From 5f8d425200c95083b81d01912994225d9a3b14b3 Mon Sep 17 00:00:00 2001 From: Jerome Prinet Date: Mon, 18 Sep 2023 15:51:56 +0200 Subject: [PATCH] Comment pull-request with Build Scan links in Publish action --- .../workflows/test-maven-build-scan-save.yml | 17 +-- ...rify.yml => test-terms-of-service-run.yml} | 8 +- README.md | 102 ++++++++---------- maven/build-scan/load-metadata/action.yml | 32 ------ maven/build-scan/publish/action.yml | 102 ++++++++++++++++-- maven/build-scan/save/action.yml | 21 +--- .../run}/action.yml | 28 ++--- .../verify/action.yml | 18 ++-- 8 files changed, 171 insertions(+), 157 deletions(-) rename .github/workflows/{test-terms-of-service-verify.yml => test-terms-of-service-run.yml} (61%) delete mode 100644 maven/build-scan/load-metadata/action.yml rename {terms-of-service/verify => terms-of-service-acceptance/run}/action.yml (65%) rename {pull-request-check => terms-of-service-acceptance}/verify/action.yml (61%) diff --git a/.github/workflows/test-maven-build-scan-save.yml b/.github/workflows/test-maven-build-scan-save.yml index a2fcc5a5..21d52eb8 100644 --- a/.github/workflows/test-maven-build-scan-save.yml +++ b/.github/workflows/test-maven-build-scan-save.yml @@ -34,15 +34,14 @@ jobs: - name: Save Maven Build Scan 2 uses: ./maven/build-scan/save - check-saved-build-scans: + verify-saved-build-scans: name: Verify Saved Build Scans needs: create-and-save-build-scans runs-on: ubuntu-latest env: DATA_ARTIFACT_NAME: 'maven-build-scan-data' - METADATA_ARTIFACT_NAME: 'maven-build-scan-metadata' steps: - - name: Download data workflow artifact + - name: Download Workflow Artifacts uses: actions/download-artifact@v3 with: name: ${{ env.DATA_ARTIFACT_NAME }} @@ -54,15 +53,3 @@ jobs: echo "Found $scanCount scans (2 expected)" exit 1 fi - - name: Download metadata workflow artifact - uses: actions/download-artifact@v3 - with: - name: ${{ env.METADATA_ARTIFACT_NAME }} - path: ${{ env.METADATA_ARTIFACT_NAME }} - - name: Verify metadata files count - run: | - metadataFilesCount=$(find ${{ env.METADATA_ARTIFACT_NAME }} -type f -name '*-ge-extension-versions.txt' | wc -l) - if [ "$metadataFilesCount" != "2" ]; then - echo "Found $metadataFilesCount metadata files (2 expected)" - exit 1 - fi diff --git a/.github/workflows/test-terms-of-service-verify.yml b/.github/workflows/test-terms-of-service-run.yml similarity index 61% rename from .github/workflows/test-terms-of-service-verify.yml rename to .github/workflows/test-terms-of-service-run.yml index 4a6eda03..2cfdbdf8 100644 --- a/.github/workflows/test-terms-of-service-verify.yml +++ b/.github/workflows/test-terms-of-service-run.yml @@ -1,10 +1,10 @@ -name: TEST - Gradle - Terms of Service approval verification +name: TEST - Run Terms of Service acceptance verification on: pull_request: jobs: - check-terms-of-service-approval: + run-terms-of-service-acceptance: runs-on: ubuntu-latest permissions: contents: write @@ -14,8 +14,8 @@ jobs: steps: - name: Checkout uses: actions/checkout@v4 - - name: Gradle - Terms of Service approval verification - uses: ./terms-of-service/verify + - name: Run Terms of Service acceptance + uses: ./terms-of-service-acceptance/run with: tos-location: 'https://foo.bar/tos.html' white-list: '*' diff --git a/README.md b/README.md index 975a8677..120b7dae 100644 --- a/README.md +++ b/README.md @@ -2,12 +2,12 @@ A collection of composite Github Actions -## terms-of-service/verify +## terms-of-service-acceptance/run -A composite action to verify that Gradle Terms of Service have been approved. +A composite action to verify that Gradle Terms of Service have been accepted. The action succeeds if the pull-request contributors are recorded in the signature file, fails otherwise. -Contributors can approve the Terms of Service by commenting the pull-request, explore the [cla-assistant-lite documentation](https://github.com/marketplace/actions/cla-assistant-lite) for more details. +Contributors can accept the Terms of Service by commenting the pull-request, explore the [cla-assistant-lite documentation](https://github.com/marketplace/actions/cla-assistant-lite) for more details. **Dependencies**: @@ -18,23 +18,29 @@ Contributors can approve the Terms of Service by commenting the pull-request, ex - `pull_request_target` - `issue-comment` +**Permissions**: +- `contents: write`: to create/edit the signature file +- `issue-comment: write`: to comment the pull-request +- `actions: write`: to update the pull-request status check +- `statuses: write`: to update the pull-request status check + **Action inputs**: -| Name | Description | Default | -|----------------------------------------|-------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| `tos-location` | Terms Of Service location (URL) | | -| `signature-branch` | *Optional*: Git branch where the signature file will be stored | `${{ github.event.repository.default_branch }}` | -| `signature-location` | *Optional*: Signature file location | `.github/gradle-enterprise-tos.json` | -| `pr-comment-tos-approval-missing` | *Optional*: pull-request comment added when Terms of Service are not approved | `Please accept [Gradle Enterprise Terms Of Service]({0}) to get your pull-request Build Scan published by commenting this pull-request with the following message:` | -| `pr-comment-tos-approval-request` | *Optional*: pull-request comment to approve the Terms of Service | `I have read Gradle Enterprise Terms Of Service and I hereby accept the Terms` | -| `pr-comment-tos-approval-confirmation` | *Optional*: pull-request comment added when Terms of Service are approved | `All Contributors have accepted Gradle Enterprise Terms Of Service.` | -| `white-list` | *Optional*: CSV List of users not required to approve the Terms of Service | `''` | -| `github-token` | *Optional*: Github token | `${{ github.token }}` | +| Name | Description | Default | +|------------------------------------------|-------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| `tos-location` | Terms Of Service location (URL) | | +| `signature-branch` | *Optional*: Git branch where the signature file will be stored | `${{ github.event.repository.default_branch }}` | +| `signature-location` | *Optional*: Signature file location | `.github/gradle-enterprise-tos.json` | +| `pr-comment-tos-acceptance-missing` | *Optional*: pull-request comment added when Terms of Service are not accepted | `Please accept [Gradle Enterprise Terms Of Service]({0}) to get your pull-request Build Scan published by commenting this pull-request with the following message:` | +| `pr-comment-tos-acceptance-request` | *Optional*: pull-request comment to accept the Terms of Service | `I have read Gradle Enterprise Terms Of Service and I hereby accept the Terms` | +| `pr-comment-tos-acceptance-confirmation` | *Optional*: pull-request comment added when Terms of Service are accepted | `All Contributors have accepted Gradle Enterprise Terms Of Service.` | +| `white-list` | *Optional*: CSV List of users not required to accept the Terms of Service | `''` | +| `github-token` | *Optional*: Github token | `${{ github.token }}` | **Usage**: ```yaml -name: Gradle - Terms of Service approval verification +name: Gradle - Terms of Service acceptance verification on: # issue_comment event is triggered when a pull-request is commented @@ -43,7 +49,7 @@ on: pull_request_target: jobs: - check-terms-of-service-approval: + run-terms-of-service-acceptance: runs-on: ubuntu-latest permissions: # required to update signature file @@ -54,15 +60,15 @@ jobs: actions: write statuses: write steps: - - name: Gradle - Terms of Service approval verification - uses: gradle/github-actions/terms-of-service/verify@v1.0 + - name: Run Terms of Service acceptance verification + uses: gradle/github-actions/terms-of-service-acceptance/run@v1.0 with: # tos-location can also point to a file in a Github repository with this syntax: ///blob//tos.html tos-location: 'https://foo.bar/tos.html' # Optional inputs - #pr-comment-tos-approval-missing: 'Please accept [Gradle Enterprise Terms Of Service]({0}) to get your pull-request Build Scan published by commenting this pull-request with the following message:' - #pr-comment-tos-approval-request: 'I have read Gradle Enterprise Terms Of Service and I hereby accept the Terms' - #pr-comment-tos-approval-validation: 'All Contributors have accepted Gradle Enterprise Terms Of Service.' + #pr-comment-tos-acceptance-missing: 'Please accept [Gradle Enterprise Terms Of Service]({0}) to get your pull-request Build Scan published by commenting this pull-request with the following message:' + #pr-comment-tos-acceptance-request: 'I have read Gradle Enterprise Terms Of Service and I hereby accept the Terms' + #pr-comment-tos-acceptance-validation: 'All Contributors have accepted Gradle Enterprise Terms Of Service.' #signature-branch: 'main' #signature-location: '.github/gradle-enterprise-tos.json' #white-list: 'bot1,bot2' @@ -73,7 +79,6 @@ jobs: A Composite action to save an unpublished Maven Build Scan®. The action saves unpublished Build Scan® data as a workflow artifact with name `maven-build-scan-data`, which can then be published in a dependent workflow. -To simplify the Build Scan® publication process later on, a file containing the Gradle Enterprise Maven extension version(s) is saved as an additional workflow artifact with name `maven-build-scan-metadata`. Use this action in your existing pull-request workflows to allow Build Scan® to be published. Since these workflows are running in an untrusted context, they do not have access to the required secrets to publish the Build Scan® directly. @@ -108,36 +113,40 @@ Insert the `Save Build Scan` step after each Maven execution step in the Github A composite action to publish all Maven Build Scans® saved as workflow artifacts when validating a pull-request (by the `maven/build-scan/save` action). -This action is called from a new workflow with a `workflow_run` event trigger in order to run just after the existing pull-request workflow has completed. -This event allows access to the repository secrets (_Gradle Enterprise Access Key_) which is required to publish Build Scans® to Gradle Enterprise when authentication is enabled. +Use this action in a separate workflow with a `workflow_run` event trigger, that will run after an existing pull-request workflow has completed. The action will download any saved Build Scan® and publish it to Gradle Enterprise. +This event allows access to the repository secrets (_Gradle Enterprise Access Key_) which is required to publish a Build Scan® to Gradle Enterprise when authentication is enabled. -The Build Scan® publication requires the Gradle Terms of Service to be approved, this can be achieved by adding a workflow using the `terms-of-service/verify` action. -The `pull-request-check/verify` action is used to ensure this workflow passed successfully. +The Build Scan® publication requires the Gradle Terms of Service to be accepted, this can be achieved by adding a workflow using the `terms-of-service-acceptance/run` action. +The `terms-of-service-acceptance/verify` action is used to ensure this workflow passed successfully. `dawidd6/action-download-artifact` action is used to download Artifacts uploaded by a different workflow. **Dependencies**: - [dawidd6/action-download-artifact](https://github.com/marketplace/actions/download-workflow-artifact) +- [terms-of-service-acceptance/verify](./terms-of-service-acceptance/verify/action.yml) **Event Trigger**: - `workflow_run` +**Permissions**: +- `pull-requests: write`: to comment the pull-request + **Action inputs**: -| Name | Description | Default | -|---------------------------------------|----------------------------------------------------|---------| -| `gradle-enterprise-url` | Gradle Enterprise URL | | -| `gradle-enterprise-extension-version` | Gradle Enterprise Maven extension version | | -| `gradle-enterprise-access-key` | *Optional*: Gradle Enterprise access key | | -| `gradle-enterprise-allow-untrusted` | *Optional*: Gradle Enterprise allow-untrusted flag | `false` | +| Name | Description | Default | +|---------------------------------------|----------------------------------------------------|-----------------------| +| `gradle-enterprise-url` | Gradle Enterprise URL | | +| `gradle-enterprise-access-key` | *Optional*: Gradle Enterprise access key | | +| `gradle-enterprise-allow-untrusted` | *Optional*: Gradle Enterprise allow-untrusted flag | `false` | +| `github-token` | *Optional*: Github token | `${{ github.token }}` | **Usage**: _Note:_ Some parameters need to be adjusted here: - The workflow name (here `PR Check`) has to be adjusted to the `name` used in the workflow run to validate pull-requests -- The workflow-job-name (here `check-terms-of-service-approval`) has to be adjusted to the job `name` used in the workflow to verify the Terms of Service approval. +- The workflow-job-name (here `run-terms-of-service-acceptance`) has to be adjusted to the job `name` used in the workflow to verify the Terms of Service approval. - The Gradle Enterprise URL (here `https://`) - The secret name holding the Gradle Enterprise access key (here ``) @@ -151,35 +160,18 @@ on: jobs: - verify-terms-of-service-approval: + publish-build-scans: runs-on: ubuntu-latest + permissions: + pull-requests: write steps: - - name: Verify check terms of service approval job passed - uses: gradle/github-actions/pull-request-check/verify@v1.0 + - name: Verify Terms of Service acceptance job passed + uses: gradle/github-actions/terms-of-service-acceptance/verify@v1.0 with: - workflow-job-name: 'check-terms-of-service-approval' - - load-metadata: - runs-on: ubuntu-latest - needs: verify-terms-of-service-approval - outputs: - extension-versions: ${{ steps.load.outputs.extension-versions }} - steps: - - name: Load Gradle Enterprise extension versions to publish Build Scans for - id: load - uses: gradle/github-actions/maven/build-scan/load-metadata@v1.0 - - publish-build-scan: - runs-on: ubuntu-latest - needs: load-metadata - strategy: - matrix: - version: ${{ fromJson(needs.load-metadata.outputs.extension-versions) }} - steps: + terms-of-service-acceptance-workflow-job-name: 'run-terms-of-service-acceptance' - name: Publish Maven Build Scans uses: gradle/github-actions/maven/build-scan/publish@v1.0 with: gradle-enterprise-url: 'https://' - gradle-enterprise-extension-version: ${{ matrix.version }} gradle-enterprise-access-key: ${{ secrets. }} ``` diff --git a/maven/build-scan/load-metadata/action.yml b/maven/build-scan/load-metadata/action.yml deleted file mode 100644 index a5da469e..00000000 --- a/maven/build-scan/load-metadata/action.yml +++ /dev/null @@ -1,32 +0,0 @@ -name: Collect Gradle Enterprise extension versions from Build Metadata -description: Collect Gradle Enterprise extension versions from Build Metadata - -outputs: - extension-versions: - description: 'Array of Gradle Enterprise Maven Extension versions to publish Build Scans for' - value: ${{ steps.collect-versions.outputs.VERSIONS }} - -runs: - using: 'composite' - steps: - - name: Download Build Scan metadata - uses: dawidd6/action-download-artifact@v2 - env: - METADATA_ARTIFACT_NAME: 'maven-build-scan-metadata' - with: - run_id: ${{ github.event.workflow_run.id }} - name: ${{ env.METADATA_ARTIFACT_NAME }} - path: ${{ env.METADATA_ARTIFACT_NAME }} - - name: Collect Gradle Enterprise extension versions - env: - METADATA_ARTIFACT_NAME: 'maven-build-scan-metadata' - METADATA_FILE_NAME: 'ge-extension-versions.txt' - id: collect-versions - run: | - # concatenate all metadata files in one single file - find ${{ env.METADATA_ARTIFACT_NAME }}/ -type f -name '*-${{ env.METADATA_FILE_NAME }}' -exec cat {} \; > ${{ env.METADATA_FILE_NAME }} - # create json array from unified file - VERSIONS=$(jq -R -s -c 'split("\n") | unique | map(select(length > 0))' < ${{ env.METADATA_FILE_NAME }}) - # add as output - echo "VERSIONS=$VERSIONS" >> $GITHUB_OUTPUT - shell: bash diff --git a/maven/build-scan/publish/action.yml b/maven/build-scan/publish/action.yml index b3f676ba..ad595653 100644 --- a/maven/build-scan/publish/action.yml +++ b/maven/build-scan/publish/action.yml @@ -8,12 +8,16 @@ inputs: gradle-enterprise-access-key: description: 'Gradle Enterprise access key' required: false - gradle-enterprise-extension-version: - description: 'Gradle Enterprise extension version' - required: true gradle-enterprise-allow-untrusted: description: 'Gradle Enterprise allow-untrusted flag' default: 'false' + pull-request-number: + description: 'Pull-request number' + required: true + github-token: + description: 'The token used for Github API requests' + default: ${{ github.token }} + required: false runs: using: 'composite' @@ -34,6 +38,36 @@ runs: mkdir -p ${{ env.BUILD_SCAN_DIR }} cp -r ${{ env.ARTIFACT_NAME }}/* ${{ env.BUILD_SCAN_DIR }} shell: bash + - name: Collect extension version(s) + id: init + env: + BUILD_SCAN_DIR: '~/.m2/.gradle-enterprise/build-scan-data/' + run: | + versions="" + if [ -d ${{ env.BUILD_SCAN_DIR }} ]; then + scans=$(find ${{ env.BUILD_SCAN_DIR }} -type f -name "scan.scan") + for scan in ${scans}; do + # assuming directory name is ${{ env.BUILD_SCAN_DIR }}//previous//scan.scan + currentVersion=$(basename ${scan%/previous/*}) + + # check current version is not yet collected and matches a version pattern + if [[ ! "${versions}" =~ .*"${currentVersion} ".* ]] && [[ "${currentVersion}" =~ ^[0-9]+(\.[0-9]+)*$ ]]; then + versions+="${currentVersion} " + else + echo "skipping ${currentVersion}" + fi + done + fi + echo "versions=$versions" >> $GITHUB_OUTPUT + shell: bash + - name: Collect pull-request number + id: pr + env: + BUILD_SCAN_DIR: '~/.m2/.gradle-enterprise/build-scan-data/' + run: | + source $(find ${{ env.BUILD_SCAN_DIR }} -type f -name "pr-number.properties") + echo "PR_NUMBER=$PR_NUMBER" >> $GITHUB_OUTPUT + shell: bash - name: Create Maven Project Structure env: PROJECT_DIR: 'maven-build-scan-publisher' @@ -50,13 +84,13 @@ runs: EOF - cat > ${{ env.PROJECT_DIR }}/.mvn/extensions.xml << EOF + cat > ${{ env.PROJECT_DIR }}/.mvn/extensions.xml.template << EOF com.gradle gradle-enterprise-maven-extension - ${{ inputs.gradle-enterprise-extension-version }} + REPLACE_ME EOF @@ -83,12 +117,60 @@ runs: GRADLE_ENTERPRISE_ACCESS_KEY: ${{ inputs.gradle-enterprise-access-key }} PROJECT_DIR: 'maven-build-scan-publisher' working-directory: ${{ env.PROJECT_DIR }} + id: publish run: | set +e - NB_SCANS=$(find ${{ env.BUILD_SCAN_DIR }}${{ inputs.gradle-enterprise-extension-version }} -type f -name "scan.scan" | wc -l) - for ((i=1; i <= $NB_SCANS; i++)) - do - echo "BUILD SCAN PUBLICATION $i/$NB_SCANS" - mvn gradle-enterprise:build-scan-publish-previous + scanLinks="" + + # iterate over extension versions + for version in ${{ steps.init.outputs.versions }}; do + echo "Processing extension version ${version}" + + # set current version in project + sed "s/REPLACE_ME/${version}/g" .mvn/extensions.xml.template > .mvn/extensions.xml + + # iterate over build scans + nbScans=$(find ${{ env.BUILD_SCAN_DIR }}${version} -type f -name "scan.scan" | wc -l) + for ((i=1; i <= $nbScans; i++)) + do + echo "Publishing Build Scan (version ${version}) ${i}/${nbScans}" + + # publish build scan + mvn gradle-enterprise:build-scan-publish-previous | tee build.out + + # collect build scan link + scanLink=$(grep -A1 "Publishing build scan..." build.out | tail -n 1 | sed 's/\[INFO\] //') + if [[ ! -z "$scanLink" ]] + then + scanLinks="${scanLinks},[Link $i]($scanLink)" + fi + done done + echo "SCAN_LINKS=$scanLinks" >> $GITHUB_OUTPUT shell: bash + - name: Comment pull-request with Build Scan links + uses: actions/github-script@v6 + env: + PR: ${{ steps.pr.outputs.PR_NUMBER }} + SCAN_LINKS: ${{ steps.publish.outputs.SCAN_LINKS }} + EXTENSION_VERSION: ${{ inputs.gradle-enterprise-extension-version }} + with: + github-token: ${{ inputs.github-token }} + script: | + const prNumber = Number(process.env.PR); + const scanLinks = process.env.SCAN_LINKS; + const extensionVersion = process.env.EXTENSION_VERSION; + + if(scanLinks.length > 0) { + const comment = `#### Explore the Build Scan(s): + ${scanLinks.replace(/,/g,'\n')} + + ###### Generated by gradle/github-actions/maven/build-scan/publish`; + + github.rest.issues.createComment({ + issue_number: prNumber, + owner: context.repo.owner, + repo: context.repo.repo, + body: comment + }); + } diff --git a/maven/build-scan/save/action.yml b/maven/build-scan/save/action.yml index b719f7ad..45be082b 100644 --- a/maven/build-scan/save/action.yml +++ b/maven/build-scan/save/action.yml @@ -4,26 +4,11 @@ description: Save Maven Build Scan runs: using: composite steps: - - name: Generate UUID - id: generate-uuid + - name: Dump pull-request number run: | - # create a unique file name to avoid issues with actions/upload-artifact if this composite action is called multiple times - echo "UUID=$(cat /proc/sys/kernel/random/uuid)" >> "$GITHUB_OUTPUT" + SCAN_DIR=$(find ~/.m2/.gradle-enterprise/build-scan-data -type f -name "scan.scan" -exec dirname {} \; -quit) + echo "PR_NUMBER=${{ github.event.number }}" > ${SCAN_DIR}/pr-number.properties shell: bash - - name: Dump Gradle Enterprise extension versions in file - env: - BUILD_SCAN_DIR: '~/.m2/.gradle-enterprise/build-scan-data/' - run: | - if [ -d ${{ env.BUILD_SCAN_DIR }} ]; then - find ${{ env.BUILD_SCAN_DIR }} -type d -name "*.*" -maxdepth 1 -mindepth 1 -exec basename {} \; > ${{ steps.generate-uuid.outputs.UUID }}-ge-extension-versions.txt - fi - shell: bash - - name: Upload Build Scan metadata as workflow Artifact - uses: actions/upload-artifact@v3 - with: - name: 'maven-build-scan-metadata' - path: '*-ge-extension-versions.txt' - retention-days: 1 - name: Upload Build Scan as workflow Artifact uses: actions/upload-artifact@v3 with: diff --git a/terms-of-service/verify/action.yml b/terms-of-service-acceptance/run/action.yml similarity index 65% rename from terms-of-service/verify/action.yml rename to terms-of-service-acceptance/run/action.yml index aa43eb7a..b36eeaf5 100644 --- a/terms-of-service/verify/action.yml +++ b/terms-of-service-acceptance/run/action.yml @@ -1,18 +1,18 @@ -name: Verify Gradle Terms of Service approval -description: Verify Gradle Terms of Service approval +name: Run Terms of Service acceptance +description: Run Terms of Service acceptance inputs: tos-location: description: 'Terms of Service location as an URL (https://foo.com/tos.html) or a Github repository file (///blob//tos.html)' required: true - pr-comment-tos-approval-missing: - description: 'pull-request comment added when Terms of Service are not approved ({0} in the value will be replaced by tos-location input)' + pr-comment-tos-acceptance-missing: + description: 'pull-request comment added when Terms of Service are not accepted ({0} in the value will be replaced by tos-location input)' default: 'Please accept [Gradle Enterprise Terms of Service]({0}) to get your pull-request Build Scan published by commenting this pull-request with the following message:' - pr-comment-tos-approval-request: - description: 'pull-request comment to approve the Terms of Service' + pr-comment-tos-acceptance-request: + description: 'pull-request comment to accept the Terms of Service' default: 'I have read Gradle Enterprise Terms of Service and I hereby accept the Terms' - pr-comment-tos-approval-validation: - description: 'pull-request comment added when Terms of Service are approved' + pr-comment-tos-acceptance-validation: + description: 'pull-request comment added when Terms of Service are accepted' default: 'All Contributors have accepted Gradle Enterprise Terms of Service.' signature-branch: description: 'Git branch where the signature file will be stored' @@ -21,7 +21,7 @@ inputs: description: 'Signature file location' default: '.github/gradle-enterprise-tos.json' white-list: - description: 'CSV List of users not required to approve the Terms of Service' + description: 'CSV List of users not required to accept the Terms of Service' default: '' github-token: description: 'The token used for Github API requests' @@ -31,15 +31,15 @@ inputs: runs: using: 'composite' steps: - - name: Verify Gradle Terms of Service approval - if: (github.event.comment.body == 'recheck' || github.event.comment.body == ${{ inputs.pr-comment-tos-approval-request }}) || github.event_name == 'pull_request_target' || github.event_name == 'pull_request' + - name: Run Terms of Service acceptance + if: (github.event.comment.body == 'recheck' || github.event.comment.body == ${{ inputs.pr-comment-tos-acceptance-request }}) || github.event_name == 'pull_request_target' || github.event_name == 'pull_request' uses: contributor-assistant/github-action@v2.3.0 env: GITHUB_TOKEN: ${{ inputs.github-token }} with: - custom-notsigned-prcomment: ${{ format(inputs.pr-comment-tos-approval-missing, inputs.tos-location )}} - custom-pr-sign-comment: ${{ inputs.pr-comment-tos-approval-request }} - custom-allsigned-prcomment: ${{ inputs.pr-comment-tos-approval-validation }} + custom-notsigned-prcomment: ${{ format(inputs.pr-comment-tos-acceptance-missing, inputs.tos-location )}} + custom-pr-sign-comment: ${{ inputs.pr-comment-tos-acceptance-request }} + custom-allsigned-prcomment: ${{ inputs.pr-comment-tos-acceptance-validation }} branch: ${{ inputs.signature-branch }} path-to-signatures: ${{ inputs.signature-location }} allowlist: ${{ inputs.white-list }} diff --git a/pull-request-check/verify/action.yml b/terms-of-service-acceptance/verify/action.yml similarity index 61% rename from pull-request-check/verify/action.yml rename to terms-of-service-acceptance/verify/action.yml index ff8a6d07..b2f78fd2 100644 --- a/pull-request-check/verify/action.yml +++ b/terms-of-service-acceptance/verify/action.yml @@ -1,9 +1,9 @@ -name: Verify pull-request check -description: Verify pull-request check +name: Verify Terms of Service acceptance +description: Verify Terms of Service acceptance inputs: - workflow-job-name: - description: 'Workflow job name to verify' + terms-of-service-acceptance-workflow-job-name: + description: 'Workflow job name run to ' required: true github-token: description: 'The token used for Github API requests' @@ -13,7 +13,7 @@ inputs: runs: using: 'composite' steps: - - name: Verify pull-request check + - name: Verify Terms of Service acceptance uses: actions/github-script@v6 env: sha: ${{ github.event.workflow_run.head_sha }} @@ -29,13 +29,13 @@ runs: for await (const cr of checkRuns) { // check only last execution of the workflow console.log('Checking execution of ' + cr.name); - if(cr.name == '${{ inputs.workflow-job-name }}') { - console.log('Found execution of ${{ inputs.workflow-job-name }} at ' + cr.completed_at); + if(cr.name == '${{ inputs.terms-of-service-acceptance-workflow-job-name }}') { + console.log('Found execution of ${{ inputs.terms-of-service-acceptance-workflow-job-name }} at ' + cr.completed_at); if(cr.conclusion == 'success') { return; } else { - throw new Error('Found failed execution of ${{ inputs.workflow-job-name }} at ' + cr.completed_at); + throw new Error('Found failed execution of ${{ inputs.terms-of-service-acceptance-workflow-job-name }} at ' + cr.completed_at); } } } - throw new Error('No execution found for ${{ inputs.workflow-job-name }}'); + throw new Error('No execution found for ${{ inputs.terms-of-service-acceptance-workflow-job-name }}');