forked from OWASP/wstg
-
Notifications
You must be signed in to change notification settings - Fork 2
127 lines (113 loc) · 4.96 KB
/
comment.yml
File metadata and controls
127 lines (113 loc) · 4.96 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
name: Comment
on:
workflow_run:
workflows: ['Markdown Link Check', 'Markdown Lint Check', 'Markdown Terminology Lint Check']
types:
- completed
jobs:
comment:
permissions:
contents: read
pull-requests: write
runs-on: ubuntu-latest
steps:
- name: Download Artifact
id: download-artifact
continue-on-error: true
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
name: artifact
github-token: ${{ secrets.GITHUB_TOKEN }}
run-id: ${{ github.event.workflow_run.id }}
- name: Manage PR Comments
if: steps.download-artifact.outcome == 'success'
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
script: |
const fs = require('fs');
// Read PR number and validate
let issue_number;
try {
issue_number = Number(fs.readFileSync('./pr_number', 'utf8').trim());
} catch (error) {
console.log('Could not read PR number, skipping comment management');
return;
}
// Validate PR number
if (!issue_number || issue_number < 1 || !Number.isInteger(issue_number)) {
console.log(`Invalid PR number: ${issue_number}`);
return;
}
// Determine workflow identifier based on the triggering workflow
const workflowName = context.payload.workflow_run.name;
const workflowIdentifier = `<!-- workflow-comment: ${workflowName} -->`;
// Minimize previous comments from this workflow
try {
// Get all comments on the PR (paginate to handle more than one page)
const comments = await github.paginate(
github.rest.issues.listComments,
{
owner: context.repo.owner,
repo: context.repo.repo,
issue_number: issue_number,
per_page: 100,
}
);
// Find comments from this workflow authored by the GitHub Actions bot
const workflowComments = comments.filter(comment =>
comment.body &&
comment.body.includes(workflowIdentifier) &&
comment.user &&
comment.user.login === 'github-actions[bot]'
);
// Minimize each previous comment with appropriate classifier
const classifier = context.payload.workflow_run.conclusion === 'success' ? 'RESOLVED' : 'OUTDATED';
for (const comment of workflowComments) {
try {
// Use GraphQL API to minimize comment with parameterized query
await github.graphql(
`mutation($commentId: ID!, $classifier: ReportedContentClassifiers!) {
minimizeComment(input: {subjectId: $commentId, classifier: $classifier}) {
minimizedComment {
isMinimized
}
}
}`,
{
commentId: comment.node_id,
classifier: classifier
}
);
console.log(`Minimized comment ${comment.id} as ${classifier}`);
} catch (error) {
console.log(`Failed to minimize comment ${comment.id}: ${error.message}`);
}
}
} catch (error) {
console.log(`Error managing previous comments: ${error.message}`);
}
// Post new comment only on failure
if (context.payload.workflow_run.conclusion === 'failure') {
try {
// Check if artifact.txt exists before reading
if (!fs.existsSync('./artifact.txt')) {
console.log('artifact.txt not found, skipping comment post');
return;
}
const artifactString = fs.readFileSync('./artifact.txt', 'utf8').trimEnd();
const commentBody = `${workflowIdentifier}\n${artifactString}`;
await github.rest.issues.createComment({
owner: context.repo.owner,
repo: context.repo.repo,
issue_number: issue_number,
body: commentBody
});
console.log('Posted new comment with issues found');
} catch (error) {
console.log(`Failed to post comment: ${error.message}`);
throw error;
}
} else {
console.log('Workflow succeeded, no new comment needed');
}