From 1cb2da9bd30e75e4faa38c1492cc9b90aba86b2e Mon Sep 17 00:00:00 2001 From: Accelerator1996 Date: Mon, 2 Dec 2024 10:04:49 +0800 Subject: [PATCH] [ci] replace pull_request_target with pull_request (#833) --- .github/workflows/comment.yml | 62 ++++++++++++++++++++++++++++ .github/workflows/linux_llvm_cov.yml | 27 ++++++------ 2 files changed, 75 insertions(+), 14 deletions(-) create mode 100644 .github/workflows/comment.yml diff --git a/.github/workflows/comment.yml b/.github/workflows/comment.yml new file mode 100644 index 000000000..b886d94b8 --- /dev/null +++ b/.github/workflows/comment.yml @@ -0,0 +1,62 @@ +# +# Copyright (c) 2024 Alibaba Group Holding Limited. All Rights Reserved. +# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +# +# This code is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License version 2 only, as +# published by the Free Software Foundation. Alibaba designates this +# particular file as subject to the "Classpath" exception as provided +# by Oracle in the LICENSE file that accompanied this code. +# +# This code is distributed in the hope that it will be useful, but WITHOUT +# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +# version 2 for more details (a copy is included in the LICENSE file that +# accompanied this code). +# +# You should have received a copy of the GNU General Public License version +# 2 along with this work; if not, write to the Free Software Foundation, +# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +name: Cov Report Comment + +on: + workflow_run: + workflows: ["Ubuntu 22.04 (llvm cov)"] + types: + - completed + +jobs: + comment: + runs-on: ubuntu-22.04 + permissions: write-all + steps: + - name: 'Download artifact' + uses: actions/github-script@v6 + with: + script: | + let allArtifacts = await github.rest.actions.listWorkflowRunArtifacts({ + owner: context.repo.owner, + repo: context.repo.repo, + run_id: context.payload.workflow_run.id, + }); + let matchArtifact = allArtifacts.data.artifacts.filter((artifact) => { + return artifact.name == "action_msg" + })[0]; + let download = await github.rest.actions.downloadArtifact({ + owner: context.repo.owner, + repo: context.repo.repo, + artifact_id: matchArtifact.id, + archive_format: 'zip', + }); + let fs = require('fs'); + fs.writeFileSync(`${process.env.GITHUB_WORKSPACE}/action_msg.zip`, Buffer.from(download.data)); + - name: 'Comment' + run: | + unzip action_msg.zip + pr_id=`grep 'pr_id' action_msg | cut -d '=' -f 2` + action_id=`grep 'action_id' action_msg | cut -d '=' -f 2` + content=$(echo "for detail, [goto summary](https://github.com/${{ github.repository_owner }}/${{ github.event.repository.name }}/actions/runs/${action_id}) download Artifacts \`base-ylt-cov-report\`(base commit coverage report) and \`ylt-cov-report\`(current pull request coverage report)") + curl -L -X POST "https://api.github.com/repos/${{github.repository}}/issues/${pr_id}/comments" -H "Authorization: Bearer ${{github.token}}" -H 'Content-Type: application/json' -d "{\"body\": \"$content\"}" + shell: bash diff --git a/.github/workflows/linux_llvm_cov.yml b/.github/workflows/linux_llvm_cov.yml index e77189471..3f2c77dee 100644 --- a/.github/workflows/linux_llvm_cov.yml +++ b/.github/workflows/linux_llvm_cov.yml @@ -22,7 +22,7 @@ name: Ubuntu 22.04 (llvm cov) on: - pull_request_target: + pull_request: branches: - main - fix_coverage_show @@ -34,6 +34,7 @@ concurrency: jobs: prerequisites: runs-on: ubuntu-22.04 + permissions: write-all outputs: id: ${{ steps.get-base-commit.outputs.id }} steps: @@ -44,14 +45,21 @@ jobs: base_commit_id=$(curl -s -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" -H "Accept: application/vnd.github.v3+json" https://api.github.com/repos/${{ github.repository }}/pulls/${{ github.event.pull_request.number }} | jq -r .base.sha) echo "::set-output name=id::$base_commit_id" shell: bash + - name: 'Store Message' + run: | + mkdir -p ./msg + echo "action_id=${{github.run_id}}" >> ./msg/action_msg + echo "pr_id=${{github.event.pull_request.number}}" >> ./msg/action_msg + shell: bash + - name: 'Upload Action Message' + uses: actions/upload-artifact@v4 + with: + name: action_msg + path: msg/ base-cov-test: needs: prerequisites runs-on: ubuntu-22.04 - permissions: - contents: read - issues: write - pull-requests: write outputs: data: ${{ steps.base-cov.outputs.data }} steps: @@ -66,10 +74,6 @@ jobs: cov-test: needs: prerequisites runs-on: ubuntu-22.04 - permissions: - contents: read - issues: write - pull-requests: write outputs: data: ${{ steps.cov.outputs.data }} steps: @@ -87,11 +91,6 @@ jobs: - cov-test runs-on: ubuntu-22.04 steps: - - name: 'Create comment' - run: | - content=$(echo "for detail, [goto summary](https://github.com/${{ github.repository_owner }}/${{ github.event.repository.name }}/actions/runs/${{github.run_id}}) download Artifacts \`base-ylt-cov-report\`(base commit coverage report) and \`ylt-cov-report\`(current pull request coverage report)") - curl -L -X POST "https://api.github.com/repos/${{github.repository}}/issues/${{github.event.pull_request.number}}/comments" -H "Authorization: Bearer ${{github.token}}" -H 'Content-Type: application/json' -d "{\"body\": \"$content}\"" - shell: bash - name: 'Compare data' run: | sudo apt install -y bc