mealie/.github/workflows/auto-merge-l10n.yml

name: Auto-merge l10n PRs

on:
  pull_request:
    types: [opened, synchronize, labeled]

permissions:
  contents: write
  pull-requests: write

jobs:
  auto-merge:
    runs-on: ubuntu-latest
    if: contains(github.event.pull_request.labels.*.name, 'l10n')

    steps:
      - name: Generate GitHub App Token
        id: app-token
        uses: actions/create-github-app-token@v1
        with:
          app-id: ${{ secrets.COMMIT_BOT_APP_ID }}
          private-key: ${{ secrets.COMMIT_BOT_APP_PRIVATE_KEY }}

      - name: Validate PR author
        env:
          AUTHOR: ${{ github.event.pull_request.user.login }}
        run: |
          if [[ "$AUTHOR" != "hay-kot" && "$AUTHOR" != "github-actions[bot]" ]]; then
            echo "::error::PR author must be hay-kot or github-actions[bot] for auto-merge (got: $AUTHOR)"
            exit 1
          fi
          echo "Author validated: $AUTHOR"

      - name: Validate PR size
        env:
          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          PR_NUMBER: ${{ github.event.pull_request.number }}
          REPO: ${{ github.repository }}
        run: |
          ADDITIONS=$(gh pr view "$PR_NUMBER" --repo "$REPO" --json additions --jq '.additions')
          DELETIONS=$(gh pr view "$PR_NUMBER" --repo "$REPO" --json deletions --jq '.deletions')
          TOTAL=$((ADDITIONS + DELETIONS))

          echo "PR changes: +$ADDITIONS -$DELETIONS (total: $TOTAL lines)"

          if [ "$TOTAL" -gt 200 ]; then
            echo "::error::PR exceeds 200 line change limit ($TOTAL lines)"
            exit 1
          fi

      - name: Validate file paths
        env:
          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          PR_NUMBER: ${{ github.event.pull_request.number }}
          REPO: ${{ github.repository }}
        run: |
          FILES=$(gh pr view "$PR_NUMBER" --repo "$REPO" --json files --jq '.files[].path')

          for file in $FILES; do
            if [[ ! "$file" =~ ^frontend/lang/ ]] && [[ ! "$file" =~ ^mealie/repos/seed/resources/[^/]+/locales/ ]]; then
              echo "::error::Invalid file path: $file"
              echo "Only files in frontend/lang/ or mealie/repos/seed/resources/*/locales/ are allowed"
              exit 1
            fi
          done

          echo "All files are in allowed paths"

      - name: Approve PR
        env:
          GH_TOKEN: ${{ steps.app-token.outputs.token }}
          PR_NUMBER: ${{ github.event.pull_request.number }}
          REPO: ${{ github.repository }}
        run: |
          gh pr review "$PR_NUMBER" \
            --repo "$REPO" \
            --approve \
            --body "Auto-approved: l10n PR from trusted author with valid file paths"

      - name: Enable auto-merge
        env:
          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          PR_NUMBER: ${{ github.event.pull_request.number }}
          REPO: ${{ github.repository }}
        run: |
          gh pr merge "$PR_NUMBER" \
            --repo "$REPO" \
            --auto \
            --squash