GitScan #76
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: GitScan | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| count: | |
| description: "Number of sites to scan" | |
| required: false | |
| default: "50" | |
| type: string | |
| exclude: | |
| description: "Comma-separated list of repos to exclude (e.g. betagouv/some-repo,SocialGouv/other-repo)" | |
| required: false | |
| default: "betagouv/gitscan,betagouv/dashlord" | |
| type: string | |
| schedule: | |
| - cron: "0 0 * * *" # midnight, see https://crontab.guru | |
| # allow only one concurrent scan action | |
| concurrency: | |
| cancel-in-progress: true | |
| group: scans | |
| jobs: | |
| repos: | |
| runs-on: ubuntu-latest | |
| name: Repos | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: "fetch repos" | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| EXCLUDE_REPOS: ${{ inputs.exclude || 'betagouv/gitscan,betagouv/dashlord' }} | |
| run: | | |
| ./scripts/fetch-repos.sh | |
| - uses: EndBug/add-and-commit@v9 | |
| with: | |
| add: "./repos/*/repos.*" | |
| author_name: "Bot" | |
| author_email: "bot@github.com" | |
| message: "update: repos" | |
| pull: "--rebase --autostash" | |
| init: | |
| runs-on: ubuntu-latest | |
| name: Prepare | |
| needs: repos | |
| outputs: | |
| sites: ${{ steps.init.outputs.sites }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - id: init | |
| uses: "./.github/actions/init" | |
| with: | |
| count: ${{ inputs.count || '50' }} | |
| exclude: ${{ inputs.exclude || 'betagouv/gitscan,betagouv/dashlord' }} | |
| scans: | |
| runs-on: ubuntu-latest | |
| name: Scan | |
| needs: init | |
| continue-on-error: true | |
| strategy: | |
| fail-fast: false | |
| max-parallel: 3 | |
| matrix: | |
| sites: ${{ fromJson(needs.init.outputs.sites) }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.ref }} | |
| - name: "fetch repo" | |
| continue-on-error: true | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| echo "${{ matrix.sites.url }}" | |
| ./scripts/fetch-repo.sh "${{ matrix.sites.url }}" | |
| - name: "generate repo data" | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }} | |
| OPENAI_BASE_URL: ${{ secrets.OPENAI_BASE_URL }} | |
| OPENAI_MODEL: ${{ secrets.OPENAI_MODEL }} | |
| run: | | |
| pwd | |
| echo "${{ matrix.sites.url }}" | |
| overview_content=$(./scripts/generate-repo-overview.sh ./repos/"${{ matrix.sites.full_name }}") | |
| [ -n "$overview_content" ] && echo "$overview_content" > ./repos/"${{ matrix.sites.full_name }}"/overview.json | |
| cat ./repos/"${{ matrix.sites.full_name }}"/overview.json | |
| changelog_content=$(./scripts/generate-repo-changelog.sh ./repos/"${{ matrix.sites.full_name }}") | |
| [ -n "$changelog_content" ] && echo "$changelog_content" > ./repos/"${{ matrix.sites.full_name }}"/CHANGELOG-generated.md || true | |
| - name: Commit changes | |
| run: | | |
| git config user.name "BetaBot" | |
| git config user.email "infra@incubateur.net" | |
| git add "./repos/${{ matrix.sites.full_name }}" | |
| # Check if there are changes to commit | |
| if git diff --staged --quiet; then | |
| echo "No changes to commit" | |
| exit 0 | |
| fi | |
| git commit -m "update: ${{ matrix.sites.full_name }}" | |
| # Retry push with rebase up to 5 times | |
| for i in {1..5}; do | |
| git pull --rebase --autostash && git push && break | |
| echo "Push failed, retrying ($i/5)..." | |
| sleep $((i * 2)) | |
| done |