feat: add pipeline to sync the checks from the dashboard db

UlisesGascon · UlisesGascon · commit 5301b323a024 · 2024-12-07T22:20:24.000+01:00
diff --git a/.github/workflows/sync_checks.yml b/.github/workflows/sync_checks.yml
@@ -0,0 +1,106 @@
+name: Sync and update Compliance Checks
+
+on:
+  push:
+    branches: [ main ]
+  pull_request:
+    branches: [ main ]
+  # schedule:
+  #   - cron: "0 0 * * *" # Runs daily at midnight UTC
+  # workflow_dispatch: # Allows manual triggering
+
+permissions:
+  # We will create a pull request, so we need write permissions
+  pull-requests: write
+  # We will be committing to the repository, so we need write permissions
+  contents: write
+
+
+jobs:
+  sync-and-update:
+    runs-on: ubuntu-latest
+
+    services:
+      postgres:
+        image: postgres:17.2
+        env:
+          POSTGRES_DB: dashboard
+          POSTGRES_USER: openjs
+          POSTGRES_PASSWORD: password
+        ports:
+          - 5432:5432
+        options: >-
+          --health-cmd="pg_isready -U openjs"
+          --health-interval=10s
+          --health-timeout=5s
+          --health-retries=5
+
+    steps:
+      # Checkout the current repository
+      - name: Checkout Repository
+        uses: actions/checkout@v4
+
+      # Create or switch to the chore/update-content branch
+      - name: Create or Checkout Branch
+        run: |
+          git fetch origin chore/update-content || true
+          git checkout chore/update-content || git checkout -b chore/update-content
+
+      # Clone the public repository and set it up
+      - name: Clone OpenJS Foundation Dashboard
+        run: |
+          git clone https://github.com/secure-dashboards/openjs-foundation-dashboard.git temp-openjs-dashboard
+          cd temp-openjs-dashboard
+          npm install
+          npm run db:migrate
+          psql -U openjs -d dashboard -c "\copy (SELECT json_agg(t) FROM compliance_checks t) TO '../data/checks.json'"
+          cd ..
+          rm -rf temp-openjs-dashboard
+        env:
+          PGHOST: localhost
+          PGUSER: openjs
+          PGPASSWORD: password
+          PGDATABASE: dashboard
+
+      - name: Debug Git Changes (Before Commit Updated Checks)
+        run: |
+          git status
+          git diff
+
+      # Commit the updated checks.json
+      - name: Commit Updated Checks
+        run: |
+          git config user.name "GitHub Actions"
+          git config user.email "actions@github.com"
+          git add -A
+          git diff --cached --quiet || git commit -m "chore: sync with OpenJS Foundation Dashboard"
+
+      # Install dependencies for the current repository and generate site
+      - name: Install Dependencies and Generate Site
+        run: |
+          npm install
+          npm run populate-details
+          npm run populate-implementations
+
+      - name: Debug Git Changes (Before Commit Updated Checks)
+        run: |
+          git status
+          git diff
+
+      # Commit the generated site
+      - name: Commit and Push Changes
+        run: |
+          git config user.name "GitHub Actions"
+          git config user.email "actions@github.com"
+          git add -A
+          git diff --cached --quiet || git commit -m "chore: auto-update details and implementations"
+          git push origin chore/update-content
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Create Pull Request
+        run: |
+          gh auth login --with-token <<< "${{ secrets.GITHUB_TOKEN }}"
+          gh pr create --base main --head chore/update-content --title "Auto update content" --body "This PR updates the content."
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
