Fix extraction of PR number

Now the PR number is written by `quality-monitor-build.yml` and attached
as an artifact.
This artifact is then read by `quality-monitor-comment-pr.yml`.
So the PR number is always available and the delta computation works.

Author: uhafner

.github/scripts/fetch-artifacts.sh

@@ -9,7 +9,7 @@ set -euo pipefail
 # ARTIFACT_NAMES: comma-separated list of artifact names (in the same order as WORKFLOWS)
 # Optional:
 # RETRIES: number of polling attempts per workflow (default: 30)
-# SLEEP_SEC: seconds to wait between attempts (default: 10)
+# SLEEP_SEC: seconds to wait between attempts (default: 30)
 # ALLOWED_EVENTS: comma-separated list of workflow run events to consider (default: pull_request,pull_request_target)
 
 IFS=',' read -r -a WORKFLOWS_ARR <<< "${OTHER_WORKFLOWS}"
@@ -19,7 +19,7 @@ SHA="${HEAD_SHA}"
 TOKEN="${TOKEN}"
 API_BASE="https://api.github.com/repos/${REPO}"
 RETRIES=${RETRIES:-30}
-SLEEP_SEC=${SLEEP_SEC:-10}
+SLEEP_SEC=${SLEEP_SEC:-30}
 ALLOWED_EVENTS=${ALLOWED_EVENTS:-pull_request,pull_request_target}
 
 mkdir -p artifacts

.github/workflows/quality-monitor-build.yml

@@ -44,11 +44,14 @@ jobs:
              exit 1;
           fi
           mv -fv maven.log target/maven.log
+      - name: Write PR number
+        run: echo '${{ github.event.pull_request.number }}' > pr-number.txt
       - name: Upload Quality Reports
         uses: actions/upload-artifact@v7
         with:
           name: quality-reports
           path: |
+            pr-number.txt
             **/target/**/*.json
             **/target/**/*.xml
             **/target/**/*.log

.github/workflows/quality-monitor-comment-pr.yml

@@ -13,32 +13,13 @@ permissions:
 
 jobs:
   comment:
-    if: ${{ github.event.workflow_run.event == 'pull_request' }}
+    if: ${{ github.event.workflow_run.event == 'pull_request' && github.event.workflow_run.conclusion == 'success' }}
     runs-on: ubuntu-latest
     name: Comment on PR
 
     steps:
-      - name: Extract PR number and SHA
-        id: pr
-        run: |
-          pr_number='${{ github.event.workflow_run.pull_requests[0].number }}'
-          echo "number=$pr_number" >> "$GITHUB_OUTPUT"
-          sha='${{ github.event.workflow_run.head_sha }}'
-          echo "sha=$sha" >> "$GITHUB_OUTPUT"
       - name: Checkout PR
         uses: actions/checkout@v6
-        with:
-          ref: ${{ steps.pr.outputs.sha }}
-      - name: Install jq and unzip
-        run: sudo apt-get update && sudo apt-get install -y jq unzip
-      - name: Prepare environment
-        env:
-          HEAD_SHA: ${{ github.event.workflow_run.head_sha }}
-          REPO: ${{ github.repository }}
-          TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: |
-          echo "HEAD_SHA=$HEAD_SHA"
-          echo "REPO=$REPO"
       - name: Fetch reports from dependency check and quality monitor workflows
         env:
           REPO: ${{ github.repository }}
@@ -56,6 +37,27 @@ jobs:
           mkdir -p reports/target
           mv artifacts/*/target/* reports/target
           ls -la reports/target/* || true
+          mv artifacts/*/pr-number.txt reports/
+      - name: Extract PR number and SHA
+        id: pr
+        run: |
+          pr_number="$(cat reports/pr-number.txt | tr -d '\r\n' | xargs)"
+          if [ -z "$pr_number" ] || [ "$pr_number" = "null" ]; then
+            echo "No PR associated with this workflow run" >&2
+            exit 1
+          fi
+          echo "PR number from reports/pr-number.txt: $pr_number"
+          echo "number=$pr_number" >> "$GITHUB_OUTPUT"
+      - name: Install jq and unzip
+        run: sudo apt-get update && sudo apt-get install -y jq unzip
+      - name: Prepare environment
+        env:
+          HEAD_SHA: ${{ github.event.workflow_run.head_sha }}
+          REPO: ${{ github.repository }}
+          TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          echo "HEAD_SHA=$HEAD_SHA"
+          echo "REPO=$REPO"
       - name: Read Quality Monitor Configuration
         id: quality-monitor
         run: echo "json=$(jq -c . .github/quality-monitor-pr.json)" >> "$GITHUB_OUTPUT"
@@ -65,7 +67,7 @@ jobs:
       - name: Run Quality Monitor and Comment on PR
         uses: uhafner/quality-monitor@v4
         with:
-          sha: ${{ steps.pr.outputs.sha }}
+          sha: ${{ github.event.workflow_run.head_sha }}
           config: ${{ steps.quality-monitor.outputs.json }}
           quality-gates: ${{ steps.quality-gates.outputs.json }}
           pr-number: ${{ steps.pr.outputs.number }}