commit #3
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Fork CI | |
| # ───────────────────────────────────────────────────────────── | |
| # Runs on every push in the participant's fork (all branches). | |
| # Gives early feedback BEFORE they open a PR. | |
| # Uses the participant's own GitHub Actions minutes. | |
| # ───────────────────────────────────────────────────────────── | |
| on: | |
| push: | |
| jobs: | |
| # ── 1. Evaluate ───────────────────────────────────────────── | |
| run-tests: | |
| name: Run Evaluation | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 25 | |
| outputs: | |
| passed: ${{ steps.tests.outputs.passed }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| # Always use the base repo's evaluator — prevents participants | |
| # from substituting a trivially-passing version of evaluate.py. | |
| - name: Restore evaluate.py from main | |
| run: | | |
| git fetch origin main --depth=1 | |
| git checkout origin/main -- evaluate.py requirements.txt | |
| - name: Set up Python 3.10 | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: '3.10' | |
| cache: 'pip' | |
| cache-dependency-path: requirements.txt | |
| - name: Install dependencies | |
| run: pip install -q -r requirements.txt | |
| - name: Run evaluation | |
| id: tests | |
| run: | | |
| chmod +x tests/run_tests.sh | |
| if bash tests/run_tests.sh; then | |
| echo "passed=true" >> "$GITHUB_OUTPUT" | |
| else | |
| echo "passed=false" >> "$GITHUB_OUTPUT" | |
| exit 1 | |
| fi | |
| # ── 2. Read-only file check ───────────────────────────────── | |
| check-readonly: | |
| name: Read-Only Files | |
| runs-on: ubuntu-latest | |
| outputs: | |
| passed: ${{ steps.check.outputs.passed }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Check for read-only violations | |
| id: check | |
| run: | | |
| git fetch origin main --depth=1 | |
| VIOLATIONS="" | |
| while IFS= read -r entry; do | |
| # Strip Windows-style CR if the file has CRLF line endings | |
| entry="${entry%$'\r'}" | |
| # Skip blank lines and comments | |
| [[ -z "$entry" || "$entry" == \#* ]] && continue | |
| if ! git diff --quiet origin/main HEAD -- "$entry" 2>/dev/null; then | |
| VIOLATIONS="$VIOLATIONS\n - $entry" | |
| fi | |
| done < .readonly-files | |
| if [[ -n "$VIOLATIONS" ]]; then | |
| echo "The following protected files were modified:" | |
| printf '%b\n' "$VIOLATIONS" | |
| echo "passed=false" >> "$GITHUB_OUTPUT" | |
| exit 1 | |
| fi | |
| echo "No protected files modified." | |
| echo "passed=true" >> "$GITHUB_OUTPUT" | |
| # ── 3. Summary ────────────────────────────────────────────── | |
| summary: | |
| name: Summary | |
| runs-on: ubuntu-latest | |
| needs: [run-tests, check-readonly] | |
| if: always() | |
| steps: | |
| - name: Report | |
| run: | | |
| echo "Evaluation: ${{ needs.run-tests.outputs.passed }}" | |
| echo "Read-only: ${{ needs.check-readonly.outputs.passed }}" | |
| ALL_PASS=true | |
| [[ "${{ needs.run-tests.outputs.passed }}" != "true" ]] && ALL_PASS=false | |
| [[ "${{ needs.check-readonly.outputs.passed }}" != "true" ]] && ALL_PASS=false | |
| if [[ "$ALL_PASS" == "true" ]]; then | |
| echo "" | |
| echo "All checks passed — you may open a PR to the main repo." | |
| else | |
| echo "" | |
| echo "One or more checks failed — fix the issues before opening a PR." | |
| exit 1 | |
| fi |