browsertrix/.github/workflows/password-check.yaml

name: Password Check

on:
  push:
    paths:
      - '*.yaml'
      - '*.yml'
  pull_request:
    paths:
      - '*.yaml'
      - '*.yml'

jobs:
  check:
    runs-on: ubuntu-latest
    steps:
      - name: checkout
        uses: actions/checkout@v3
        with:
          fetch-depth: 3

      - name: Set up Python
        uses: actions/setup-python@v4
        with:
          python-version: '3.10'

      - name: Install dependencies
        run: |
          cd backend/
          python -m pip install --upgrade pip
          pip install pyyaml          

      - name: Password Check
        run: |
          CHANGED_FILES=$(git diff --name-only HEAD^..HEAD)
          echo $CHANGED_FILES
          YML_FILES=$(echo "$CHANGED_FILES" | { grep ".yml$\|.yaml$" || true; })
          if [[ -n "$YML_FILES" ]]; then
            python3 scripts/check_passwords.py $YML_FILES
          fi