docs: add GitHub App manifest files #33
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Repository Drift Detection | |
| on: | |
| pull_request: | |
| jobs: | |
| detect-drift: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| pull-requests: write | |
| contents: read | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: '20' | |
| - name: Make scripts executable | |
| run: chmod +x scripts/*.js | |
| - name: Run drift detection | |
| id: drift | |
| env: | |
| WORLDDRIVEN_GITHUB_TOKEN: ${{ secrets.WORLDDRIVEN_GITHUB_TOKEN || github.token }} | |
| run: | | |
| set +e | |
| node scripts/detect-drift.js > drift-report.md 2>&1 | |
| EXIT_CODE=$? | |
| echo "exit_code=$EXIT_CODE" >> $GITHUB_OUTPUT | |
| set -e | |
| continue-on-error: true | |
| - name: Preview sync actions (dry-run) | |
| id: sync | |
| env: | |
| WORLDDRIVEN_GITHUB_TOKEN: ${{ secrets.WORLDDRIVEN_GITHUB_TOKEN || github.token }} | |
| run: | | |
| set +e | |
| node scripts/sync-repositories.js > sync-preview.md 2>&1 | |
| EXIT_CODE=$? | |
| echo "exit_code=$EXIT_CODE" >> $GITHUB_OUTPUT | |
| set -e | |
| continue-on-error: true | |
| - name: Add drift report to workflow summary | |
| if: always() | |
| run: | | |
| echo "## Repository Drift Detection Results" >> $GITHUB_STEP_SUMMARY | |
| echo "" >> $GITHUB_STEP_SUMMARY | |
| cat drift-report.md >> $GITHUB_STEP_SUMMARY | |
| echo "" >> $GITHUB_STEP_SUMMARY | |
| echo "---" >> $GITHUB_STEP_SUMMARY | |
| echo "" >> $GITHUB_STEP_SUMMARY | |
| cat sync-preview.md >> $GITHUB_STEP_SUMMARY | |
| - name: Comment PR with drift report and sync preview | |
| # Skip commenting on fork PRs (no write permissions), but drift report is available in workflow summary above | |
| if: github.event.pull_request.head.repo.full_name == github.repository | |
| uses: actions/github-script@v7 | |
| with: | |
| script: | | |
| const fs = require('fs'); | |
| const driftReport = fs.readFileSync('drift-report.md', 'utf8'); | |
| const syncPreview = fs.readFileSync('sync-preview.md', 'utf8'); | |
| // Find existing comment | |
| const { data: comments } = await github.rest.issues.listComments({ | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| issue_number: context.issue.number, | |
| }); | |
| const botComment = comments.find(comment => | |
| comment.user.type === 'Bot' && | |
| comment.body.includes('Repository Drift Report') | |
| ); | |
| const commentBody = `${driftReport}\n\n---\n\n${syncPreview}\n\n---\n*🤖 This report is automatically generated on every PR that modifies REPOSITORIES.md*\n*The sync preview shows what actions will be applied when this PR is merged to main.*`; | |
| if (botComment) { | |
| // Update existing comment | |
| await github.rest.issues.updateComment({ | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| comment_id: botComment.id, | |
| body: commentBody, | |
| }); | |
| } else { | |
| // Create new comment | |
| await github.rest.issues.createComment({ | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| issue_number: context.issue.number, | |
| body: commentBody, | |
| }); | |
| } | |
| - name: Check drift detection result | |
| if: steps.drift.outputs.exit_code != '0' | |
| run: | | |
| echo "❌ Transfer blocked: worlddriven lacks admin permission on source repository" | |
| echo "Review the drift report in the workflow summary above" | |
| echo "Grant worlddriven admin access to the source repository to unblock" | |
| exit 1 |