forked from NVIDIA/garak
-
Notifications
You must be signed in to change notification settings - Fork 0
77 lines (74 loc) · 2.58 KB
/
maintain_cache.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
name: Garak maintain cache
on:
push:
branches:
- 'main'
paths-ignore:
- 'garak/resources/plugin_cache.json'
workflow_dispatch:
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0
# forcing full checkout for reflog access
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: "3.12"
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install -r requirements.txt
- name: Build a local cache
run: |
git ls-files garak/ -z | xargs -0 -I{} -- git log -1 --format="%ai {}" {} | while read -r udate utime utz ufile ; do
touch -d "$udate $utime" $ufile
done
python -m garak --list_probes
- name: Commit updated plugin cache if modified
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
FILE_TO_COMMIT: garak/resources/plugin_cache.json
DESTINATION_BRANCH: ${{ github.ref_name }}
run: |
if [ -f $HOME/.cache/garak/resources/plugin_cache.json ]; then
echo "File updated from user cache"
cp $HOME/.cache/garak/resources/plugin_cache.json $FILE_TO_COMMIT
cat $HOME/.local/share/garak/garak.log
fi
set +e
git diff --exit-code $FILE_TO_COMMIT > /dev/null
if [ $? -ne 0 ]; then
set -e
echo "Plugin cache updates exist"
if [ ${{ endsWith(github.ref_name, '/main')}} ]; then
export CONTENT=$( base64 -i $FILE_TO_COMMIT )
cat <<- EOF > write_request.py
#!python
import json
import os
request = {
"message": "automatic $FILE_TO_COMMIT update",
"content": os.environ["CONTENT"],
"encoding": "base64",
"branch": "$DESTINATION_BRANCH",
"sha": "$( git rev-parse $DESTINATION_BRANCH:$FILE_TO_COMMIT )",
}
with open("request.json", "w", encoding="utf-8") as f:
json.dump(request, f, indent=4)
EOF
chmod +x write_request.py
python write_request.py
cat request.json
gh api --method PUT /repos/:owner/:repo/contents/$FILE_TO_COMMIT --input request.json
echo "Update committed to repo"
fi
else
echo "No Plugin cache updates exit without commit"
fi