1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135name: CI - Lint
on:
pull_request:
push:
branches:
- trunk
workflow_dispatch:
permissions: {}
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: ${{ github.event_name == 'pull_request' }}
jobs:
actionlint:
name: Validate workflows
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Validate workflows
uses: raven-actions/actionlint@v2.1.0
format:
name: Format
if: startsWith(github.head_ref, 'renovate/') != true
runs-on: ubuntu-latest
permissions:
contents: read
actions: write
pull-requests: read
outputs:
format_exit_code: ${{ steps.check_format.outputs.exit_code }}
patch_uploaded: ${{ steps.patch_uploaded.outputs.outcome }}
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Check for protected files
if: github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork == true
uses: dorny/paths-filter@v3
id: filter
with:
filters: |
protected:
- 'scripts/format.sh'
- 'scripts/github-actions/check-format.sh'
- name: Fail if Protected
if: steps.filter.outputs.protected == 'true'
run: |
echo "::notice::PR from fork modifies format script"
exit 1
- name: Setup curl for Ubuntu
run: sudo apt-get update && sudo apt-get install -y libcurl4-openssl-dev
- name: Setup Bazel
uses: bazel-contrib/setup-bazel@0.18.0
with:
cache-save: false
bazelisk-cache: true
external-cache: |
manifest:
crates: rust/Cargo.Bazel.lock
rules_ruby++ruby+ruby: rb/.ruby-version
repository-cache: true
bazelrc: common --color=yes
- name: Check code formatting
id: check_format
run: |
set +e
./scripts/github-actions/check-format.sh
exit_code=$?
echo "exit_code=${exit_code}" >> "$GITHUB_OUTPUT"
exit "${exit_code}"
- name: Save changes
if: failure() && steps.check_format.outputs.exit_code == '1' && github.event_name == 'pull_request'
run: git diff > changes.patch
- name: "Upload changes"
id: upload_changes
if: failure() && steps.check_format.outputs.exit_code == '1' && github.event_name == 'pull_request'
uses: actions/upload-artifact@v5
with:
name: format-changes
path: changes.patch
- name: Mark patch uploaded
id: patch_uploaded
if: always()
run: echo outcome=${{ steps.upload_changes.outcome }} >> "$GITHUB_OUTPUT"
commit-fixes:
name: Commit fixes
needs: format
if: ${{ failure() && needs.format.outputs.patch_uploaded == 'success' }}
runs-on: ubuntu-latest
permissions:
contents: write
actions: read
steps:
- name: Check Permissions
if: ${{ github.event.pull_request.head.repo.fork == true }}
run: |
echo "::error::Code needs formatting. Run ./scripts/format.sh locally and push changes."
exit 1
- name: Checkout PR
uses: actions/checkout@v4
with:
ref: ${{ github.event.pull_request.head.ref }}
- name: Download format changes
uses: actions/download-artifact@v4
with:
name: format-changes
- name: Apply and commit fixes
run: |
git apply changes.patch
rm changes.patch
git config --local user.name "Selenium CI Bot"
git config --local user.email "selenium-ci@users.noreply.github.com"
git add -A
git commit -m "Auto-format code"
- name: Push fixes
run: |
git push
echo "::notice::Auto-formatted and pushed. New CI run will start."
ci-lint:
if: always()
needs: [actionlint, format, commit-fixes]
runs-on: ubuntu-latest
steps:
- run: |
echo 'actionlint: ${{ needs.actionlint.result }}'
echo 'format: ${{ needs.format.result }}'
- if: ${{ needs.actionlint.result == 'failure' || needs.format.result == 'failure' }}
run: exit 1