Fork: 0
johnpearcey / dub_jkp
Transfer to URL with SHA Find file
Newer
Older
dub_jkp / .github / workflows / pr_info_post.yml
@Mathias Lang Mathias Lang on 22 Jun 1 KB CI: Adapt pr_info_post to github-script v7 breaking changes
Raw Blame History 
name: PR Info (comment)

on:
  workflow_run:
    workflows: ["PR Info"]
    types:
      - completed

permissions:
  pull-requests: write

jobs:
  comment:
    name: PR Info
    runs-on: ubuntu-latest
    if: >
      github.event.workflow_run.event == 'pull_request' &&
      github.event.workflow_run.conclusion == 'success'
    steps:
    # from https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
    - name: 'Download artifact'
      uses: actions/github-script@v7
      with:
        script: |
          var artifacts = await github.rest.actions.listWorkflowRunArtifacts({
            owner: context.repo.owner,
            repo: context.repo.repo,
            run_id: ${{github.event.workflow_run.id }},
          });
          var matchArtifact = artifacts.data.artifacts.filter((artifact) => {
            return artifact.name == "pr"
          })[0];
          var download = await github.rest.actions.downloadArtifact({
            owner: context.repo.owner,
            repo: context.repo.repo,
            artifact_id: matchArtifact.id,
            archive_format: 'zip',
          });
          var fs = require('fs');
          fs.writeFileSync('${{github.workspace}}/pr.zip', Buffer.from(download.data));
    - run: unzip pr.zip

    - name: Set variable
      run: |
        PR_ID=$(cat ./NR)
        echo "PR_ID=$PR_ID" >> $GITHUB_ENV

    - name: Update GitHub comment
      uses: marocchino/sticky-pull-request-comment@v2.9.0
      with:
        path: ./comment.txt
        number: ${{ env.PR_ID }}