Skip to content

Codeowners validation #1287

Codeowners validation

Codeowners validation #1287

name: 'Codeowners validation'
on:
push:
paths:
- 'CODEOWNERS'
- 'docs/CODEOWNERS'
- '.github/CODEOWNERS'
- '.github/workflows/codeowners-validator.yml'
branches:
- '**'
schedule:
- cron: '37 4 * * *' # sync-with-template: adjust
workflow_dispatch: { }
permissions:
contents: read
env:
VALIDATION_TOKEN: ${{secrets.CODEOWNERS_VALIDATOR_TOKEN && secrets.CODEOWNERS_VALIDATOR_TOKEN || github.token}}
jobs:
rate-limits:
name: Check rate limits
runs-on: ubuntu-latest
timeout-minutes: 5
concurrency:
group: codeowners-validation
cancel-in-progress: true
steps:
- name: Get rate limits
uses: remal-github-actions/get-rate-limits@v1
id: rate-limits
with:
githubToken: ${{env.VALIDATION_TOKEN || github.token}}
- name: Make decision
id: decision
run: |
echo "Core rate limit usage: ${{steps.rate-limits.outputs.coreUsage}}"
if [ "${{steps.rate-limits.outputs.coreUsage < 75}}" == "true" ]; then
echo "Enough rate limits"
echo 'enough=true' >> $GITHUB_OUTPUT
else
echo "::warning::Not enough rate limits!"
if [ "${{github.event_name != 'schedule'}}" == "true" ]; then
echo "::warning::Executing anyway, as event is '${{github.event_name}}'"
echo 'enough=true' >> $GITHUB_OUTPUT
else
echo 'enough=false' >> $GITHUB_OUTPUT
fi
fi
outputs:
enough: ${{steps.decision.outputs.enough}}
codeowners-validation:
needs:
- rate-limits
if: ${{fromJSON(needs.rate-limits.outputs.enough) == true}}
runs-on: ubuntu-latest
timeout-minutes: 15
concurrency:
group: codeowners-validation
cancel-in-progress: true
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
fetch-depth: 1
- name: Get repository owner type
id: owner-type
run: |
REPO_JSON=$(curl -s "${{github.api_url}}/repos/${{github.repository}}" -H "Authorization: token ${{env.VALIDATION_TOKEN}}")
OWNER_TYPE=$(echo $REPO_JSON | jq -r '.owner.type')
OWNER_TYPE=$(echo "$OWNER_TYPE" | tr '[:upper:]' '[:lower:]')
echo "Owner type: $OWNER_TYPE"
echo "::set-output name=owner-type::$OWNER_TYPE"
- name: Basic CODEOWNERS validation
if: ${{steps.owner-type.outputs.owner-type != 'organization'}}
uses: mszostok/[email protected]
with:
github_access_token: '${{env.VALIDATION_TOKEN}}'
checks: 'syntax,duppatterns,files'
- name: Full CODEOWNERS validation
if: ${{steps.owner-type.outputs.owner-type == 'organization'}}
uses: mszostok/[email protected]
with:
github_access_token: '${{env.VALIDATION_TOKEN}}'