-
Notifications
You must be signed in to change notification settings - Fork 5
67 lines (60 loc) · 2.13 KB
/
hero-check.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
name: Hero Check
on:
pull_request:
branches: [ "main" ]
paths:
- 'open-source-heroes.md'
jobs:
check-for-hero:
runs-on: ubuntu-latest
permissions:
pull-requests: write
steps:
- name: Checkout Target
uses: actions/checkout@v4
with:
repository: jordangov/defcon-poc
ref: main
path: target
- name: Checkout Source
uses: actions/checkout@v4
with:
path: source
- name: Check Submission
id: check_sub
env:
SALT: ${{ secrets.SALT }}
ALGO: ${{ secrets.ALGO }}
run: >-
SUBMISSION=`(diff target/open-source-heroes.md source/open-source-heroes.md || true) | awk '/\* @${{github.actor}}/{ print $4 }'`;
CHECK=`echo -n "${{github.actor}}-$SALT" | openssl dgst -$ALGO | awk '/[a-z0-9]+/{ print $2 }'`;
echo "Confirming submission ($SUBMISSION) for ${{github.actor}} equals check ($CHECK) from SALT ($SALT) and ALGO ($ALGO)...";
if [[ "$SUBMISSION" = "$CHECK" ]]; then
echo "Submissions match"
echo "RESULT=pass" >> "$GITHUB_OUTPUT";
echo "MESSAGE='🤩 Wow, you are an open source hero! Find a volunteer with the special White House badge to claim your fame!'" >> "$GITHUB_OUTPUT";
else
echo "Submissions do not match"
echo "RESULT=fail" >> "$GITHUB_OUTPUT";
echo "MESSAGE='😔 Sorry, but that is not the right hash. Have you found all of the clues?'" >> "$GITHUB_OUTPUT";
fi
- name: Post Message
uses: actions/github-script@v7
with:
script: |
github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: ${{ steps.check_sub.outputs.MESSAGE }}
})
- name: End Job
env:
RESULT: ${{ steps.check_sub.outputs.RESULT }}
run: >-
echo "RESULT=$RESULT";
if [[ "$RESULT" = "pass" ]]; then
exit 0;
else
exit 1;
fi