Conversation
There was a problem hiding this comment.
Pull request overview
Updates the CI translation download mechanism to use Lokalise’s async export via a GitHub Action (to avoid 413 errors) and wires translation download into the PR workflow.
Changes:
- Replace custom curl-based Lokalise download with
lokalise/lokalise-pull-actionusingasync_mode - Add “Download Translations” step to the PR workflow (
yamllintjob) - Add temporary debug output to print generated locale config and a downloaded translation file
Reviewed changes
Copilot reviewed 1 out of 1 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
| .github/workflows/pr.yml | Adds translation download step (with secrets) to PR CI before yamllint |
| .github/actions/download-translations/action.yml | Switches translation download implementation to Lokalise pull action with async export params |
Comments suppressed due to low confidence (1)
.github/actions/download-translations/action.yml:51
- These
catdebug prints (generated locales_config + full French strings file) will bloat workflow logs and can easily exceed log limits as translations grow. Please remove them (or gate behind an explicit debug flag) once the download path is validated.
echo "Complete"
|
This may work but looking at the suggested use cases in the action README it should be used to sync translations to the repository, and the action also has a lot of functionality to automatically create pull requests etc. We may end up with issues in the future, what do you think? Edit: also shown by the log for the action test run 'no changes detected'. |
| { | ||
| "original_filenames": false, | ||
| "bundle_structure": "common/src/main/res/values-%LANG_ISO%/strings.%FORMAT%", | ||
| "add_newline_eof": true, | ||
| "replace_breaks": true, | ||
| "export_empty_as": "skip" | ||
| } |
There was a problem hiding this comment.
This can be yaml which I think should be preferred when using a 'native' action instead of mixing in JSON?
There was a problem hiding this comment.
I'll do it tomorrow or feel free to push on my branch if you want to merge it.
jpelgrom
changed the title
I saw it too but to do the comparaison they need to download so I think we should be fine and it is a simple wrapper around the API. In the worse case we would fallback to the CLI. |
I'd like to avoid the possibility of it (accidentally) doing more in the future with an update though 🤔 We can specify |
What about pulling the translation and make some assertions like is the french translations present? We could maybe do it on every commit or make it something we can start manually so when a new version is released we can trigger it before reaching main. |
|
If we start doing so much work to verify it might be easier to just use the CLI already... ... but your solution would work to make sure that it continues downloading the files and not discard them immediately 👍. My point is still stands to avoid it doing Git(Hub) operations that reach GitHub. |
The CLI is annoying me a bit because we would need to make something custom for renovate to catch up the version of the CLI that we get with curl or we would use 'main' and I don't like not having a reproductible build. I'll try your idea about the token it's a good one. When do you think it should run? |
I'm presuming the question doesn't relate to the previous sentence because otherwise it's very confusing. Your suggested 'translation file exists' check: workflow scoped to when the download-translations file (action) changes, which happens on updates of Lokalise GitHub action but prevents it from running in other scenarios. |
Indeed sorry for the confusion. Not sure I can do that, is it an issue to do it on the PR workflow? |
You can do it on PR with the On every PR run could also work, I was just trying to be mindful of Lokalise API usage. |
TimoPtr
force-pushed
the
feature/use_localize_action
branch
from
638f406 to
5ef30cb
Compare
|
@jpelgrom once this is merged if they break something in the action we should be able to see it. |
| validate_localize_setup: | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | ||
| with: | ||
| fetch-depth: 0 | ||
| persist-credentials: false | ||
|
|
||
| - name: Check for Lokalize setup changes | ||
| id: changes | ||
| shell: bash | ||
| run: | | ||
| if git diff --name-only "${{ github.event.pull_request.base.sha }}..HEAD" -- '.github/actions/download-translations/' | grep -q .; then | ||
| echo "Lokalize setup changes detected" | ||
| echo "skip=false" >> "$GITHUB_OUTPUT" |
There was a problem hiding this comment.
validate_localize_setup runs on workflow_dispatch as well as pull_request, but it unconditionally references github.event.pull_request.base.sha. For workflow_dispatch this field is missing and the git diff step will fail. Consider guarding the job/step with if: github.event_name == 'pull_request', or using a fallback base ref/sha for manual runs (e.g., diff against origin/main).
| uses: lokalise/lokalise-pull-action@a4968e06b7f44c32317b162d825ed17abb5772d0 # v5.0.1 | ||
| with: | ||
| api_token: ${{ inputs.lokalise-token }} | ||
| project_id: ${{ inputs.lokalise-project }} | ||
| custom_github_token: "FAKE_GH_TOKEN" | ||
| file_format: xml | ||
| async_mode: true | ||
| skip_include_tags: true | ||
| skip_original_filenames: true |
There was a problem hiding this comment.
The composite action hardcodes custom_github_token: "FAKE_GH_TOKEN". This action is also used by other workflows (e.g., release/on-push builds), so hardcoding an invalid token can break those pipelines if the Lokalise action ever requires a GitHub token (or already does). Suggest making the GitHub token an input (defaulting to ${{ github.token }} or empty), and only pass the fake token from the PR validation job if you want that specific safeguard there.
There was a problem hiding this comment.
It's made on purpose since we don't want Lokalise to push anything by mistake.
| - uses: ./.github/actions/download-translations | ||
| if: steps.changes.outputs.skip != 'true' | ||
| name: Download Translations | ||
| with: | ||
| lokalise-project: ${{ secrets.LOKALISE_PROJECT }} | ||
| lokalise-token: ${{ secrets.LOKALISE_TOKEN }} | ||
|
|
There was a problem hiding this comment.
Download Translations in this PR workflow uses repository secrets (LOKALISE_PROJECT/LOKALISE_TOKEN). On pull requests from forks, these secrets are not provided, so any PR that changes .github/actions/download-translations/ will cause this job to fail even if the changes are correct. Consider adding an additional guard (e.g., only run when github.event.pull_request.head.repo.full_name == github.repository or when the secrets are non-empty) and document how maintainers should validate forked PRs.
There was a problem hiding this comment.
It's fine that it fails on forks it's on purpose too, only Renovate that runs within this repository is going to trigger this workflow.
Co-authored-by: Joris Pelgröm <jpelgrom@users.noreply.github.com>
|
|
||
| echo "Download Ready: $ZIP" | ||
|
|
||
| curl "$ZIP" --output strings.zip |
There was a problem hiding this comment.
I removed this line while going over the script this should be brought back.
Summary
Since today we are facing a 413 error on Lokalize and the recommend way to download big projects is to use the Async way. Fortunately they have a Github Action that can do that for us.
I've made a dumb commit to show that the French translations were properly downloaded in the right place.
A new job has been added to the PR workflow that run only if the
.github/actions/download-translationshas a change. We use a fake Github token to make sure that if one day the behavior of the action changes we catch it when Renovate opens a PR. This job will start and stop if no modification are made so that we can have a Github checks on the PR.Checklist
Any other notes
Zizmor is not reporting any issue