Windows
         run: |
@@ -60,13 +61,13 @@ jobs:
       - if: steps.packagejson.outputs.exists == 'true'
         name: Install dependencies
         id: first-installation
-        run: npm install --loglevel verbose
+        run: npm ci
         continue-on-error: true
       - if: steps.first-installation.outputs.status == 'failure' && steps.packagejson.outputs.exists == 'true'
         name: Clear NPM cache and install deps again
         run: | 
           npm cache clean --force
-          npm install --loglevel verbose
+          npm ci
       - if: steps.packagejson.outputs.exists == 'true'
         name: Test
         run: npm test --if-present

diff --git a/.github/workflows/if-nodejs-release.yml b/.github/workflows/if-nodejs-release.yml
@@ -85,6 +85,7 @@ jobs:
       - name: Check if Node.js project and has package.json
         id: packagejson
         run: test -e ./package.json && echo "exists=true" >> $GITHUB_OUTPUT || echo "exists=false" >> $GITHUB_OUTPUT
+        shell: bash
       - if: steps.packagejson.outputs.exists == 'true'
         name: Check package-lock version
         uses: asyncapi/.github/.github/actions/get-node-version-from-package-lock@master
@@ -98,7 +99,14 @@ jobs:
           cache-dependency-path: '**/package-lock.json'
       - if: steps.packagejson.outputs.exists == 'true'
         name: Install dependencies
-        run: npm install
+        id: first-installation
+        run: npm ci
+        continue-on-error: true
+      - if: steps.first-installation.outputs.status == 'failure' && steps.packagejson.outputs.exists == 'true'
+        name: Clear NPM cache and install deps again
+        run: | 
+          npm cache clean --force
+          npm ci
       - if: steps.packagejson.outputs.exists == 'true'
         name: Add plugin for conventional commits for semantic-release
         run: npm install --save-dev [email protected]

diff --git a/.github/workflows/if-nodejs-version-bump.yml b/.github/workflows/if-nodejs-version-bump.yml
@@ -37,7 +37,7 @@ jobs:
           cache-dependency-path: '**/package-lock.json'
       - if: steps.packagejson.outputs.exists == 'true'
         name: Install dependencies
-        run: npm install
+        run: npm ci
       - if: steps.packagejson.outputs.exists == 'true'
         name: Assets generation
         run: npm run generate:assets --if-present