GitHub Action: Streamline scripts in .github/workflows

[palisadoes]

Is your feature request related to a problem? Please describe.

• The .github/workflows is starting to get cluttered

Describe the solution you'd like

This should require 2 PRs

PR 1

1. Create a .github/workflows/scripts directory
2. Move all the scripts in .github/workflows to this directory
3. Update all the YAML files in .github/workflows to refer to this directory

PR 2

1. The .github/workflows/pull-requests.yml file has embedded scripts to test the start of the application. They are causing the file to get bloated. There is repetition in the tests.
   1. These must be extracted and placed in the .github/workflows/scripts directory
2. Only scripts must reside in the .github/workflows/scripts directory. No YAML files
3. It may be possible to create 1 script for all 3 application start tests. They are repetitive.
   1. Example 1
      
   2. Example 2
      
   3. Example 3
      
4. Test your scripts by making the app break and pushing the breaking change to the PR . Revert when complete.

Describe alternatives you've considered

• N/A

Approach to be followed (optional)

• N/A

Additional context

• N/A

Potential internship candidates

Please read this if you are planning to apply for a Palisadoes Foundation internship

• Student Internship Programs talawa#359

[mandeepnh5]

Can i work on this?
I have pretty good idea how github workflows because I am already working on adding code rabbit check to workflow.

[Aad1tya27]

I can work on one of the PRs, if its possible to have 2 assignees.

[mandeepnh5]

@palisadoes for the PR-1
Should I keep only the last run script(name: List all changed unauthorized files) in scripts directory or (Get Changed Unauthorized files) also where all filenames written in that step.

Check Sensitive-Files:
    if: ${{ github.actor != 'dependabot[bot]' && !contains(github.event.pull_request.labels.*.name, 'ignore-sensitive-files-pr') }}
    name: Checks if sensitive files have been changed without authorization
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: actions/checkout@v4
      - name: Get Changed Unauthorized files
        id: changed-unauth-files
        uses: tj-actions/changed-files@v45
        with:
          files: |
            .env*
            .github/**
            env.example
            .node-version
            .husky/**
            scripts/**
            src/style/** 
            schema.graphql
            package.json
            package-lock.json
            tsconfig.json
            .gitignore
            .eslintrc.json
            .eslintignore
            .prettierrc
            .prettierignore
            .nojekyll
            vite.config.ts
            docker-compose.yaml
            Dockerfile
            CODEOWNERS
            LICENSE
            setup.ts
            .coderabbit.yaml
            CODE_OF_CONDUCT.md
            CODE_STYLE.md
            CONTRIBUTING.md
            DOCUMENTATION.md
            INSTALLATION.md
            ISSUE_GUIDELINES.md
            PR_GUIDELINES.md
            README.md
            *.pem
            *.key
            *.cert
            *.password
            *.secret
            *.credentials
            
      - name: List all changed unauthorized files
        if: steps.changed-unauth-files.outputs.any_changed == 'true' || steps.changed-unauth-files.outputs.any_deleted == 'true'
        env: 
          CHANGED_UNAUTH_FILES: ${{ steps.changed-unauth-files.outputs.all_changed_files }}
        run: |
          for file in ${CHANGED_UNAUTH_FILES}; do
            echo "$file is unauthorized to change/delete"
          done
          echo "To override this, apply the 'ignore-sensitive-files-pr' label"          
          exit 1

[palisadoes]

1. Don't add this to a script
2. Focus on the python scripts and the tests on whether the application can start

[mandeepnh5]

@palisadoes can you see the previous comment and tell for PR-2

[palisadoes]

Leave the sensitive files unchanged

[mandeepnh5]

Okay

[mandeepnh5]

@palisadoes It looks like somone already did one script called app_health_check.sh for solving the repetition you showed in example.
What should I do for PR-2?

[palisadoes]

1. Don't do a second PR unless you see a way to meaningfully improve the shell script already there.
2. I must have lost track of the issues

[mandeepnh5]

@palisadoes The shell script already there looks good and properly implemented, if I can change anything please let me know

[palisadoes]

Therefore this should be closed as complete.
Thanks