-
Notifications
You must be signed in to change notification settings - Fork 58
265 lines (220 loc) · 8.42 KB
/
validate.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
name: Validate Board Files
on: [pull_request]
jobs:
validate-definition-files:
name: Validate JSON Schemas
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
# Schema Docs: https://ajv.js.org/json-schema.html#json-data-type
- name: Validate Board JSON
uses: lorennorman/validate-json-action@master
with:
schema: /boards/schema.json
jsons: boards/*/definition.json
- name: Validate Magic JSON
uses: lorennorman/validate-json-action@master
with:
schema: /boards/magic_schema.json
jsons: boards/*/magic.json
check-user-permissions:
name: Check Write Permission
runs-on: ubuntu-latest
outputs:
# Extract the permission for later jobs to use
has-write-permission: ${{ steps.set-permission.outputs.has-permission }}
steps:
- uses: octokit/request-action@v2.x
id: fetch-permissions
with:
route: GET /repos/${{ github.repository }}/collaborators/${{ github.actor }}/permission
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- id: set-permission
if: fromJson(steps.fetch-permissions.outputs.data).permission == 'admin' || fromJson(steps.fetch-permissions.outputs.data).permission == 'write'
run: echo "has-permission=true" >> "$GITHUB_OUTPUT"
changed-files:
name: List Changed Files
runs-on: ubuntu-latest
outputs:
# All files that were Added, Copied, Modified, or Renamed
files: ${{ steps.list-changed-files.outputs.all_changed_files }}
steps:
- uses: actions/checkout@v3
- name: List Changed Board Files
id: list-changed-files
uses: tj-actions/changed-files@v37
validate-expected-filenames:
name: Validate Filenames
runs-on: ubuntu-latest
needs:
- changed-files
- check-user-permissions
env:
FILES: ${{ needs.changed-files.outputs.files }}
CAN_WRITE_TO_REPO: ${{ needs.check-user-permissions.outputs.has-write-permission }}
steps:
- uses: actions/checkout@v3
- name: Validate Only Expected Filenames
run: |
EXIT_VALUE=0
# TODO: break these regexes up into modular chunks that check specific things for readability and composability
# external contributors can modify some files
EXTERNAL_REGEX="^boards\/.*\/(definition\.json|magic\.json|((image|images\/(boot-(drive|loader)|drag-drop|reset|usb))\.(png|jpe?g|gif|svg)))$"
# folks with write access to the repo (Adafruit team) can change more sensitive files
INTERNAL_REGEX="^(\.github\/.*|boards\/(schema.json|magic_schema.json|.*\/(definition\.json|magic\.json|((image|images\/(boot-(drive|loader)|drag-drop|reset|usb))\.(png|jpe?g|gif|svg)))))$"
# apply the appropriate regex based on permissions of the user
if [[ $CAN_WRITE_TO_REPO ]]; then
board_definition_regex=$INTERNAL_REGEX
else
board_definition_regex=$EXTERNAL_REGEX
fi
echo $FILES
for FILE in $FILES; do
if [[ $FILE =~ $board_definition_regex ]]; then
echo "✅ $FILE"
else
echo "❌ $FILE"
EXIT_VALUE=1
fi
done
exit $EXIT_VALUE
validate-image-extension-mimetype-agreement:
name: Validate Extensions Match Mimetypes
runs-on: ubuntu-latest
needs:
- changed-files
- validate-expected-filenames
env:
FILES: ${{ needs.changed-files.outputs.files }}
steps:
- uses: actions/checkout@v3
- name: Validate Image File Extension<->Mimetype Agreement
run: |
EXIT_VALUE=0
for FILE in $FILES; do
if ! [[ $FILE =~ \.(svg|jpe?g|png)$ ]]; then
continue # non-image file
fi
# extract each file's mimetype and extension
MIME=`file -b --mime-type $FILE`
EXT="${FILE##*.}"
# ad-hoc check that extension matches mimetype
if [[ "image/$EXT" == $MIME || ($EXT == "jpg" && $MIME == "image/jpeg") || ($EXT == "svg" && ($MIME == "image/svg+xml" || $MIME == "text/xml")) ]]; then
# Match!
echo "✅ $FILE"
else
# Doesn't match? Give helpful report
# split the mimetype on '/'
IFS='/'
read -a SPLIT_MIME <<< "$MIME"
IFS=' '
# take the last item
MIME_EXT=${SPLIT_MIME[-1]}
if [[ "$MIME_EXT" == "xml" ]]; then
MIME_EXT="svg"
elif [[ "$MIME_EXT" == "jpeg" ]]; then
MIME_EXT="jpg"
fi
echo "❌ $FILE: expected extension .$MIME_EXT"
EXIT_VALUE=1
fi
done
if [[ $EXIT_VALUE = 1 ]]; then
echo "Fix these ☝️ issues by renaming each ❌ file to the indicated extension."
fi
exit $EXIT_VALUE
validate-image-dimensions:
name: Validate Image Dimensions
runs-on: ubuntu-latest
needs:
- changed-files
- validate-image-extension-mimetype-agreement
env:
FILES: ${{ needs.changed-files.outputs.files }}
steps:
- uses: actions/checkout@v3
- uses: mfinelli/setup-imagemagick@v2
- name: Validate Image Dimensions
run: |
EXIT_VALUE=0
MAX_WIDTH=800
MAX_HEIGHT=2000
for FILE in $FILES; do
if ! [[ $FILE =~ \.(svg|jpe?g|png)$ ]]; then
continue # non-image file
fi
# use imagemagick for the width
WIDTH=`identify -ping -format "%w" ${FILE}[0]`
BAD_WIDTH=false
if [[ "$WIDTH" -gt "$MAX_WIDTH" ]]; then
EXIT_VALUE=1
BAD_WIDTH=true
fi
# use imagemagick for the height
HEIGHT=`identify -ping -format "%h" ${FILE}[0]`
BAD_HEIGHT=false
if [[ "$HEIGHT" -gt "$MAX_HEIGHT" ]]; then
EXIT_VALUE=1
BAD_HEIGHT=true
fi
if [[ $BAD_WIDTH = true || $BAD_HEIGHT = true ]]; then
echo "❌ $FILE (${WIDTH}x${HEIGHT})"
if [[ $BAD_WIDTH = true ]]; then
echo " ↔️ width must be 800 pixels or less"
fi
if [[ $BAD_HEIGHT = true ]]; then
echo " ↕️ height must be 2000 pixels or less"
fi
else
echo "✅ $FILE (${WIDTH}x${HEIGHT})"
fi
done
if [[ $EXIT_VALUE = 1 ]]; then
echo "Fix these ☝️ issues by resizing each ❌ image to fit within ${MAX_WIDTH}x${MAX_HEIGHT}."
fi
exit $EXIT_VALUE
validate-image-file-sizes:
name: Validate Image File Sizes
runs-on: ubuntu-latest
needs:
- changed-files
- validate-image-dimensions
env:
FILES: ${{ needs.changed-files.outputs.files }}
steps:
- uses: actions/checkout@v3
- name: Validate Image File Sizes
run: |
EXIT_VALUE=0
MAX_FILESIZE=$((400*1024)) # 400kb
MAX_ANIGIF_FILESIZE=$((1000*1024)) # 1MB
for FILE in $FILES; do
if ! [[ $FILE =~ \.(svg|jpe?g|png)$ ]]; then
continue # non-image file
fi
FILESIZE=$(stat -c%s "$FILE")
if [[ $FILE == *loader.gif ]]; then
MAX=$MAX_ANIGIF_FILESIZE
else
MAX=$MAX_FILESIZE
fi
if [[ "$FILESIZE" -gt "$MAX" ]]; then
EXIT_VALUE=1
echo "❌ $FILE ($FILESIZE)"
else
echo "✅ $FILE ($FILESIZE)"
fi
done
if [[ $EXIT_VALUE = 1 ]]; then
echo "Fix these issues ☝️ by compressing each ❌ file to be smaller than 400KB (1MB for boot-loader.gif animations). You can try:"
echo "- shrinking the image's dimensions"
echo "- using an image compressor"
echo "- exporting at lower quality settings (png or jpg)"
echo "- exporting a different image format:"
echo " - photos are best saved as jpg"
echo " - screenshots and digital images are best saved as png"
echo " - svg might be efficient for images with few colors and simple shapes"
echo " - gif should only be used when animation is needed (i.e. the boot-loader image)"
fi
exit $EXIT_VALUE