Add solution for Challenge 19 #32
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: PR Tests | |
| on: | |
| pull_request: | |
| branches: | |
| - main | |
| types: | |
| - opened | |
| - synchronize | |
| - reopened | |
| jobs: | |
| validate-submission-security: | |
| outputs: | |
| validation_needed: ${{ steps.validate-dirs.outputs.validation_needed }} | |
| validation_passed: ${{ steps.validate-dirs.outputs.validation_passed }} | |
| runs-on: ubuntu-latest | |
| name: Validate Submission Security | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v3 | |
| with: | |
| ref: ${{ github.event.pull_request.head.sha }} | |
| fetch-depth: 0 | |
| - name: Get PR author username | |
| id: pr-info | |
| run: | | |
| USERNAME="${{ github.event.pull_request.user.login }}" | |
| USERNAME_LOWER=$(echo "$USERNAME" | tr '[:upper:]' '[:lower:]') | |
| echo "pr_username=$USERNAME_LOWER" >> $GITHUB_OUTPUT | |
| echo "PR submitted by: $USERNAME (normalized to: $USERNAME_LOWER)" | |
| - name: Check modified submission directories | |
| id: validate-dirs | |
| run: | | |
| USERNAME="${{ steps.pr-info.outputs.pr_username }}" | |
| echo "Checking submission directories for PR by: $USERNAME" | |
| # Get list of changed files in this PR | |
| git fetch origin main | |
| CHANGED_FILES=$(git diff --name-only origin/main...HEAD) | |
| echo "Changed files:" | |
| echo "$CHANGED_FILES" | |
| # Extract submission directories that were modified | |
| MODIFIED_SUBMISSION_DIRS=$(echo "$CHANGED_FILES" | grep -E "challenge-[0-9]+/submissions/" | cut -d'/' -f3 | sort -u || true) | |
| if [ -z "$MODIFIED_SUBMISSION_DIRS" ]; then | |
| echo "No submission directories modified in this PR" | |
| echo "validation_needed=false" >> $GITHUB_OUTPUT | |
| exit 0 | |
| fi | |
| echo "Modified submission directories:" | |
| echo "$MODIFIED_SUBMISSION_DIRS" | |
| # Validate each modified submission directory (case-insensitive comparison) | |
| INVALID_DIRS="" | |
| for DIR in $MODIFIED_SUBMISSION_DIRS; do | |
| DIR_LOWER=$(echo "$DIR" | tr '[:upper:]' '[:lower:]') | |
| USERNAME_LOWER=$(echo "$USERNAME" | tr '[:upper:]' '[:lower:]') | |
| echo "Comparing: '$DIR' (normalized: '$DIR_LOWER') vs username '$USERNAME' (normalized: '$USERNAME_LOWER')" | |
| if [ "$DIR_LOWER" != "$USERNAME_LOWER" ]; then | |
| INVALID_DIRS="$INVALID_DIRS $DIR" | |
| fi | |
| done | |
| if [ -n "$INVALID_DIRS" ]; then | |
| echo "❌ SECURITY VIOLATION: User '$USERNAME' attempted to modify submission directories for other users:$INVALID_DIRS" | |
| echo "✅ You can only modify submissions in directories named after your GitHub username: $USERNAME" | |
| echo "validation_passed=false" >> $GITHUB_OUTPUT | |
| echo "validation_needed=true" >> $GITHUB_OUTPUT | |
| exit 1 | |
| else | |
| echo "✅ Security validation passed: User '$USERNAME' only modified their own submission directory" | |
| echo "validation_passed=true" >> $GITHUB_OUTPUT | |
| echo "validation_needed=false" >> $GITHUB_OUTPUT | |
| fi | |
| test-submissions: | |
| runs-on: ubuntu-latest | |
| needs: validate-submission-security | |
| if: needs.validate-submission-security.outputs.validation_passed == 'true' | |
| strategy: | |
| matrix: | |
| challenge: | |
| - challenge-1 | |
| - challenge-2 | |
| - challenge-3 | |
| - challenge-4 | |
| - challenge-5 | |
| - challenge-6 | |
| - challenge-7 | |
| - challenge-8 | |
| - challenge-9 | |
| - challenge-10 | |
| - challenge-11 | |
| - challenge-12 | |
| - challenge-13 | |
| - challenge-14 | |
| - challenge-15 | |
| - challenge-16 | |
| - challenge-17 | |
| - challenge-18 | |
| - challenge-19 | |
| - challenge-20 | |
| - challenge-21 | |
| - challenge-22 | |
| - challenge-23 | |
| - challenge-24 | |
| - challenge-25 | |
| - challenge-26 | |
| - challenge-27 | |
| - challenge-28 | |
| - challenge-29 | |
| - challenge-30 | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v3 | |
| with: | |
| ref: ${{ github.event.pull_request.head.sha }} | |
| - name: Set up Go | |
| uses: actions/setup-go@v4 | |
| with: | |
| go-version: '1.21' | |
| - name: Run Tests for ${{ matrix.challenge }} | |
| working-directory: ${{ matrix.challenge }} | |
| run: | | |
| USERNAME="${{ github.event.pull_request.user.login }}" | |
| SUBMISSION_DIR="submissions/$USERNAME" | |
| if [ -d "$SUBMISSION_DIR" ]; then | |
| echo "Testing submission from $USERNAME" | |
| cp "$SUBMISSION_DIR"/*.go . | |
| go test -v | |
| else | |
| echo "No submission found for $USERNAME in ${{ matrix.challenge }}" | |
| fi |