From 7820c7a3633cd32e1e80bbd992ced0aaaf6fa65b Mon Sep 17 00:00:00 2001 From: rdb Date: Tue, 14 Feb 2023 11:23:01 +0100 Subject: [PATCH] workflow: Attempt to fix clang-tidy reviews of PRs from forks [skip ci] --- .github/workflows/lint.yml | 15 +++++--- .github/workflows/review.yml | 75 ++++++++++++++++++++++++++++++++++++ 2 files changed, 84 insertions(+), 6 deletions(-) create mode 100644 .github/workflows/review.yml diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 1eef3b1d7b..c612c782f3 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -27,10 +27,13 @@ jobs: - name: Analyze run: | git diff -U0 HEAD^ | clang-tidy-diff -p1 -path build -export-fixes clang-tidy-result/fixes.yml - - name: Post review - uses: platisd/clang-tidy-pr-comments@master + - name: Save PR metadata + run: | + echo ${{ github.event.number }} > clang-tidy-result/pr-id.txt + echo ${{ github.event.pull_request.head.repo.full_name }} > clang-tidy-result/pr-head-repo.txt + echo ${{ github.event.pull_request.head.ref }} > clang-tidy-result/pr-head-ref.txt + - name: Upload results + uses: actions/upload-artifact@v2 with: - github_token: ${{ github.token }} - clang_tidy_fixes: clang-tidy-result/fixes.yml - request_changes: true - suggestions_per_comment: 10 + name: clang-tidy-result + path: clang-tidy-result/ diff --git a/.github/workflows/review.yml b/.github/workflows/review.yml new file mode 100644 index 0000000000..a477f443c3 --- /dev/null +++ b/.github/workflows/review.yml @@ -0,0 +1,75 @@ +name: Post PR Review + +on: + workflow_run: + workflows: ["Lint"] + types: [completed] + +jobs: + clang-tidy-results: + # Trigger the job only if the previous (insecure) workflow completed successfully + if: ${{ github.event.workflow_run.event == 'pull_request' && github.event.workflow_run.conclusion == 'success' }} + runs-on: ubuntu-20.04 + steps: + - name: Download analysis results + uses: actions/github-script@v3.1.0 + with: + script: | + let artifacts = await github.actions.listWorkflowRunArtifacts({ + owner: context.repo.owner, + repo: context.repo.repo, + run_id: ${{ github.event.workflow_run.id }}, + }); + let matchArtifact = artifacts.data.artifacts.filter((artifact) => { + return artifact.name == "clang-tidy-result" + })[0]; + let download = await github.actions.downloadArtifact({ + owner: context.repo.owner, + repo: context.repo.repo, + artifact_id: matchArtifact.id, + archive_format: "zip", + }); + let fs = require("fs"); + fs.writeFileSync("${{github.workspace}}/clang-tidy-result.zip", Buffer.from(download.data)); + - name: Set environment variables + run: | + mkdir clang-tidy-result + unzip clang-tidy-result.zip -d clang-tidy-result + echo "pr_id=$(cat clang-tidy-result/pr-id.txt)" >> $GITHUB_ENV + echo "pr_head_repo=$(cat clang-tidy-result/pr-head-repo.txt)" >> $GITHUB_ENV + echo "pr_head_ref=$(cat clang-tidy-result/pr-head-ref.txt)" >> $GITHUB_ENV + - uses: actions/checkout@v2 + with: + repository: ${{ env.pr_head_repo }} + ref: ${{ env.pr_head_ref }} + persist-credentials: false + - name: Redownload analysis results + uses: actions/github-script@v3.1.0 + with: + script: | + let artifacts = await github.actions.listWorkflowRunArtifacts({ + owner: context.repo.owner, + repo: context.repo.repo, + run_id: ${{github.event.workflow_run.id}}, + }); + let matchArtifact = artifacts.data.artifacts.filter((artifact) => { + return artifact.name == "clang-tidy-result" + })[0]; + let download = await github.actions.downloadArtifact({ + owner: context.repo.owner, + repo: context.repo.repo, + artifact_id: matchArtifact.id, + archive_format: "zip", + }); + let fs = require("fs"); + fs.writeFileSync("${{github.workspace}}/clang-tidy-result.zip", Buffer.from(download.data)); + - name: Extract analysis results + run: | + mkdir clang-tidy-result + unzip clang-tidy-result.zip -d clang-tidy-result + - name: Run clang-tidy-pr-comments action + uses: platisd/clang-tidy-pr-comments@master + with: + github_token: ${{ github.token }} + clang_tidy_fixes: clang-tidy-result/fixes.yml + pull_request_id: ${{ env.pr_id }}