From 3724fcbbc052e6e9e3958e576eab4334ae5850a0 Mon Sep 17 00:00:00 2001
From: Chris <chris@rootiest.com>
Date: Wed, 7 Jun 2023 20:11:19 -0400
Subject: [PATCH] Workflows

---
 .../workflows/ai-security-check-for-pr.yml    | 46 +++++++++++++++++++
 .github/workflows/md_links.yml                | 15 ++++++
 .github/workflows/md_lint.yml                 | 11 +++++
 .github/workflows/openai-pr-description.yml   | 22 +++++++++
 .github/workflows/openai-pr-reviewer.yml      | 29 ++++++++++++
 5 files changed, 123 insertions(+)
 create mode 100644 .github/workflows/ai-security-check-for-pr.yml
 create mode 100644 .github/workflows/md_links.yml
 create mode 100644 .github/workflows/md_lint.yml
 create mode 100644 .github/workflows/openai-pr-description.yml
 create mode 100644 .github/workflows/openai-pr-reviewer.yml

diff --git a/.github/workflows/ai-security-check-for-pr.yml b/.github/workflows/ai-security-check-for-pr.yml
new file mode 100644
index 0000000..09f6492
--- /dev/null
+++ b/.github/workflows/ai-security-check-for-pr.yml
@@ -0,0 +1,46 @@
+name: AI Security Check for Pull Requests
+
+on:
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  ai_security_check_for_pull_requests:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Check out repository
+        uses: actions/checkout@v2
+
+      - name: Set up Node.js
+        uses: actions/setup-node@v2
+        with:
+          node-version: 16
+
+      - name: Install dependencies
+        run: npm ci
+
+      - name: Finding security and privacy code vulnerabilities
+        id: ai_security_check
+        uses: obetomuniz/ai-security-check-for-pull-requests-action@v1.0.0
+        env:
+          GH_TOKEN: ${{ secrets.GH_TOKEN }}
+          GH_REPOSITORY: ${{ github.repository }}
+          GH_EVENT_PULL_REQUEST_NUMBER: ${{ github.event.number }}
+          OPENAI_TOKEN: ${{ secrets.OCO_OPENAI_API_KEY }}
+
+      - name: Comment on pull request
+        uses: actions/github-script@v6
+        env:
+          PR_COMMENT: ${{ steps.ai_security_check.outputs.pr_comment }}
+        with:
+          github-token: ${{ secrets.GH_TOKEN }}
+          script: |
+            const prComment = process.env.PR_COMMENT || "No security or privacy issues found.";
+            const { data } = await github.rest.issues.createComment({
+              issue_number: context.issue.number,
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              body: prComment
+            });
diff --git a/.github/workflows/md_links.yml b/.github/workflows/md_links.yml
new file mode 100644
index 0000000..112f15c
--- /dev/null
+++ b/.github/workflows/md_links.yml
@@ -0,0 +1,15 @@
+
+name: Check Links
+
+on:
+    push:
+
+jobs:
+    markdown-link-check:
+        name: Check markdown files
+        runs-on: ubuntu-latest
+        steps:
+        - uses: actions/checkout@v2
+
+        - name: Markdown links check
+          uses: ruzickap/action-my-markdown-link-checker@v1.1.0
diff --git a/.github/workflows/md_lint.yml b/.github/workflows/md_lint.yml
new file mode 100644
index 0000000..8adf1ae
--- /dev/null
+++ b/.github/workflows/md_lint.yml
@@ -0,0 +1,11 @@
+name: Lint MarkDown
+
+on: [push]
+
+jobs:
+    markdownlint:
+        runs-on: ubuntu-latest
+        steps:
+            - uses: "articulate/actions-markdownlint@v1.1.0"
+              with:
+                    config: "markdownlint.json"
\ No newline at end of file
diff --git a/.github/workflows/openai-pr-description.yml b/.github/workflows/openai-pr-description.yml
new file mode 100644
index 0000000..ceb8afa
--- /dev/null
+++ b/.github/workflows/openai-pr-description.yml
@@ -0,0 +1,22 @@
+name: OpenAI PR Description Generator
+
+on:
+  pull_request:
+    types:
+      - opened
+      - synchronize
+
+permissions:
+  pull-requests: write
+  contents: read
+
+jobs:
+  pull-request:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: Ant0wan/openai-pr@0.0.1-beta
+        with:
+          api-key: ${{ secrets.OCO_OPENAI_API_KEY }}
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/openai-pr-reviewer.yml b/.github/workflows/openai-pr-reviewer.yml
new file mode 100644
index 0000000..f660f35
--- /dev/null
+++ b/.github/workflows/openai-pr-reviewer.yml
@@ -0,0 +1,29 @@
+name: Code Review
+
+permissions:
+  contents: read
+  pull-requests: write
+
+on:
+  pull_request:
+  pull_request_review_comment:
+    types: [created]
+
+concurrency:
+  group: ${{ github.repository }}-${{ github.event.number || github.head_ref ||
+    github.sha }}-${{ github.workflow }}-${{ github.event_name ==
+    'pull_request_review_comment' && 'pr_comment' || 'pr' }}
+  cancel-in-progress: ${{ github.event_name != 'pull_request_review_comment' }}
+
+jobs:
+  review:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: fluxninja/openai-pr-reviewer@latest
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          OPENAI_API_KEY: ${{ secrets.OCO_OPENAI_API_KEY }}
+        with:
+          debug: false
+          review_simple_changes: false
+          review_comment_lgtm: false