- name: PR Info (comment)
-
- on:
- workflow_run:
- workflows: ["PR Info"]
- types:
- - completed
-
- jobs:
- comment:
- name: PR Info
- runs-on: ubuntu-20.04
- if: >
- github.event.workflow_run.event == 'pull_request' &&
- github.event.workflow_run.conclusion == 'success'
- steps:
- # from https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
- - name: 'Download artifact'
- uses: actions/github-script@v3.1.0
- with:
- script: |
- var artifacts = await github.actions.listWorkflowRunArtifacts({
- owner: context.repo.owner,
- repo: context.repo.repo,
- run_id: ${{github.event.workflow_run.id }},
- });
- var matchArtifact = artifacts.data.artifacts.filter((artifact) => {
- return artifact.name == "pr"
- })[0];
- var download = await github.actions.downloadArtifact({
- owner: context.repo.owner,
- repo: context.repo.repo,
- artifact_id: matchArtifact.id,
- archive_format: 'zip',
- });
- var fs = require('fs');
- fs.writeFileSync('${{github.workspace}}/pr.zip', Buffer.from(download.data));
- - run: unzip pr.zip
-
- - name: Set variable
- run: |
- PR_ID=$(cat ./NR)
- echo "PR_ID=$PR_ID" >> $GITHUB_ENV
-
- - name: Update GitHub comment
- uses: marocchino/sticky-pull-request-comment@3d60a5b2dae89d44e0c6ddc69dd7536aec2071cd
- with:
- path: ./comment.txt
- number: ${{ env.PR_ID }}
