[Internal] Always write message for manual test integration #15
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: PR Comment | |
| # WARNING: | |
| # THIS WORKFLOW ALWAYS RUNS FOR EXTERNAL CONTRIBUTORS WITHOUT ANY APPROVAL. | |
| # THIS WORKFLOW RUNS FROM MAIN BRANCH, NOT FROM THE PR BRANCH. | |
| # DO NOT PULL THE PR OR EXECUTE ANY CODE FROM THE PR. | |
| on: | |
| pull_request_target: | |
| types: [opened, reopened, synchronize] | |
| branches: | |
| - main | |
| pull_request: | |
| types: [opened, synchronize] | |
| jobs: | |
| comment-on-pr: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| pull-requests: write | |
| steps: | |
| - uses: actions/checkout@v4 | |
| # We cannot check if the user has access to secrets from this workflow. | |
| # However, if they user has access to secrets, the integration-tests.yml workflow will | |
| # write a message. Wait and check if the message is present. | |
| # This can fail if the worker pool is out of capacity and the integration-tests.yml workflow | |
| # runs after this workflow. | |
| - name: Wait for 30 seconds | |
| run: sleep 30 | |
| shell: bash | |
| - name: Check for integration tests comment | |
| id: check-secrets-access | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| PR_NUMBER: ${{ github.event.pull_request.number }} | |
| run: | | |
| comment_found=$(gh pr view $PR_NUMBER --json comments \ | |
| --jq '.comments[].body | select(startswith("<!-- INTEGRATION_TESTS -->"))' \ | |
| --repo ${{ github.repository }}) | |
| if [ -n "$comment_found" ]; then | |
| echo "has_secrets_access=true" >> $GITHUB_OUTPUT | |
| else | |
| echo "has_secrets_access=false" >> $GITHUB_OUTPUT | |
| fi | |
| # If not found, write a comment for manual execution | |
| - name: Delete old comments | |
| if: steps.check-secrets-access.outputs.has_secrets_access != 'true' | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| # Delete previous comment if it exists | |
| previous_comment_ids=$(gh api "repos/${{ github.repository }}/issues/${{ github.event.pull_request.number }}/comments" \ | |
| --jq '.[] | select(.body | startswith("<!-- INTEGRATION_TESTS_MANUAL -->")) | .id') | |
| echo "Previous comment IDs: $previous_comment_ids" | |
| # Iterate over each comment ID and delete the comment | |
| if [ ! -z "$previous_comment_ids" ]; then | |
| echo "$previous_comment_ids" | while read -r comment_id; do | |
| echo "Deleting comment with ID: $comment_id" | |
| gh api "repos/${{ github.repository }}/issues/comments/$comment_id" -X DELETE | |
| done | |
| fi | |
| - name: Comment on PR | |
| if: steps.check-secrets-access.outputs.has_secrets_access != 'true' | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| COMMIT_SHA: ${{ github.event.pull_request.head.sha }} | |
| run: | | |
| gh pr comment ${{ github.event.pull_request.number }} --body \ | |
| "<!-- INTEGRATION_TESTS_MANUAL --> | |
| Run integration tests manually: | |
| [go/deco-tests-run/sdk-java](https://go/deco-tests-run/sdk-java) | |
| Inputs: | |
| * PR number: ${{github.event.pull_request.number}} | |
| * Commit SHA: \`${{ env.COMMIT_SHA }}\` | |
| Checks will be approved automatically on success. | |
| " |