Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Replace 3rd party workflow actions with Github API to access labels and PR body #1924

Merged
merged 25 commits into from
Jan 3, 2025
Merged

Replace 3rd party workflow actions with Github API to access labels and PR body #1924

merged 25 commits into from
Jan 3, 2025

Conversation

atmamont
Copy link
Contributor

@atmamont atmamont commented Dec 18, 2024
edited
Loading

Summary

Problem

External PRs from forks do not have access to Github token so none of external actions could be run successfully.

Options

  1. Expand access level by using different even (pull_request to pull_request_target). Documentation says labels and comments are perfect cases for such expansion but thinking security first I decided do explore other options.
  2. Using Github API and removing 3rd party actions requiring Github token. Using Github javascript-like API to post comments.

Solution

Option 1 was chosen as I didn't manage to get option 2 working, it failed for the "post comment" section.

Ticket

COIOS-000

Manual tests

  • Fails if no labels are set
  • Fails if any of release-related labels are set with no matching XML in PR body
  • Comments if job fails
  • Removes comment if job suceeds
  • Does not interfere with other Github Bot comments
  • All of the above triggered from a fork (an example PR)

Test release notes

This is a changed text wrapped in XML tag

goergisn
goergisn previously approved these changes Dec 18, 2024
View reviewed changes
@atmamont atmamont added the chore a pull request that has chore changes that shouldn't be in the release notes label Dec 18, 2024
@atmamont atmamont added fixed a pull request that fixes a bug and removed chore a pull request that has chore changes that shouldn't be in the release notes labels Dec 18, 2024
@Adyen Adyen deleted a comment from github-actions bot Dec 18, 2024
@atmamont atmamont added chore a pull request that has chore changes that shouldn't be in the release notes and removed fixed a pull request that fixes a bug labels Dec 18, 2024
@Adyen Adyen deleted a comment from github-actions bot Dec 18, 2024
@Adyen Adyen deleted a comment from github-actions bot Dec 18, 2024
@Adyen Adyen deleted a comment from github-actions bot Dec 18, 2024
@atmamont atmamont added changed a pull request that changed some thing and removed chore a pull request that has chore changes that shouldn't be in the release notes labels Dec 18, 2024
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Dec 18, 2024
edited
Loading

${commentIdentifier}
${process.env.ERROR_MESSAGE}

@atmamont atmamont force-pushed the make-label-release-notes-workflow-fork-friendly branch from cbe4dec to abf81a2 Compare December 18, 2024 16:58
@atmamont atmamont added changed a pull request that changed some thing and removed changed a pull request that changed some thing labels Dec 18, 2024
@atmamont atmamont changed the title Replacing 3rd party actions with Github API to read labels and body Replace 3rd party workflow actions with Github API to access labels and PR body Dec 19, 2024
@atmamont atmamont changed the title Replace 3rd party workflow actions with Github API to access labels and PR body PoC: Replace 3rd party workflow actions with Github API to access labels and PR body Dec 19, 2024
@github-actions GitHub Actions
Copy link
Contributor

✅ No changes detected

Comparing make-label-release-notes-workflow-fork-friendly to develop

Analyzed targets: Adyen, AdyenActions, AdyenCard, AdyenCashAppPay, AdyenComponents, AdyenDelegatedAuthentication, AdyenEncryption, AdyenSession, AdyenSwiftUI, AdyenTwint, AdyenWeChatPay

@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@atmamont atmamont marked this pull request as ready for review December 30, 2024 08:40
@atmamont atmamont changed the title PoC: Replace 3rd party workflow actions with Github API to access labels and PR body Replace 3rd party workflow actions with Github API to access labels and PR body Dec 30, 2024
@atmamont atmamont removed the changed a pull request that changed some thing label Dec 30, 2024
@atmamont atmamont added the chore a pull request that has chore changes that shouldn't be in the release notes label Jan 2, 2025
@atmamont atmamont merged commit 43f91f4 into develop Jan 3, 2025
23 of 24 checks passed
@atmamont atmamont deleted the make-label-release-notes-workflow-fork-friendly branch January 3, 2025 11:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nauaros nauaros nauaros approved these changes

@erenbesel erenbesel erenbesel approved these changes

@goergisn goergisn goergisn approved these changes

Assignees
No one assigned
Labels
chore a pull request that has chore changes that shouldn't be in the release notes
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@atmamont @goergisn @erenbesel @nauaros