name: Sync Files on: workflow_dispatch: push: branches: - main paths: - "build.gradle" - "README.md" - "gradle/verification-keyring.keys" - "gradle/verification-metadata.xml" - "src/main/resources/messages_*.properties" - "src/main/resources/static/3rdPartyLicenses.json" - "scripts/ignore_translation.toml" permissions: contents: read jobs: read_bot_entries: runs-on: ubuntu-latest outputs: userName: ${{ steps.get-user-id.outputs.user_name }} userEmail: ${{ steps.get-user-id.outputs.user_email }} committer: ${{ steps.committer.outputs.committer }} steps: - name: Harden Runner uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4 with: egress-policy: audit - name: Generate GitHub App Token id: generate-token uses: actions/create-github-app-token@c1a285145b9d317df6ced56c09f525b5c2b6f755 # v1.11.1 with: app-id: ${{ secrets.GH_APP_ID }} private-key: ${{ secrets.GH_APP_PRIVATE_KEY }} - name: Get GitHub App User ID id: get-user-id run: | USER_NAME="${{ steps.generate-token.outputs.app-slug }}[bot]" USER_ID=$(gh api "/users/$USER_NAME" --jq .id) USER_EMAIL="$USER_ID+$USER_NAME@users.noreply.github.com" echo "user_name=$USER_NAME" >> "$GITHUB_OUTPUT" echo "user_email=$USER_EMAIL" >> "$GITHUB_OUTPUT" echo "user-id=$USER_ID" >> "$GITHUB_OUTPUT" env: GH_TOKEN: ${{ steps.generate-token.outputs.token }} - id: committer run: | COMMITTER="${{ steps.get-user-id.outputs.user_name }} <${{ steps.get-user-id.outputs.user_email }}>" echo "committer=$COMMITTER" >> "$GITHUB_OUTPUT" sync-files: needs: ["read_bot_entries"] runs-on: ubuntu-latest steps: - name: Harden Runner uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4 with: egress-policy: audit - name: Generate GitHub App Token id: generate-token uses: actions/create-github-app-token@c1a285145b9d317df6ced56c09f525b5c2b6f755 # v1.11.1 with: app-id: ${{ vars.GH_APP_ID }} private-key: ${{ secrets.GH_APP_PRIVATE_KEY }} - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Set up Python uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 with: python-version: "3.12" cache: 'pip' # caching pip dependencies - name: Sync translation property files run: | python .github/scripts/check_language_properties.py --reference-file "src/main/resources/messages_en_GB.properties" --branch main - name: Set up git config run: | git config --global user.name ${{ needs.read_bot_entries.outputs.userName }} git config --global user.email ${{ needs.read_bot_entries.outputs.userEmail }} - name: Run git add run: | git add src/main/resources/messages_*.properties git diff --staged --quiet || git commit -m ":memo: Sync translation files" || echo "no changes" - name: Install dependencies run: pip install --require-hashes -r ./.github/scripts/requirements_sync_readme.txt - name: Sync README.md run: | python scripts/counter_translation.py - name: Run git add run: | git add README.md git diff --staged --quiet || git commit -m ":memo: Sync README.md" || echo "no changes" - name: Generate verification metadata with signatures and checksums run: | set -e if [ -f ./gradle/verification-metadata.xml ]; then rm ./gradle/verification-metadata.xml fi ./gradlew clean dependencies buildEnvironment spotlessApply --write-verification-metadata sha256 help ./gradlew clean dependencies buildEnvironment spotlessApply --write-verification-metadata sha256,pgp --refresh-keys --export-keys --refresh-dependencies help ./gradlew clean build - name: Run git add run: | git add gradle/verification-keyring.keys git add gradle/verification-metadata.xml git diff --staged --quiet || git commit -m ":memo: Generate verification metadata with signatures and checksums" || echo "no changes" - name: Create Pull Request uses: peter-evans/create-pull-request@67ccf781d68cd99b580ae25a5c18a1cc84ffff1f # v7.0.6 with: token: ${{ steps.generate-token.outputs.token }} commit-message: Update files committer: ${{ needs.read_bot_entries.outputs.committer }} author: ${{ needs.read_bot_entries.outputs.committer }} signoff: true branch: sync_readme title: ":globe_with_meridians: Sync Translations + Update README Progress Table + Update Verification Metadata" body: | ### Description of Changes This Pull Request was automatically generated to synchronize updates to translation files, verification metadata, and documentation. Below are the details of the changes made: #### **1. Synchronization of Translation Files** - Updated translation files (`messages_*.properties`) to reflect changes in the reference file `messages_en_GB.properties`. - Ensured consistency and synchronization across all supported language files. - Highlighted any missing or incomplete translations. #### **2. Update README.md** - Generated the translation progress table in `README.md`. - Added a summary of the current translation status for all supported languages. - Included up-to-date statistics on translation coverage. #### **3. Verification Metadata Updates** - Generated or refreshed the `verification-keyring.keys` and `verification-metadata.xml` files. - Included the latest dependency signatures and checksums to enhance the build's integrity. #### **Why these changes are necessary** - Keeps translation files aligned with the latest reference updates. - Ensures the documentation reflects the current translation progress. - Strengthens dependency verification for a more secure build process. --- Auto-generated by [create-pull-request][1]. [1]: https://github.com/peter-evans/create-pull-request draft: false delete-branch: true labels: github-actions sign-commits: true add-paths: | README.md src/main/resources/messages_*.properties gradle/verification-keyring.keys gradle/verification-metadata.xml