Skip to content

SystemJargon - Filters - Security #218

SystemJargon - Filters - Security

SystemJargon - Filters - Security #218

Workflow file for this run

name: Check blocklist
on:
issues:
types:
- labeled
permissions:
contents: write
issues: write
jobs:
check-blocklist:
if: ${{ github.event.label.name == 'check blocklist' }}
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
with:
ref: main
- name: Get date for caching
run: |
echo "DATE=$(date +%m%d)" >> $GITHUB_ENV
echo "MONTH=$(date +%m%Y)" >> $GITHUB_ENV
- name: Restore cached dependencies
id: restore-cache
uses: actions/cache/restore@v4
with:
path: |
tranco.tmp
*_blocklist.tmp
# Restore cache from today (do not restore if date does not match)
key: dependencies-${{ env.DATE }}
- name: Restore cached dependencies (monthly)
id: restore-cache-monthly
uses: actions/cache/restore@v4
with:
path: |
~/.npm
dead_cache.tmp
key: dependencies-${{ env.MONTH }}
- name: Check blocklist
run: |
# On error
trap 'gh issue comment ${{ github.event.issue.number }} -b \
"An error occurred while checking the blocklist." \
&& gh issue edit ${{ github.event.issue.number }} \
--remove-label "check blocklist" --remove-label "checking" \
--add-label "errored"' ERR
# Add 'checking' label
gh issue edit ${{ github.event.issue.number }} \
--remove-label 'check blocklist' --add-label 'checking'
# Get URl of blocklist
url="$(grep 'http' <<< "${{ github.event.issue.body }}")"
# Generate report
bash scripts/check.sh "$url"
# Comment report
gh issue comment ${{ github.event.issue.number }} -b \
"$(cat data/TEMPLATE.md)"
# Update issue title and label
title="$(mawk -F '*' '/Report for/ {print $2}' data/TEMPLATE.md)"
gh issue edit ${{ github.event.issue.number }} -t "$title" \
--remove-label 'checking' --add-label 'report generated'
env:
GH_TOKEN: ${{ github.token }}
- name: Cache dependencies
# Cache only if no cache exists for today
if: ${{ steps.restore-cache.outputs.cache-hit != 'true' }}
uses: actions/cache/save@v4
with:
path: |
tranco.tmp
*_blocklist.tmp
# Cache dependencies from today
key: dependencies-${{ env.DATE }}
- name: Cache dependencies (monthly)
if: ${{ steps.restore-cache-monthly.outputs.cache-hit != 'true' }}
uses: actions/cache/save@v4
with:
path: |
~/.npm
dead_cache.tmp
key: dependencies-${{ env.MONTH }}