From 1c9e0acb61667ec01529f1c7e277ca27b553ef82 Mon Sep 17 00:00:00 2001 From: martinRenou Date: Tue, 16 Jul 2024 12:09:42 +0200 Subject: [PATCH] Fix bot --- .../workflows/update_galata_references.yaml | 54 +++++++++++++++---- 1 file changed, 44 insertions(+), 10 deletions(-) diff --git a/.github/workflows/update_galata_references.yaml b/.github/workflows/update_galata_references.yaml index 45dc544..941a1d2 100644 --- a/.github/workflows/update_galata_references.yaml +++ b/.github/workflows/update_galata_references.yaml @@ -13,27 +13,61 @@ defaults: shell: bash -l {0} jobs: - update-reference-screenshots: - name: Update Galata References - if: ${{ github.event.issue.pull_request && contains(github.event.comment.body, 'please update snapshots') }} + update-snapshots: + if: > + ( + github.event.issue.author_association == 'OWNER' || + github.event.issue.author_association == 'COLLABORATOR' || + github.event.issue.author_association == 'MEMBER' + ) && github.event.issue.pull_request && contains(github.event.comment.body, 'please update snapshots') runs-on: ubuntu-latest steps: + - name: React to the triggering comment + run: | + gh api repos/${{ github.repository }}/issues/comments/${{ github.event.comment.id }}/reactions --raw-field 'content=+1' + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: token: ${{ secrets.GITHUB_TOKEN }} - - name: Configure git to use https - run: git config --global hub.protocol https + - name: Get PR Info + id: pr + env: + PR_NUMBER: ${{ github.event.issue.number }} + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_REPO: ${{ github.repository }} + COMMENT_AT: ${{ github.event.comment.created_at }} + run: | + pr="$(gh api /repos/${GH_REPO}/pulls/${PR_NUMBER})" + head_sha="$(echo "$pr" | jq -r .head.sha)" + pushed_at="$(echo "$pr" | jq -r .pushed_at)" - - name: Install hub - run: sudo apt-get update && sudo apt-get install -y hub + if [[ $(date -d "$pushed_at" +%s) -gt $(date -d "$COMMENT_AT" +%s) ]]; then + echo "Updating is not allowed because the PR was pushed to (at $pushed_at) after the triggering comment was issued (at $COMMENT_AT)" + exit 1 + fi + + echo "head_sha=$head_sha" >> $GITHUB_OUTPUT - name: Checkout the branch from the PR that triggered the job - run: hub pr checkout ${{ github.event.issue.number }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: gh pr checkout ${{ github.event.issue.number }} + + - name: Validate the fetched branch HEAD revision + env: + EXPECTED_SHA: ${{ steps.pr.outputs.head_sha }} + run: | + actual_sha="$(git rev-parse HEAD)" + + if [[ "$actual_sha" != "$EXPECTED_SHA" ]]; then + echo "The HEAD of the checked out branch ($actual_sha) differs from the HEAD commit available at the time when trigger comment was submitted ($EXPECTED_SHA)" + exit 1 + fi - name: Download extension package uses: dawidd6/action-download-artifact@v2 @@ -65,7 +99,7 @@ jobs: PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD: 1 run: jlpm install - - uses: jupyterlab/maintainer-tools/.github/actions/update-snapshots@main + - uses: jupyterlab/maintainer-tools/.github/actions/update-snapshots@v1 with: npm_client: jlpm github_token: ${{ secrets.GITHUB_TOKEN }}