chore: rollout workflow #58
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: SQL Review | |
| on: | |
| pull_request: | |
| branches: | |
| - main | |
| paths: | |
| - "**.up.sql" | |
| jobs: | |
| bytebase-sql-review: | |
| runs-on: ubuntu-latest | |
| name: SQL Review | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Fetch all history for all tags and branches | |
| run: git fetch --depth=1 origin +refs/heads/*:refs/remotes/origin/* | |
| - name: Setup environment variables | |
| id: setup_env | |
| run: | | |
| echo "bytebase_api=https://bytebase-ci.zeabur.app/v1" >> $GITHUB_OUTPUT | |
| echo "[email protected]" >> $GITHUB_OUTPUT | |
| echo "database_id=instances/prod-instance/databases/example" >> $GITHUB_OUTPUT | |
| - name: Exchange token | |
| id: exchange_token | |
| run: | | |
| bytebase_token=$(curl -v ${{ steps.setup_env.outputs.bytebase_api }}/auth/login \ | |
| --data-raw '{"email":"${{ steps.setup_env.outputs.bytebase_account }}","password":"${{ secrets.BYTEBASE_PASSWORD }}","web":true}' \ | |
| --compressed 2>&1 | grep token | grep -o 'access-token=[^;]*;' | grep -o '[^;]*' | sed 's/access-token=//g; s/;//g') | |
| echo "bytebase_token=${bytebase_token}" >> $GITHUB_OUTPUT | |
| - name: Call SQL check API for every changed SQL file | |
| run: | | |
| echo "Finding changed SQL files..." | |
| # Get the list of changed files in this PR | |
| PR_NUM=$(echo ${{ github.event.number }}) | |
| FILES=$(gh pr view $PR_NUM --json files --jq '.files[].path' | grep -E '\.up.sql$') | |
| HAS_ERROR_OR_WARNING=false | |
| # Iterate over each changed SQL file and call SQL check API | |
| for FILE in $FILES; do | |
| echo "$FILE" | |
| content=$(<"$FILE") | |
| request_body=$(jq -n \ | |
| --arg statement "$content" \ | |
| --arg database "${{ steps.setup_env.outputs.database_id }}" \ | |
| '$ARGS.named') | |
| echo "::debug::Request body: ${request_body}" | |
| response=$(curl -s -w "HTTPSTATUS:%{http_code}" -X POST -o response.json ${{ steps.setup_env.outputs.bytebase_api }}/sql/check \ | |
| -H 'Content-Type: application/json' \ | |
| -H "Authorization: Bearer ${{ steps.exchange_token.outputs.bytebase_token }}" \ | |
| -d "${request_body}") | |
| http_status=$(echo "$response" | grep -oE 'HTTPSTATUS:[0-9]+' | grep -oE '[0-9]+') | |
| if [ ${http_status} != 200 ]; then | |
| echo "::error ::Failed to check SQL file ${FILE} with response code ${http_status}" | |
| exit 1 | |
| fi | |
| # Emit annotations for each advice | |
| echo "::debug::Advices: $(jq -r '.advices[]' response.json)" | |
| jq -r --arg FILE "${FILE}" '.advices[] | "::\(.status) file=\($FILE),line=\(.line),col=\(.column),title=\(.title) (\(.code))::\(.content)\nDoc: https://www.bytebase.com/docs/reference/error-code/advisor#\(.code)"' response.json | |
| # Marking failure if any ERROR or WARNING is found | |
| if jq '.advices[] | select(.status == "ERROR" or .status == "WARNING")' response.json | grep -q .; then | |
| echo "Found ERROR or WARNING. Marking for failure." | |
| HAS_ERROR_OR_WARNING=true | |
| fi | |
| done | |
| if [ "$HAS_ERROR_OR_WARNING" = true ]; then | |
| echo "Found ERROR or WARNING in SQL Review. Failing the check." | |
| exit 1 | |
| else | |
| echo "No ERROR or WARNING found in SQL Review." | |
| fi | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |