mirror of
https://github.com/Frooodle/Stirling-PDF.git
synced 2026-03-04 02:20:19 +01:00
3fd0398648
# Description of Changes This pull request makes several updates to the repository’s CI/CD configuration, focusing on improving workflow automation, updating Java versions, enhancing labeling and file ownership, and cleaning up unused files. The most significant changes involve migrating workflows and labels to support a new `V3` branch, updating build environments to use JDK 21, and expanding automated dependency update coverage. **Key changes include:** ### CI/CD Workflow Updates * Updated all GitHub Actions workflows (`build.yml`, `PR-Demo-Comment-with-react.yml`, etc.) to use JDK 21 instead of JDK 17 for Java builds, ensuring compatibility with newer Java features and dependencies. [[1]](diffhunk://#diff-5c3fa597431eda03ac3339ae6bf7f05e1a50d6fc7333679ec38e21b337cb6721L120-R125) [[2]](diffhunk://#diff-5c3fa597431eda03ac3339ae6bf7f05e1a50d6fc7333679ec38e21b337cb6721R180-R187) [[3]](diffhunk://#diff-5c3fa597431eda03ac3339ae6bf7f05e1a50d6fc7333679ec38e21b337cb6721L226-R232) [[4]](diffhunk://#diff-8d23782ae5caff72d55828bb25814854f5f2523f299d7dbcda4a3537dd84c5c3L154-R154) [[5]](diffhunk://#diff-5c3fa597431eda03ac3339ae6bf7f05e1a50d6fc7333679ec38e21b337cb6721L288-L298) * Removed the now-unused `codeql.yml-disabled` file, cleaning up deprecated static analysis configuration. * Added a dedicated `frontend-validation` job in `build.yml` that only runs when frontend files change, improving CI efficiency. * Minor workflow improvements: consistent quoting in config paths, improved cache settings, and small cleanups in deploy scripts. [[1]](diffhunk://#diff-5c3fa597431eda03ac3339ae6bf7f05e1a50d6fc7333679ec38e21b337cb6721L150-R152) [[2]](diffhunk://#diff-5c3fa597431eda03ac3339ae6bf7f05e1a50d6fc7333679ec38e21b337cb6721L244-R247) [[3]](diffhunk://#diff-7cdd3ccec44c8ba176bdc3b9ef54c3f56aa210a1a4e2bb5f79d87b1e50314a18L29-R29) [[4]](diffhunk://#diff-f8b6ec3c0af9cd2d8dffef6f3def2be6357fe596a606850ca7f5d799e1349069L87) [[5]](diffhunk://#diff-f8b6ec3c0af9cd2d8dffef6f3def2be6357fe596a606850ca7f5d799e1349069L120-L127) [[6]](diffhunk://#diff-f8b6ec3c0af9cd2d8dffef6f3def2be6357fe596a606850ca7f5d799e1349069L189) [[7]](diffhunk://#diff-26fc40a450703e6602af586a24594196fb10e132de14a9a488ae64ee8cc51166L99) [[8]](diffhunk://#diff-5c3fa597431eda03ac3339ae6bf7f05e1a50d6fc7333679ec38e21b337cb6721L30-R39) [[9]](diffhunk://#diff-5c3fa597431eda03ac3339ae6bf7f05e1a50d6fc7333679ec38e21b337cb6721L69-R75) [[10]](diffhunk://#diff-5c3fa597431eda03ac3339ae6bf7f05e1a50d6fc7333679ec38e21b337cb6721R93) ### Branch and Label Management * Migrated auto-labeler and build workflows to track the `V3` branch instead of `V2`, and updated labels and labeler config to use `v3` instead of `v2`. [[1]](diffhunk://#diff-cfe84f4bb9657c721ff741644ee0bce45aa81aaef9dea1ea8741c946984e9722L7-R7) [[2]](diffhunk://#diff-d3d79c492fbafebc87fbb739c553afea093a79344ff78b88fe785ac3ca7e7b3dL49-R75) [[3]](diffhunk://#diff-080b7ef0dc11b28f262ea02985043c6229e353ecfdd5920b4d3b19f369f85dc6R87-R89) * Added new labels for `v3`, `Rust`, `Tauri`, and `license-review-required` to improve PR categorization and review processes. ### Dependency Automation * Expanded `dependabot.yml` to update Gradle dependencies in all relevant subdirectories (`/`, `/app/common`, `/app/core`, `/app/proprietary`) and ensured all ecosystems use the `rebase-strategy: auto` setting for more reliable PR updates. ### File Ownership and Labeling * Enhanced `.github/config/.files.yaml` to include new scripts and frontend-related files under the correct project and frontend categories, and introduced license file groups for both frontend and backend. [[1]](diffhunk://#diff-16e8af5ab290e6fdcf843429e4970b7dee6721897ad02c5291f259f47e0978deL5-R7) [[2]](diffhunk://#diff-16e8af5ab290e6fdcf843429e4970b7dee6721897ad02c5291f259f47e0978deR34-R60) * Improved labeler configuration to better match new frontend and translation file patterns, and introduced a new label group for Tauri-related files. --- These changes collectively modernize the repository’s automation, streamline maintenance, and prepare the project for ongoing work on the `V3` branch. --- ## Checklist ### General - [ ] I have read the [Contribution Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md) - [ ] I have read the [Stirling-PDF Developer Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md) (if applicable) - [ ] I have read the [How to add new languages to Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md) (if applicable) - [ ] I have performed a self-review of my own code - [ ] My changes generate no new warnings ### Documentation - [ ] I have updated relevant docs on [Stirling-PDF's doc repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/) (if functionality has heavily changed) - [ ] I have read the section [Add New Translation Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags) (for new translation tags only) ### Translations (if applicable) - [ ] I ran [`scripts/counter_translation.py`](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/docs/counter_translation.md) ### UI Changes (if applicable) - [ ] Screenshots or videos demonstrating the UI changes are attached (e.g., as comments or direct attachments in the PR) ### Testing (if applicable) - [ ] I have tested my changes locally. Refer to the [Testing Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing) for more details.
229 lines
8.4 KiB
YAML
229 lines
8.4 KiB
YAML
name: AI - PR Title Review
|
||
|
||
on:
|
||
pull_request:
|
||
types: [opened, edited]
|
||
branches: [main]
|
||
|
||
permissions: # required for secure-repo hardening
|
||
contents: read
|
||
|
||
jobs:
|
||
ai-title-review:
|
||
permissions:
|
||
contents: read
|
||
pull-requests: write
|
||
models: read
|
||
|
||
runs-on: ubuntu-latest
|
||
|
||
steps:
|
||
- name: Harden Runner
|
||
uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
|
||
with:
|
||
egress-policy: audit
|
||
|
||
- uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
|
||
with:
|
||
fetch-depth: 0
|
||
|
||
- name: Configure Git to suppress detached HEAD warning
|
||
run: git config --global advice.detachedHead false
|
||
|
||
- name: Setup GitHub App Bot
|
||
if: github.actor != 'dependabot[bot]'
|
||
id: setup-bot
|
||
uses: ./.github/actions/setup-bot
|
||
continue-on-error: true
|
||
with:
|
||
app-id: ${{ secrets.GH_APP_ID }}
|
||
private-key: ${{ secrets.GH_APP_PRIVATE_KEY }}
|
||
|
||
- name: Check if actor is repo developer
|
||
id: actor
|
||
run: |
|
||
if [[ "${{ github.actor }}" == *"[bot]" ]]; then
|
||
echo "PR opened by a bot – skipping AI title review."
|
||
echo "is_repo_dev=false" >> $GITHUB_OUTPUT
|
||
exit 0
|
||
fi
|
||
if [ ! -f .github/config/repo_devs.json ]; then
|
||
echo "Error: .github/config/repo_devs.json not found" >&2
|
||
exit 1
|
||
fi
|
||
# Validate JSON and extract repo_devs
|
||
REPO_DEVS=$(jq -r '.repo_devs[]' .github/config/repo_devs.json 2>/dev/null || { echo "Error: Invalid JSON in repo_devs.json" >&2; exit 1; })
|
||
# Convert developer list into Bash array
|
||
mapfile -t DEVS_ARRAY <<< "$REPO_DEVS"
|
||
if [[ " ${DEVS_ARRAY[*]} " == *" ${{ github.actor }} "* ]]; then
|
||
echo "is_repo_dev=true" >> $GITHUB_OUTPUT
|
||
else
|
||
echo "is_repo_dev=false" >> $GITHUB_OUTPUT
|
||
fi
|
||
|
||
- name: Get PR diff
|
||
if: steps.actor.outputs.is_repo_dev == 'true'
|
||
id: get_diff
|
||
run: |
|
||
git fetch origin ${{ github.base_ref }}
|
||
git diff origin/${{ github.base_ref }}...HEAD | head -n 10000 | grep -vP '[\x00-\x08\x0B\x0C\x0E-\x1F\x7F\x{202E}\x{200B}]' > pr.diff
|
||
echo "diff<<EOF" >> $GITHUB_OUTPUT
|
||
cat pr.diff >> $GITHUB_OUTPUT
|
||
echo "EOF" >> $GITHUB_OUTPUT
|
||
|
||
- name: Check and sanitize PR title
|
||
if: steps.actor.outputs.is_repo_dev == 'true'
|
||
id: sanitize_pr_title
|
||
env:
|
||
PR_TITLE_RAW: ${{ github.event.pull_request.title }}
|
||
run: |
|
||
# Sanitize PR title: max 72 characters, only printable characters
|
||
PR_TITLE=$(echo "$PR_TITLE_RAW" | tr -d '\n\r' | head -c 72 | sed 's/[^[:print:]]//g')
|
||
if [[ ${#PR_TITLE} -lt 5 ]]; then
|
||
echo "PR title is too short. Must be at least 5 characters." >&2
|
||
fi
|
||
echo "pr_title=$PR_TITLE" >> $GITHUB_OUTPUT
|
||
|
||
- name: AI PR Title Analysis
|
||
if: steps.actor.outputs.is_repo_dev == 'true'
|
||
id: ai-title-analysis
|
||
uses: actions/ai-inference@334892bb203895caaed82ec52d23c1ed9385151e # v2.0.4
|
||
with:
|
||
model: openai/gpt-4o
|
||
system-prompt-file: ".github/config/system-prompt.txt"
|
||
prompt: |
|
||
Based on the following input data:
|
||
|
||
{
|
||
"diff": "${{ steps.get_diff.outputs.diff }}",
|
||
"pr_title": "${{ steps.sanitize_pr_title.outputs.pr_title }}"
|
||
}
|
||
|
||
Respond ONLY with valid JSON in the format:
|
||
{
|
||
"improved_rating": <0-10>,
|
||
"improved_ai_title_rating": <0-10>,
|
||
"improved_title": "<ai generated title>"
|
||
}
|
||
|
||
- name: Validate and set SCRIPT_OUTPUT
|
||
if: steps.actor.outputs.is_repo_dev == 'true'
|
||
run: |
|
||
cat <<EOF > ai_response.json
|
||
${{ steps.ai-title-analysis.outputs.response }}
|
||
EOF
|
||
|
||
# Validate JSON structure
|
||
jq -e '
|
||
(keys | sort) == ["improved_ai_title_rating", "improved_rating", "improved_title"] and
|
||
(.improved_rating | type == "number" and . >= 0 and . <= 10) and
|
||
(.improved_ai_title_rating | type == "number" and . >= 0 and . <= 10) and
|
||
(.improved_title | type == "string")
|
||
' ai_response.json
|
||
if [ $? -ne 0 ]; then
|
||
echo "Invalid AI response format" >&2
|
||
cat ai_response.json >&2
|
||
exit 1
|
||
fi
|
||
# Parse JSON fields
|
||
IMPROVED_RATING=$(jq -r '.improved_rating' ai_response.json)
|
||
IMPROVED_TITLE=$(jq -r '.improved_title' ai_response.json)
|
||
# Limit comment length to 1000 characters
|
||
COMMENT=$(cat <<EOF
|
||
## 🤖 AI PR Title Suggestion
|
||
|
||
**PR-Title Rating**: $IMPROVED_RATING/10
|
||
|
||
### ⬇️ Suggested Title (copy & paste):
|
||
|
||
\`\`\`
|
||
$IMPROVED_TITLE
|
||
\`\`\`
|
||
|
||
---
|
||
*Generated by GitHub Models AI*
|
||
EOF
|
||
)
|
||
echo "$COMMENT" > /tmp/ai-title-comment.md
|
||
# Log input and output to the GitHub Step Summary
|
||
echo "### 🤖 AI PR Title Analysis" >> $GITHUB_STEP_SUMMARY
|
||
echo "### Input PR Title" >> $GITHUB_STEP_SUMMARY
|
||
echo '```bash' >> $GITHUB_STEP_SUMMARY
|
||
echo "${{ steps.sanitize_pr_title.outputs.pr_title }}" >> $GITHUB_STEP_SUMMARY
|
||
echo '```' >> $GITHUB_STEP_SUMMARY
|
||
echo '### AI Response (raw JSON)' >> $GITHUB_STEP_SUMMARY
|
||
echo '```json' >> $GITHUB_STEP_SUMMARY
|
||
cat ai_response.json >> $GITHUB_STEP_SUMMARY
|
||
echo '```' >> $GITHUB_STEP_SUMMARY
|
||
|
||
- name: Post comment on PR if needed
|
||
if: steps.actor.outputs.is_repo_dev == 'true'
|
||
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
|
||
continue-on-error: true
|
||
with:
|
||
github-token: ${{ steps.setup-bot.outputs.token }}
|
||
script: |
|
||
const fs = require('fs');
|
||
const body = fs.readFileSync('/tmp/ai-title-comment.md', 'utf8');
|
||
const { GITHUB_REPOSITORY } = process.env;
|
||
const [owner, repo] = GITHUB_REPOSITORY.split('/');
|
||
const issue_number = context.issue.number;
|
||
|
||
const ratingMatch = body.match(/\*\*PR-Title Rating\*\*: (\d+)\/10/);
|
||
const rating = ratingMatch ? parseInt(ratingMatch[1], 10) : null;
|
||
|
||
const expectedActor = "${{ steps.setup-bot.outputs.app-slug }}[bot]";
|
||
const comments = await github.rest.issues.listComments({ owner, repo, issue_number });
|
||
|
||
const existing = comments.data.find(c =>
|
||
c.user?.login === expectedActor &&
|
||
c.body.includes("## 🤖 AI PR Title Suggestion")
|
||
);
|
||
|
||
if (rating === null) {
|
||
console.log("No rating found in AI response – skipping.");
|
||
return;
|
||
}
|
||
|
||
if (rating <= 5) {
|
||
if (existing) {
|
||
await github.rest.issues.updateComment({
|
||
owner, repo,
|
||
comment_id: existing.id,
|
||
body
|
||
});
|
||
console.log("Updated existing suggestion comment.");
|
||
} else {
|
||
await github.rest.issues.createComment({
|
||
owner, repo, issue_number,
|
||
body
|
||
});
|
||
console.log("Created new suggestion comment.");
|
||
}
|
||
} else {
|
||
const praise = `## 🤖 AI PR Title Suggestion\n\nGreat job! The current PR title is clear and well-structured.\n\n✅ No suggestions needed.\n\n---\n*Generated by GitHub Models AI*`;
|
||
|
||
if (existing) {
|
||
await github.rest.issues.updateComment({
|
||
owner, repo,
|
||
comment_id: existing.id,
|
||
body: praise
|
||
});
|
||
console.log("Replaced suggestion with praise.");
|
||
} else {
|
||
console.log("Rating > 5 and no existing comment – skipping comment.");
|
||
}
|
||
}
|
||
|
||
- name: is not repo dev
|
||
if: steps.actor.outputs.is_repo_dev != 'true'
|
||
run: |
|
||
exit 0 # Skip the AI title review for non-repo developers
|
||
|
||
- name: Clean up
|
||
if: always()
|
||
run: |
|
||
rm -f pr.diff ai_response.json /tmp/ai-title-comment.md
|
||
echo "Cleaned up temporary files."
|
||
continue-on-error: true # Ensure cleanup runs even if previous steps fail
|