From 345c860bd7e1ac6d1c9671fed82584aaa9735922 Mon Sep 17 00:00:00 2001 From: Dima Shevtsov Date: Mon, 17 Mar 2025 15:05:21 -0500 Subject: [PATCH 1/5] Add workflow_run test --- .github/workflows/testCommentPR.yml | 52 +++++++++++++++++++++++++++++ .github/workflows/testReceivePR.yml | 26 +++++++++++++++ 2 files changed, 78 insertions(+) create mode 100644 .github/workflows/testCommentPR.yml create mode 100644 .github/workflows/testReceivePR.yml diff --git a/.github/workflows/testCommentPR.yml b/.github/workflows/testCommentPR.yml new file mode 100644 index 000000000..d42c711e5 --- /dev/null +++ b/.github/workflows/testCommentPR.yml @@ -0,0 +1,52 @@ +name: Comment on the pull request + +# read-write repo token +# access to secrets +on: + workflow_run: + workflows: ["Receive PR"] + types: + - completed + +jobs: + upload: + runs-on: ubuntu-latest + if: > + github.event.workflow_run.event == 'pull_request' && + github.event.workflow_run.conclusion == 'success' + steps: + - name: 'Download artifact' + uses: actions/github-script@v3.1.0 + with: + script: | + var artifacts = await github.actions.listWorkflowRunArtifacts({ + owner: context.repo.owner, + repo: context.repo.repo, + run_id: ${{github.event.workflow_run.id }}, + }); + var matchArtifact = artifacts.data.artifacts.filter((artifact) => { + return artifact.name == "pr" + })[0]; + var download = await github.actions.downloadArtifact({ + owner: context.repo.owner, + repo: context.repo.repo, + artifact_id: matchArtifact.id, + archive_format: 'zip', + }); + var fs = require('fs'); + fs.writeFileSync('${{github.workspace}}/pr.zip', Buffer.from(download.data)); + - run: unzip pr.zip + + - name: 'Comment on PR' + uses: actions/github-script@v3 + with: + github-token: ${{ secrets.GITHUB_TOKEN }} + script: | + var fs = require('fs'); + var issue_number = Number(fs.readFileSync('./NR')); + await github.issues.createComment({ + owner: context.repo.owner, + repo: context.repo.repo, + issue_number: issue_number, + body: 'Everything is OK. Thank you for the PR!' + }); diff --git a/.github/workflows/testReceivePR.yml b/.github/workflows/testReceivePR.yml new file mode 100644 index 000000000..ee2160549 --- /dev/null +++ b/.github/workflows/testReceivePR.yml @@ -0,0 +1,26 @@ +name: Receive PR + +# read-only repo token +# no access to secrets +on: + pull_request: + +jobs: + build: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2 + + # imitation of a build process + - name: Build + run: /bin/bash ./build.sh + + - name: Save PR number + run: | + mkdir -p ./pr + echo ${{ github.event.number }} > ./pr/NR + - uses: actions/upload-artifact@v2 + with: + name: pr + path: pr/ From 12ca9fd64364c435387f18848c8b4eb45eaa7de3 Mon Sep 17 00:00:00 2001 From: Dima Shevtsov Date: Mon, 17 Mar 2025 15:09:26 -0500 Subject: [PATCH 2/5] Fix workflow dependencies --- .github/workflows/testReceivePR.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/testReceivePR.yml b/.github/workflows/testReceivePR.yml index ee2160549..ec7488e50 100644 --- a/.github/workflows/testReceivePR.yml +++ b/.github/workflows/testReceivePR.yml @@ -10,7 +10,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v4 # imitation of a build process - name: Build @@ -20,7 +20,7 @@ jobs: run: | mkdir -p ./pr echo ${{ github.event.number }} > ./pr/NR - - uses: actions/upload-artifact@v2 + - uses: actions/upload-artifact@v4 with: name: pr path: pr/ From feed37fb8d0d2986fb5206cb144569d8e4e0c433 Mon Sep 17 00:00:00 2001 From: Dima Shevtsov Date: Mon, 17 Mar 2025 15:13:00 -0500 Subject: [PATCH 3/5] Delete fake build step --- .github/workflows/testReceivePR.yml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/.github/workflows/testReceivePR.yml b/.github/workflows/testReceivePR.yml index ec7488e50..aef5e2ca2 100644 --- a/.github/workflows/testReceivePR.yml +++ b/.github/workflows/testReceivePR.yml @@ -12,10 +12,6 @@ jobs: steps: - uses: actions/checkout@v4 - # imitation of a build process - - name: Build - run: /bin/bash ./build.sh - - name: Save PR number run: | mkdir -p ./pr From 1e864e92f48b88bcc6c72cb9956bfb08ddc285a7 Mon Sep 17 00:00:00 2001 From: Dima Shevtsov Date: Mon, 17 Mar 2025 15:23:08 -0500 Subject: [PATCH 4/5] Add permissions --- .github/workflows/testCommentPR.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/testCommentPR.yml b/.github/workflows/testCommentPR.yml index d42c711e5..78a6736e1 100644 --- a/.github/workflows/testCommentPR.yml +++ b/.github/workflows/testCommentPR.yml @@ -8,6 +8,10 @@ on: types: - completed +permissions: + issues: write + pull-requests: write + jobs: upload: runs-on: ubuntu-latest From 525aef148023e7fbc8e928d4726c5babac1420b4 Mon Sep 17 00:00:00 2001 From: Dima Shevtsov Date: Mon, 17 Mar 2025 15:27:12 -0500 Subject: [PATCH 5/5] Update actions --- .github/workflows/testCommentPR.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/testCommentPR.yml b/.github/workflows/testCommentPR.yml index 78a6736e1..830216272 100644 --- a/.github/workflows/testCommentPR.yml +++ b/.github/workflows/testCommentPR.yml @@ -20,7 +20,7 @@ jobs: github.event.workflow_run.conclusion == 'success' steps: - name: 'Download artifact' - uses: actions/github-script@v3.1.0 + uses: actions/github-script@v7 with: script: | var artifacts = await github.actions.listWorkflowRunArtifacts({ @@ -42,7 +42,7 @@ jobs: - run: unzip pr.zip - name: 'Comment on PR' - uses: actions/github-script@v3 + uses: actions/github-script@v7 with: github-token: ${{ secrets.GITHUB_TOKEN }} script: |