joshjohanning / azdo_commit_message_validator Goto Github PK
View Code? Open in Web Editor NEWGitHub Action to enforce commits are linked to Azure Boards work items, and link the work item to the pull request
License: MIT License
GitHub Action to enforce commits are linked to Azure Boards work items, and link the work item to the pull request
License: MIT License
From the job, make it easier to see what work item(s) were linked to PR
echo "Pull request linked to work item number: $WORKITEM_NUMBER"
# TODO: validate work item?
# TODO: add this as an ::info or to the job summary?
We update on failure (if there is an existing comment) - should also do this if success (so that the user knows they are good now)
If both check-commits
and check-pull-request
is false, fail the action (at least 1 should be enabled)
Can we validate the description of the pullrequest to make sure the user story is linked in the description instead of the commit message ?
Add an input for customizing the error message.
Would have to change the way we are checking to see if there is a comment there already (maybe use a tag or comment prefix)?
When I added the PR work item link checker, I added comment support.
Add to the commits as well.
We're using a hacky check right now
if [[ "$COMMIT_MESSAGE" != *"AB"\#""[0-9]""* ]] && [[ "$COMMIT_MESSAGE" != *"ab"\#""[0-9]""* ]]; then
Use grep to make this cleaner?
if ! echo "$COMMIT_MESSAGE" | grep -i -E -q "AB#[0-9]+"; then
Test to see if gh
and jq
are installed
Already have the input:
comment-on-failure:
description: "Comment on the pull request if the action fails"
required: true
default: true
Forgot to npm install
before we commit (otherwise was requiring users to add the npm install correctly ahead of time which is not ideal)
I hope you are doing well.
I was wondering if this GitHub Action supports Push
events and if the commit validator follows the conventional commits validation since in the examples the commits only have AB#
... without a colon and a commit message. ,e.g
AB#0000 feat: my new feature
In addition to seeing if there is a valid link, ie AB#xyz
, validate that it is a valid work item. This will require Azure DevOps PAT.
Added support here, test it:
Verify that both are not empty
if ${{ inputs.link-commits-to-pull-request }}; then
# make the call to main.js to do the linking
# TODO: check to see if org/pat are set
echo "Attempting to link work item ${WORKITEM} to pull request ${PULL_NUMBER}..."
REPO_TOKEN=${{ inputs.github-token }} AZURE_DEVOPS_ORG=${{ inputs.azure-devops-organization }} AZURE_DEVOPS_PAT=${{ inputs.azure-devops-token }} WORKITEMID=$WORKITEM PULLREQUESTID=${{ github.event.number }} REPO=${{ github.repository }} node $main
echo "...PR linked to work item"
fi
There is a prototype pollution security alert
Right now this is only for commits. This could make sense since commits are more restrictive to update (requires force pushing).
Use ${{ github.action_path }}
instead of hardcoded path here:
https://github.com/joshjohanning/azdo_commit_message_validator/blob/main/action.yml#L59C1-L59C79
main=$(find ../../_actions/joshjohanning/azdo_commit_message_validator -name "main.js" | grep -v "node_modules")
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.